GSSWEB PROTOCOL DESCRIPTION

This file describes the protocol used for GSSWeb authentication.

The client goes to /<app>/gss and does a POST containing:

token: <Base64-encoded GSS Token>
nonce: <Random String>

The server will respond by sending a JSON reponse:

{gssweb: {
    token: "<Base64-encoded & escaped GSS Token>",
    nonce: "<Nonce from request>"},
 application: {
    data: "<Base-64-encoded & escaped application data>",
    content-type: "<Original content-type>",
    content-length: "<Original content-length>"}
}

The "gssweb" section in the response is used for the GSS exchange.
Upon completion of the GSS exchange, the "application" section is used
by the client to reconstruct the application response upon completion
of the GSS exchange.