Negotiate header sent even when application has Basic Auth specified
Last updated on DECEMBER 11, 2017
Applies to:Oracle Weblogic Server - Version: 10.3
Information in this document applies to any platform.
In a Weblogic Server 10.3 domain configured with Negotiate Identity Asserter in the default realm if there is an application with Basic Authentication specified in Deployment Descriptor of web.xml and this application is deployed on server, while testing the application it is observed that WWW-Authenticate: Negotiate header is always sent to the client.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms