AnsweredAssumed Answered

What is the right implementation of SPNEGO auth provider

Question asked by longinus on Sep 7, 2017
Latest reply on Sep 8, 2017 by longinus

I am writing a service that talks to Alfresco Core repository using Apache Chemistry opencmis library and need to authenticate through SPNEGO. Cmis library requires me to provide custom authentication provider which so far doesn't work for me. So far I came up with following:

public class KerberosAuthProvider extends AbstractAuthenticationProvider {

@Override

public Map<String, List<String>> getHTTPHeaders(String url) {   

   try {        

             String authToken = ….  // generate token       

            Map<String, List<String>> headers = Maps.newHashMap();                       

            headers.put("Authorization", Lists.newArrayList("Negotiate " + authToken));       

            return headers;   

    } catch    (Exception ex) {       

               throw new IllegalStateException("Couldn't get token", ex);    }}

      }

I will appreciate any suggestions.

Outcomes