A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Question about SPNEGO security
Joined: Jun 23, 2011
Sep 06, 2011 08:54:06
I've recently implemented this for auth against company's Active Directory.
None of the webapp contents is behind SSL though; when you enter the webapp address, a login dialog just pops up.
Is SPNEGO, and any other single sign-on stuff(like WAFFLE, for example) secure? Or the https implementation has to be done on
separately to ensure secure connection?
Thanks in advance.
I agree. Here's the link:
subject: Question about SPNEGO security
single signon with java GSS-API kerberos/SPNEGO
Disable SPNEGO login on JBOSS
SSO using SPNEGO in JBOSS 4.2.2
Secure authentication using SPNEGO and JGSS
Tomcat: Valve with SPNEGO-Authentication
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014