SPNEGO Identity asserter configuration
To find SPNEGO Identity Assertion, go to the Admin Console and select Security Realms | myrealm | Providers.
Click on the Lock & Edit button to lock and edit your domain, proceed to the New button (naming your provider with a personal reference), and select the Negotiate Identity Assertion provider from the list and click on Ok. Reorder the provider sequence on top after LDAP is configured (see Chapter 2, WebLogic Security Realm). After all these modifications, restart all the nodes of your WebLogic Server, along with the Admin Console, to make your changes effective.
Now your WebLogic Server is able to accept Kerberos tokens in an HTTP connection, and it can establish a trusted relationship with your client when a Service Principal Name is called and the security is enabled in your Java application (refer to Chapter 3, Java EE Security With WebLogic, of this book to secure your path).
In the following diagram you can see an authentication schematic...
