+ } else if (basic.equalsIgnoreCase("Negotiate")) {
+ // FIXME generalise
+ String _targetName = "HTTP/mostar.desktop.argeo.pro";
+ String spnegoToken = st.nextToken();
+ byte[] authToken = Base64.decodeBase64(spnegoToken);
+ GSSManager manager = GSSManager.getInstance();
+ try {
+ Oid krb5Oid = new Oid("1.3.6.1.5.5.2"); // http://java.sun.com/javase/6/docs/technotes/guides/security/jgss/jgss-features.html
+ GSSName gssName = manager.createName(_targetName, null);
+ GSSCredential serverCreds = manager.createCredential(gssName, GSSCredential.INDEFINITE_LIFETIME,
+ krb5Oid, GSSCredential.ACCEPT_ONLY);
+ GSSContext gContext = manager.createContext(serverCreds);
+
+ if (gContext == null) {
+ log.debug("SpnegoUserRealm: failed to establish GSSContext");
+ } else {
+ while (!gContext.isEstablished()) {
+ byte[] outToken = gContext.acceptSecContext(authToken, 0, authToken.length);
+ String outTokenStr = Base64.encodeBase64String(outToken);
+ httpResponse.setHeader("WWW-Authenticate", "Negotiate " + outTokenStr);
+ }
+ if (gContext.isEstablished()) {
+ String clientName = gContext.getSrcName().toString();
+ String role = clientName.substring(clientName.indexOf('@') + 1);
+
+ log.debug("SpnegoUserRealm: established a security context");
+ log.debug("Client Principal is: " + gContext.getSrcName());
+ log.debug("Server Principal is: " + gContext.getTargName());
+ log.debug("Client Default Role: " + role);
+
+ // TODO log in
+ }
+ }
+
+ } catch (GSSException gsse) {
+ log.warn(gsse, gsse);
+ }
+