i am trying to implement SPNEGO in web application since the IE is supporting SPNEGO . Client is the IE and the server code written in java. basic things are working. now i have doubt of where this mutual authentication and DES encryption comes in this scenario... pls anybody..help me in this..
thank u
Mutual authentication can be requested before establishing the security context.
An encryption type must be chosen for communication. In old versions of JRE, only DES is supported, so you must config Windows Active Directory to create DES keys for users. The latest JRE updates (from 1.4.2 to 6) already support RC4 which is the default encryption algorithm in Windows.
As for HTTP/SPNEGO, these info may help you
Client is built into JRE:
http://java.sun.com/javase/6/docs/technotes/guides/net/http-auth.html
Server:
http://gregluck.com/blog/archives/2007/04/spnego_for_glas.html
