Description
Currently, I have developed an HTTP file service and I expect to support Kerberos authentication. I am using the spnego.SPNEGOKRB5Authenticate method to accomplish this. However, I have a question: during the authentication negotiation, the code sets the WWW-Authenticate header in the 401 response, and the Negotiate token is forcibly set to ade0234568a4209af8bc0280289eca. When I open it using Windows File Explorer, it always sends an NTLM token instead of a Kerberos token. However, when I use Windows IIS Server, the Negotiate token they provide is very long and changes frequently, and it can send a Kerberos token for request authentication using the same method. Therefore, I want to confirm whether responding with the fixed token ade0234568a4209af8bc0280289eca is correct or not?