Java 6 SPNEGO Kerberos

0
votes

I have a server that hosts several java applets, and I want to force authentication to get to them. Right now I have NTLM enabled and it works. When I disable NTLM and enable Negotiate (SPNEGO), Java 6 client will get stuck at "Server returned HTTP response code: 401", and the applet will not start. I tried using Java 7 and it will work.

I'm forced to use Java 6, because the applets are not designed for Java 7. Do I have to do anything to enable Kerberos authentication on Java 6?

Thanks

1
appletkerberosntlmjava-6spnego
you need to get more information. get the stacktrace of the offending class (class where exception is thrown)Arunav Sanyal
please check spnego.sourceforge.netKarthikeyan Vaithilingam

1 Answers

0
votes

This is because the HTTP client in Java needs to read some Kerberos settings (realm name, KDC host name) to work. In JDK 6, you must provide them with a krb5.conf file, and in JDK 7, Java is able to gather the info through environment variables.

If your applets are signed and have full permissions, you can assign the realm/KDC info to system properties java.security.krb5.realm and java.security.krb5.kdc and then run the HTTP client. Hope it works.