I am searching for a great way to attain SPNEGO/Kerberos login for any spring-security application on Tomcat and Home windows. Candidates i have checked out:
- Spring Security Kerberos Extension
- Apache httpd fronting with mod_auth_kerb module
- Apache httpd with mod_auth_sspi module
I wasn't super-astounded by Waffle and mod_auth_sspi only appears to aid NTLMv1 to ensure that has gone out. I actually do visit a value in fronting by having an Apache httpd to ensure that appears like a good idea. How good does that have fun with spring-security though, I question. That has carried this out? The best ideaOrmost stable approach?
Avoid any overhead. Make use of the Spring SEC Extension. That certain works very well on our atmosphere for over a year. Although it has got the potention for many improvement.