Questions tagged [spnego]
Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO) is a GSSAPI "pseudo mechanism" used by client-server software to negotiate the choice of security technology. SPNEGO is used when a client application wants to authenticate to a remote server, but neither end is sure what authentication protocols the other supports.
3
questions
1
vote
0
answers
69
views
SPNEGO-based Kerberos authentication: Should I create a new security context using `gss_init_sec_context` for every request?
I'm implementing SPNEGO-based Kerberos authentication for a Linux client application for authenticating requests to a Windows IIS server.
I've read RFC4559, which describes how authentication should ...
- 1,267
0
votes
2
answers
2k
views
How to prevent CSRF attacks on a REST API when using Windows Authentication
I have a Angular web app that interacts with a REST-API. Requests are authenticated with a JWT Bearer token. I now want to add support for Windows-Authentication.
My current plan is to add a POST-...
1
vote
1
answer
217
views
Is there any existing attempted implementation of GSS-API/SPNEGO/GSS-SPNEGO for anything other than Kerberos / NTLM?
I'm aware that SPNEGO is de-facto only used in the wild for Kerberos or NTLM. Is there any research / academic / educational example on how it can be also used for other mechanisms as well?
- 931