• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Question about SPNEGO security

 
Jim Barkley
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
http://spnego.sourceforge.net/

I've recently implemented this for auth against company's Active Directory.


None of the webapp contents is behind SSL though; when you enter the webapp address, a login dialog just pops up.


Is SPNEGO, and any other single sign-on stuff(like WAFFLE, for example) secure? Or the https implementation has to be done on Tomcat separately to ensure secure connection?


Thanks in advance.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic