Compatibility between SSPI and JGSS

[Torrey Searle]

I am trying write a java server that is compatible with a windows
application written to sspi on windows. (with kerberos)

However, I have been observing several strange things.  First of all
acceptSecContext() returns a 0 length byte array instead of null.  Is this
normal?

More seriously, it seems that if the inital context sent by the windows
client only has the Integrity flag marked (no replay detection, no sequence
detection, no confidentiality).  Then any singed messages the server sends
to the client results in a message out of sequence error on the client.

Does anybody know why this is and how I can fix it?

Torrey