Posts

Showing posts from November, 2011

Why JAVA 1.6 HTTP client can authenticate (using SPNEGO) only against certain WebLogic versions?

JAVA 1.6 HTTP client's inherits support for SPNEGO via Java GSS. This is listed at:     http://docs.oracle.com/javase/6/docs/technotes/guides/security/jgss/jgss-features.html From WebLogic side, the answer(to the question why JAVA HTTP client only works with certianin versions) lies in simple test that is carried out using "supported" browser and JAVA fat client against same version of WebLogic and then analyzing the network dumps. Network dumps show: For JAVA fat client(not working against WebLogic 10.3.3) GSS-API Generic Security Service Application Program Interface               OID: 1.3.6.1.5.5.2 (SPNEGO - Simple Protected Negotiation)               Simple Protected Negotiation                               negTokenInit                                               mechTypes: 1 item                                                  MechType: 1.2.840.113554.1.2.2 (KRB5 - Kerberos 5) For browser (working  against WebLogic 10.3.3) GSS-API Generic Securit