Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
If the server receives a request for an access-protected object, and if an acceptable Authorization header has not been sent, the server responds with a "401 Unauthorized" status code (for more information, see [RFC2616], section 10.4.2) and a "WWW-Authenticate" header, per the framework specified in [RFC2616]. The initial WWW-Authenticate header does not carry any auth-data when the header is "WWW-Authenticate:negotiate"; it does carry data when the header is "WWW-Authenticate:Nego2". WWW-Authenticate response values MAY be spread across multiple WWW-Authenticate headers, as specified in [RFC2616] section 14.47.
The SPNEGO scheme operates as follows.
-
challenge = "Negotiate" "Nego2" auth-data auth-data = 1#(gssapi-data)