X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FRemoteAuthUtils.java;h=3c436ba1fc40edd772e161d65ea1c70bc5f39cea;hb=b62b143dd3589245f088fb260d6d14edf7a87867;hp=4a8f18fcd811a11b516597e827d173542a441c50;hpb=bd515365c78edfdabc700f31f29629455bbe2b86;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java
index 4a8f18fcd..3c436ba1f 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/RemoteAuthUtils.java
@@ -161,11 +161,15 @@ public class RemoteAuthUtils {
 
 		// response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic
 		// realm=\"" + httpAuthRealm + "\"");
-		if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed)// SPNEGO
-			remoteAuthResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE);
-		else
+		if (hasAcceptorCredentials() && !forceBasic && !negotiateFailed) {// SPNEGO
+			remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(), HttpHeader.NEGOTIATE);
+			// TODO make it configurable ?
+			remoteAuthResponse.addHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(),
+					HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + realm + "\"");
+		} else {
 			remoteAuthResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.getHeaderName(),
 					HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + realm + "\"");
+		}
 
 		// response.setDateHeader("Date", System.currentTimeMillis());
 		// response.setDateHeader("Expires", System.currentTimeMillis() + (24 *