Stack Overflow
Stack Overflow

Questions tagged [spnego]

SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) is a GSSAPI "pseudo mechanism" that is used to negotiate one of a number of possible real mechanisms.

SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) is used when a client application wants to authenticate to a remote server, but neither end is sure what authentication protocols the other supports. It is a GSSAPI "pseudo mechanism" which is used to negotiate one of a number of possible real mechanisms.

SPNEGO

It is defined in RFC 4178.

Source: SPNEGO on Wikipedia

361 questions
5
votes
0 answers

PHP SOAP Request against Service using SPNEGO

I am trying to access a SOAP WebService using PHP. The service is a windows service which is installed and configured on-site of the customer. The server I am connecting to is configurable to accept two different authentication modes. NTLM or…
Hemisphera
  • 816
  • 6
  • 23
5
votes
1 answer

spnego implementation issue - error parsing http request header

I'm implementing spnego sso authentication on a Linux tomcat 7.0 installation and following the example at: http://spnego.sourceforge.net/index.html fairly well. I passed the pre-flight checklist with flying colors and actually have it working with…
Justin
  • 2,559
  • 3
  • 27
  • 33
5
votes
4 answers

Why does IE not send the Kerberos ticket information to my JBoss on Linux?

I'm trying to implement SSO using a Windows client and JBoss. Own my development PC, JBoss runs on Windows 7, on the development server, it runs on (Red Hat) Linux. There's a JBoss Negotiation Toolkit which allows me to check whether the Negiation…
eerriicc
  • 1,124
  • 4
  • 17
  • 29
5
votes
0 answers

setting SPNEGO credentials in Jersey client

I have some REST services created using Jersey which use SPENGO for authentication. I am creating acceptance tests using the Jersey client. I am wondering how to use the Jersey client to set the SPENGO headers. I looked into filters but don't…
badgerduke
  • 1,013
  • 5
  • 16
  • 28
5
votes
2 answers

BadCredentialsException: Kerberos validation not succesfull

I would like to perform authentification with SPNEGO. I use: spring-core-3.1.0.RELEASE.jar spring-security-core-3.1.0.RELEASE.jar spring-security-kerberos-core-1.0.0.M2.jar package codec from spring core security 3.0.7…
dpolaczanski
  • 386
  • 1
  • 3
  • 18
5
votes
1 answer

Why does a browser in a different domain not respond at all to "WWW Authenticate : Negotiate" header sent by mod_auth_kerb?

I have implemented SSO through mod_auth_kerb in our apache-active directory environment and it works just as expected. However the following knowledge is bugging me : I requested a Kerberos protected page from two client machines, one user belonged…
Anuj
  • 78
  • 1
  • 8
5
votes
1 answer

Choosing Kerberos (SPNEGO) Java library for web application single sign-on

I'm currently working on implementing enterprise authentication mechanisms in our Java web-application, including single sign-on. Windows networks are what we primary target at, and Kerberos sounds a reasonable choice. Sidenote: as far as I…
Art Licis
  • 3,619
  • 1
  • 29
  • 49
5
votes
3 answers

Optional SPNEGO Kerberos authentication

Is it possible to do optional kerberos authentication? What I want is: if the client (browser) is not on the domain it is redirected to a username/password web login. Otherwise it will do SPNEGO do Kerberos authentication. If I just send the…
Sindri Traustason
  • 5,445
  • 6
  • 48
  • 66
4
votes
0 answers

Firefox not showing auth pop-up during www-authenticate negotiate

I have java app that authenticates users based on kerberos WWW-Authenticate Negotiate through browser. All Chromium-based ones behaves identically — sends NTLM ticket which is not supported in the app, gets 401 Unauthorized back, prompts for…
showgazer
  • 91
  • 1
  • 1
  • 5
4
votes
1 answer

FORM authentication fallback in Wildfly 11

I currently have a working SPNEGO-configuration to login with a kerberos ticket. Now I want to fallback to FORM-based authentication using j_security_check and authenticate username/password against AD/LDAP. If I set…
sinclair
  • 2,812
  • 4
  • 24
  • 53
4
votes
1 answer

Accessing a SPNEGO authenticated webservice from C#

We have a web service that serves data over HTTP and authenticates users via SPNEGO (and single sign-on). We want to write a C# client for this web service. Is there any standard/provided way in .NET of generating the necessary token? Extensive…
Sunil Shah
  • 41
  • 3
4
votes
1 answer

Why would WinInet fail to authenticate automatically via Negotiate when connecting by FQDN, but succeed if connecting by IP?

Having a strange issue where WinInet is failing to authenticate using users current credentials if I connect to an internal service by name, but not if I connect by IP. In one of our environments, which sits in its own domain, DOM1, our client can…
bpeikes
  • 3,495
  • 9
  • 42
  • 80
4
votes
1 answer

SPNEGO Authentication Works from a Custom Java Client, but NOT from a Web Browser

I am having problems authenticating via SPNEGO from a Web Browser (Internet Explorer 11) to a Web Service offered by a custom Java Application Server. I can successfully authenticate using SPNEGO to the same Application Server using a custom Java…
FlyingSheep
  • 804
  • 1
  • 9
  • 20
4
votes
1 answer

Browsers keeps sending NTLM token instead of Kerberos - How to solve it?

I can't seem to correctly configure the system and have the browser send a kerberos ticket to the web-server. Instead, a NTLM token is sent. Q: How can I solve this? All details and configurations are listed below. Infrastructure: I have three…
payloc91
  • 3,724
  • 1
  • 17
  • 45
4
votes
1 answer

Kerberos authorization doesn't work on Chrome and FireFox, but works on IE

I follow this guide to integrate cas with Windows AD. It works fine on every browser few days ago. But not it only works on IE, when I use firefox browser only send "Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==" to server, then…
zhufeizzz
  • 197
  • 2
  • 3
  • 16
1 2
3
24 25