No. It requires JDK 6 or higher. Spnego makes use of some JGSS improvements which are in Java 6.
Any JEE application server which supports JMAC should work. At the moment the only one is Glassfish V2, which is the one tested and documented.
There are no Glassfish specific classes used in the implementation so it should work elsewhere.
Yes. See http://www.cmf.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html which we found helpful.
A list of the most common exceptions, there causes and solutions are provided in the JGSS Java documentation.
See here for the Java 5 version.
Some specific Exceptions possible in the logs and their cause are:
Unfortunately this exception can be caused by a number of problems:
Solution: Add the following to it: keyTab="/etc/krb5.keytab"
A corresponding service principal must exist in the KDC and in the keytab of the Glassfish server.
Restart. kdestroy to remove local tickets. Restart Glassfish.
storeKey=true should be set in the com.sun.security.jgss.accept LoginModule