I have developed a google app engine application which supports integrated windows authentication using JAAS.
For enabling integrated authentication on Mozilla firefox i have made following configuration
network.negotiate-auth.trusted-uris = domain of the trusted uri
network.negotiate-auth.allow-non-fqdn = false
network.negotiate-auth.allow-proxies = true
network.negotiate-auth.using-native-gsslib = true.
My application doesnt support ntlm so havent made any configuration related to that.
Everything works fine locally. I mean the browser is able to get kerberos service token and send it to my application.
But when I deployed in google app engine. Then browser unable to send kerberos token. I always got NTLM token.
Below is the flow 1. I hit the trusted url from mozilla browser from local network. 2. My application challenges browser for service token with 401 Negotiate challenge 3. Browser tries to get service token. 4. I observed that it sends NTLM token.
I want to know why the browser is sending NTLM token to app engine and how should I handle such scenario ?
