in order to correctly respond the HTTP header "WWW-Authenticate: Negotiate" from a Web server, the client side need to know which GSS mechanism it should use. Although SPNEGO is the most useful one, the user can use others (like Kerberos) also. A system property named "http.negotiate.mechanism.oid" will serve this purpose. User can set it to the OID of the mechanism he/she wants to use. Currently, "1.2.840.113554.1.2.2" for Kerberos and "1.3.6.1.5.5.2" for SPNEGO. If it's not specified, default to "1.3.6.1.5.5.2".
###@###.### 2005-03-22 03:39:27 GMT