SPNEGO

The client sends the request containing the SPNEGO token in the HTTP header.
SPNEGO authentication policy authenticates the request against the specified Kerberos service provider.

Example Policy

AuthenticationBySPNEGO.policy

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wssp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
    xmlns:tpa="http://xsd.tns.tibco.com/governance/policy/action/2009">
    <wsp:All>
        <wsp:ExactlyOne>
            <tpa:AuthenticationByJaas>
                <wssp:SupportingTokens>
                    <tpa:ExactlyOne>
                        <wssp:SpnegoContextToken />
                    </tpa:ExactlyOne>
                </wssp:SupportingTokens>
                <tpa:SharedResourceLoginModule
                    ResourceInstance="KerberosAsp">
                    <tpa:Properties>
                        <tpa:Property Name="ServiceName" Value="HTTP/vm-w2k8-spml3.support.ch.com@SUPPORT.CH.COM" />
                    </tpa:Properties>
                </tpa:SharedResourceLoginModule>
            </tpa:AuthenticationByJaas>
        </wsp:ExactlyOne>
    </wsp:All>
</wsp:Policy>

Configuration Setup for Kerberos SPNEGO Authentication Policy
This section explains the configuration setup required to process SPNEGO Kerberos authentication requests for TIBCO API Exchange Gateway.

Contents

Index

Search Results

SPNEGO

Example Policy

AuthenticationBySPNEGO.policy