Hi,
As most of you know, SAP NW2004s support Kerberos authentication through the SPNEGO negotiation with the client.
I am looking at a externally facing portal scenario, where a separate security layer performs a kerberos authentication with the users, and then acts as a reverse proxy against the portal and provides a kerberos ticket from the user which has the delegated flag set to true.
(The flow is something like this immage http://searchwindowssecurity.techtarget.com//digitalguide/images/Misc/kerberos_figure_5_24)
This sort of landscape is often used on the windows platform, for example a web application might use kerberos delegation and impersonation against an SQL server for using the clients credentials against the SQL server.
The question is if SAP NW2004s Java AS supports this scenario.
I found some threads on Java support for kerberos delegation and in general it appears it doesn't work properly on Java 1.4 (which NW 2004s Java AS is running) but appears to be better on Java 1.5 (at least certain patch levels)
References
http://ml.osdir.com/java.sun.jndi/2006-05/msg00005.html
/thread/5206284 [original link is broken]
/thread/5172309 [original link is broken]
Any ideas?
Regards
Dagfinn
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.