Package org.springframework.security.kerberos.web.authentication

Class SpnegoEntryPoint

java.lang.Object

org.springframework.security.kerberos.web.authentication.SpnegoEntryPoint

All Implemented Interfaces:

org.springframework.security.web.AuthenticationEntryPoint

public class SpnegoEntryPoint
extends Object
implements org.springframework.security.web.AuthenticationEntryPoint

Sends back a request for a Negotiate Authentication to the browser.

With optional configured forwardUrl it is possible to use form login as fallback authentication.

This approach enables security configuration to use SPNEGO in combination with login form as fallback for clients that do not support this kind of authentication. Set Response Code 401 - unauthorized and forward to login page. A useful scenario might be an environment where windows domain is present but it is required to access the application also from non domain client devices. One could use a combination with form based LDAP login.

See spnego-with-form-login.xml in spring-security-kerberos-sample for details

Since:

1.0

See Also:

• SpnegoAuthenticationProcessingFilter

Constructor Summary

Constructors

Constructor	Description
SpnegoEntryPoint()	Instantiates a new spnego entry point.
SpnegoEntryPoint(String forwardUrl)	Instantiates a new spnego entry point.

Method Summary

Modifier and Type	Method	Description
void	commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException ex)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SpnegoEntryPoint

public SpnegoEntryPoint()

Instantiates a new spnego entry point. Using this constructor the EntryPoint will Sends back a request for a Negotiate Authentication to the browser without providing a fallback mechanism for login, Use constructor with forwardUrl to provide form based login.

SpnegoEntryPoint

public SpnegoEntryPoint(String forwardUrl)

Instantiates a new spnego entry point. This constructor enables security configuration to use SPNEGO in combination with login form as fallback for clients that do not support this kind of authentication.

Parameters:

forwardUrl - URL where the login page can be found. Should be relative to the web-app context path (include a leading /) and can't be absolute URL.

Method Details

commence

public void commence(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response,
 org.springframework.security.core.AuthenticationException ex)
              throws IOException,
jakarta.servlet.ServletException

Specified by:

commence in interface org.springframework.security.web.AuthenticationEntryPoint

Throws:

IOException

jakarta.servlet.ServletException