Web auth

Luke Howard lukeh at PADL.COM
Fri Apr 11 22:34:10 EDT 2003

If the machine on which the web browser is running is joined to a
domain, you can do SPNEGO HTTP authentication (providing both the
browser and server support it, of course). See:


Also, in Windows 2003, there is support for "protocol transitions"
that allow services to acquire Kerberos credentials on behalf of
a user without requiring initial authentication. It will be 
interesting to see whether Microsoft document these extensions...

-- Luke

Luke Howard | PADL Software Pty Ltd | www.padl.com

More information about the Kerberos mailing list