Spnego for Glassfish – First working implementation achieved today

I am feeling a little excited right now.
Today we got an implementation of SPNEGO going for Glassfish. It will be refined over coming days, but it works. You can use Glassfish in a Kerberos Single Sign On environment. It works with Firefox, IE and Safari.
Some features/limitations at present:
* We use the new JMAC JSR196: Java Authentication Service Provider Interface for Containers. This means you need to use Glassfish V2 build 41 or later, which have working JMAC implementations.
* We rely on JGSS features found in Java 6. We hope to make some changes and support Java 5 as well.
* The current implementation has only a few dependencies on Glassfish. We hope to remove those to allow the Spnego module to work with any and all JMAC implementations.
* JMAC has limited interaction with JAAS. At the moment it is not possible to fall through to a JAAS module for authentication. Not sure if this is a problem or not in a SSO environment.
Over the next days and weeks I will be refining Spnego. It is likely that it will be included as a standard part of Glassfish V2 when it is released in August 2007.
See http://spnego.dev.java.net for the project.
Now would be a good time for anyone looking to port this code to another JMAC compliant app server to get involved.