>>> Do you need a plug-in or anything like that? Does it need to be >>> specifically enabled? >> >> No, we use it all the time with IE, Firefox, and I believe Chrome >> as well.
Last time I was working in this area a few years ago, it worked by default in IE and had to be turned on in FF. A rogue website would request the token and do malicious things if it is handed out by the browser whenever asked. The link explains the settings required. Perhaps this has changed "recently" and works auto-magically now? http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.express.doc/info/exp/ae/tsec_SPNEGO_configweb_new.html Thanks Chris --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org