...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
... <jaxws:client> <jaxws:properties> <entry key="auth.spnego.useKerberosOid" value="true"/> </jaxws:properties> </jaxws:client> ... |
Credential Delegation
Please set an "auth.spnego.requireCredDelegation" property to "true" if you need to enable the credential delegation. Note that setting this property will let the receiving service implement the credential delegation.
If the Kerberos credential is already available in the service request context then one can make this credential available to Spnego/Kerberos authentication handler by setting it on the current CXF message, using an 'org.ietf.jgss.GSSCredential' key.
This can be done before a client invocation is made, by setting a client request context property, or by extending 'org.apache.cxf.transport.http.auth.AbstractSpnegoAuthSupplier'.
NTLM Authentication
CXF doesn't support NTLM authentication "out of the box" on Java 5, but with some additional libraries and configuration, the standard HttpURLConnection objects that we use can do the NTLM authentication. On Java 6, NTLM authentication is built into the Java runtime and you don't need to do anything special.
...