To find SPNEGO Identity Assertion, go to the Admin Console and select Security Realms | myrealm | Providers.

Click on the Lock & Edit button to lock and edit your domain, proceed to the New button (naming your provider with a personal reference), and select the Negotiate Identity Assertion provider from the list and click on Ok. Reorder the provider sequence on top after LDAP is configured (see Chapter 2, WebLogic Security Realm). After all these modifications, restart all the nodes of your WebLogic Server, along with the Admin Console, to make your changes effective.

Now your WebLogic Server is able to accept Kerberos tokens in an HTTP connection, and it can establish a trusted relationship with your client ...