my dog learned polymorphism*
The moose likes Servlets and the fly likes Question about SPNEGO security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Question about SPNEGO security" Watch "Question about SPNEGO security" New topic
Author

Question about SPNEGO security

Jim Barkley
Greenhorn

Joined: Jun 23, 2011
Posts: 12
http://spnego.sourceforge.net/

I've recently implemented this for auth against company's Active Directory.


None of the webapp contents is behind SSL though; when you enter the webapp address, a login dialog just pops up.


Is SPNEGO, and any other single sign-on stuff(like WAFFLE, for example) secure? Or the https implementation has to be done on Tomcat separately to ensure secure connection?


Thanks in advance.
 
Consider Paul's rocket mass heater.
 
subject: Question about SPNEGO security
 
Similar Threads
SSO using SPNEGO in JBOSS 4.2.2
Secure authentication using SPNEGO and JGSS
single signon with java GSS-API kerberos/SPNEGO
Disable SPNEGO login on JBOSS
Tomcat: Valve with SPNEGO-Authentication