https://issues.apache.org/bugzilla/show_bug.cgi?id=57022
--- Comment #6 from Mark Thomas <ma...@apache.org> --- I've done a little svn archeology. Originally, the SPNEGO authenticate did call Realm.authenticate using Subject.doAs(). That was removed as it wasn't necessary early in the SPNEGO development. I have just restored this behaviour. At one point Tomcat automatically set javax.security.auth.useSubjectCredsOnly=false but this was removed to enable SPNEGO to work with IBM JREs. This fix has been made to 8.0.x and will be included in 8.0.15 onwards. It still needs to be back-ported to 7.0.x -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
