I am connecting to a web application that is integrated with Active Directory. The application allows for REST operations via SPNEGO.
My understanding is that I should be able to make a REST call using GSSAPI/SPNEGO. First a general question. My understanding is that the process works like this.
1) User logs into their computer and gets a TGT which is stored somewhere off in memory (I'm a little fuzzy on this, I believe this is how KERBEROS works, and I'm hoping SPNEGO assumes the same)
2) Client tries to make some request like a GET or PUT
3) Website respondes with unauthorized 401 response with an WWW-AUTHENTICATION : NEGOTIATE header.
4) Client responded with a second GET or PUT request adding a Authenticate: NEGOTIATE %token string%
5) Request succeeded and client get proper response
My questions are:
1) Is the above understanding correct?
2) If my goal is to only get the %token string% How would i retrieve that string value to add to the Authenticate: Negotiate header?
1) In C#/.NET
2) In Python
3) In Java