- if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed)// SPNEGO
- remoteAuthResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE);
- else
+ if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed) {// SPNEGO
+ remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE);
+ // TODO make it configurable ?
+ remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(),
+ HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + realm + "\"");
+ } else {