File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Question about SPNEGO security
Joined: Jun 23, 2011
Sep 06, 2011 08:54:06
I've recently implemented this for auth against company's Active Directory.
None of the webapp contents is behind SSL though; when you enter the webapp address, a login dialog just pops up.
Is SPNEGO, and any other single sign-on stuff(like WAFFLE, for example) secure? Or the https implementation has to be done on
separately to ensure secure connection?
Thanks in advance.
It is sorta covered in the
JavaRanch Style Guide
subject: Question about SPNEGO security
single signon with java GSS-API kerberos/SPNEGO
Disable SPNEGO login on JBOSS
SSO using SPNEGO in JBOSS 4.2.2
Secure authentication using SPNEGO and JGSS
Tomcat: Valve with SPNEGO-Authentication
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2015