It was very easy for me to get an “WWW-Authenticate: Negotiate”-header for my Vaadin-Login-Form based on your Kerberos example on codecamp.de / vaadin-security-spring-demo · GitLab. Very nice, thank you :-)
I haven’t spent much time with this add-on yet, so maybe it’s a silly question: Shouldn’t be SpnegoEntryPointFilter part of the vaadin-security-spring instead of the demo? I guess this or a similar implementation is always needed for the SPNEGO usecase.
(Due to the license of the demo repository, I can’t simply copy&paste your implementation.)
I never considered that the license in the demo project might be an issue. I removed the badge for the Apache 2.0 license and explicitly added the Unlicense, which essentially makes the demo(s) public domain. So feel free to copy and adapt whatever you need of them without any restrictions.
I added the SSO examples mostly as proof-of-concepts to demonstrate that and how my add-on can work in these and similar use cases.
I’m not very familiar with Kerberos/SPNEGO outside of the demo and I don’t even have a setup to fully test it with, unfortunately. So I just didn’t think it would be a good idea to officially add support for specific technologies that I have limited experience with and aren’t exactly the focus of this add-on. And - as always - it’s also an issue of limited time.
Anyway, I’m really glad that this add-on is (so far) useful to you and that the demos helped to set it up. Let me know how it works out for you. Unless I get actual feedback I have no way of knowing if people even download my add-on, let alone what does and doesn’t work for them.
Thanks for your quick response and your thoughts… You have convinced me.
I guess an Apache-2.0-license would’ve been okay, but it was actually “No license. All rights reserved”. But without doubt, an Unlicense is indeed the best license for Code snippets :-) Thank you!