Hi Roman,
Here is my experimental SPNEGO Filter:
http://git.kato.mvc.mcc.ac.uk/bruno/spnegofilter.git/
It provides a Negotiate and a Basic challenge at the same time.
It works at least for small tests, but it's definitely not ready for
production usage. I haven't used much of the existing Guards and related
classes; I haven't looked deeply into what would need to be changed for
this particular filter yet. You'll need Restlet 1.1-M5 or something
close enough if you want to try it out, because it uses multiple
challenges (1) and the new context system. It also requires Java 6.
Best wishes,
Bruno.
(1) http://restlet.tigris.org/issues/show_bug.cgi?id=457
Roman Geus wrote:
Hello all
I'm new to Restlet and would like to implement a REST interface for an
existing application using Restlet and JAX-RS.
I need to support both HTTP Negotiate and HTTP Basic authentication vs
an Active Directory server.
The Restlet server should offer both authentication schemes and the
client may choose one of them and send the appropriate credentials. The
Restlet server will then validate the credentials using a Kerberos
server (Active Directory).
I don't know how to implement the dual HTTP authentication scheme in
Restlet. From looking at the code, it seems, that a custom Guard can
only implement a single scheme. How can I support a second
authentication scheme?
Also, Negotiate authentication is not supported out-of-the-box and the
Negotiate ChallengeScheme is not predefined. Is it possible to support
the Negotiate scheme without modifying the Restlet code?
Any help with this (example code, hints, pointers, ...) would be highly
appreciated.
Thanks,
Roman
--
Roman Geus
Paul Scherrer Institut
AIT
Scientific Computing
5232 Villigen PSI
Switzerland
Tel: +41 56 310 54 85
Fax: +41 56 310 36 49
e-Mail: [EMAIL PROTECTED]