CAS 4.1.5 SPNEGO NTLM

[Ivan Obradović]

Hello,

I'm trying to configure SPNEGO authentication and have problems with NTLM tokens.

So far, I successfully configured SPNEGO authentication with Kerberos protocol, but in some cases when KDC cannot issue Kerberos ticket, it issues NTLM ticket. CAS can process NTLM ticket and asks for a principal but the result is always NULL.

JCIFSSpnegoAuthenticationHandler is configured to support NTLM, but when it gets NTLM ticket and asks for principal (principal = this.authentication.getPrincipal(); line 88) the result is always NULL and there is no any error.

CAS documentation CAS 4.1.x SPNEGO-Authentication says that SPNEGO supports both Kerberos and NTLM. On some sites people say that SPNEGO does NOT support NTLM. What is true ?

Does anybody have any idea what can be wrong, or NTLM does not work with SPNEGO ?

Regards,

Ivan