You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by Bo Friis <bo...@get2net.dk> on 2004/10/31 04:25:00 UTC

adding support for pluggable authenticators (HTTP) (adding support for SPNEGO/Kerberos)

Hi dev,

Im interested in support for pluggable authenticators. I have at least
one possible two types of authenticators i would like to be able to
plugin. One is SPNEGO (Kerberos over HTTP). This is supported by IE,
FireFox and Mozilla.

SPNEGO scheme requires a challenge-response scheme like the
Digest/Basic where the server must send a 401 back to the browser.

As I see it and correct me if im wrong, its not possible to plugin
custom authenticators and im not sure where to add this but I have
some suggestions.

WebApplicationContext.initLoginConfig() instansiates the authenticator
based on the web app deployment descriptor. I would prefer to have the
ability to extend this list of authenticators, alternatively the
ability to replace one of the standard authenticators.


/Bo
http://appliedcrypto.com