[jetty-users] How to support both client-auth and Kerberos from the same

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jetty-users] How to support both client-auth and Kerberos from the same HTTPS servlet?

From: Wenlong Dong <wdong87@xxxxxxxxx>
Date: Sun, 4 Jan 2015 00:10:26 -0800
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

Hi, what is the best way to support both client-cert based authentication and Kerberos over HTTPS in Java please? I figured how to do so for either. For client-cert, it's transport layer auth and the server-side would call setWantClientAuth(true). For Kerberos (SPNEGO), I can use an HTTP Authorization header to flow the token. The client can choose any scheme to talk to the HTTPS service. Is there a standard way to do so? Does it make sense to use WWW-Authenticate HTTP header to challenge the client to use either of the two schemes? Thanks!

Prev by Date: [jetty-users] How to configure client certificate for mutual SSL auth with Jetty?
Next by Date: Re: [jetty-users] How to configure client certificate for mutual SSL auth with Jetty?
Previous by thread: [jetty-users] How to configure client certificate for mutual SSL auth with Jetty?
Next by thread: [jetty-users] Embedded Jetty 9 handle one request at a time [expect to handle more]
Index(es):
- Date
- Thread

Breadcrumbs