SPNEGO for GlassFish - Thanks, Greg!
By pelegri on Apr 11, 2007
Greg (of Wotif.COM fame) has first working code for SPNEGO on GlassFish. SPENGO stands for "Simple and Protected GSSAPI Negotiation Mechanism" and it is used to discover what GSSAPI (like Kerberos) protocol can be used by peers for establishing security contexts... which means SSO.
SPENGO is supported by Active Directory, Sun's Access Manager, IE, FireFox and many others. Greg decided that kerberos is cool, started looking into using it in GlassFish and discovered that GF does not yet do SPNEGO; the result was spnego.dev.java.net.
Thanks to Greg for this contribution (and also to Ron and others that helped him along the way!). I looked around and it seems that SPNEGO is supported in WebLogic Server and WebSphere, so this will be yet another feature that can no longer be used to separate open source from non-open source app servers; and we have a few more in the queue that we are sure you will like!