The configuration that is used by the Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) trust association interceptor (TAI) on each selected application server is governed by various system requirements.
Function item | Description |
---|---|
SPNEGO TAI | The SPNEGO TAI is a server side solution in WebSphere Application Server. Client-side applications are responsible for generating the SPNEGO token for use by the SPNEGO TAI. |
Microsoft Windows | ![]() ![]() |
Client application (browser or .NET client) | A browser (client application) or .NET client that supports the SPNEGO authentication mechanism, as defined in IETF RFC 2478 is required. |
Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) | SPNEGO authentication, as defined in IETF RFC 2478 is used. |
Internet browsers |
|
Kerberos Level | Kerberos version 5 is required. |
WebSphere Application Server | Version 6.1 is required. |
Java generic security service (JGSS) | Version 1.0.1 is required. |
Java Virtual Machine (JVM) | See Configuring the JVM for information on configuring JVM. |
Java SDK level | Java 5.0 SDK is required. |
Encryption Types | RC4-HMAC encryption is only supported when using a Windows 2003 Server as Kerberos key distribution center (KDC) and is not supported with a Windows 2000 Server. |