I am trying to prevent SPNEGO interceptors for the following the user-agent

Answer

Please see the following IBM infocenter link

Enabling and configuring SPNEGO web authentication by using the administrative console

======================

Enter filter criteria in the Filter criteria field. The filter criteria is the filtering parameter used by the Java class that is used by SPNEGO. It defines arbitrary criteria that are meaningful to the implementation class used. The com.ibm.ws.security.spnego.HTTPHeaderFilter default implementation class uses this property to define a list of selection rules that represent conditions that are matched against the HTTP request headers to determine whether or not the HTTP request is selected for SPNEGO authentication.

Each condition is specified with a key-value pair, separated from each other by a semicolon. The conditions are evaluated from left to right, as they display in the specified property. If all conditions are met, the HTTP request is selected for SPNEGO authentication.

The key and value in the key-value pair are separated by an operator that defines which condition is checked. The key identifies an HTTP request header to extract from the request and its value is compared with the value that is specified in the key-value pair according to the operator specification. If the header that is identified by the key is not present in the HTTP request, the condition is treated as not being met.

Any of the standard HTTP request headers can be used as the key in the key-value pairs. Refer to the HTTP specification for the list of valid headers. In addition, two keys are defined to extract information from the request, also useful as a selection criterion, which is not available through standard HTTP request headers. The remote-address key is used as a pseudo header to retrieve the remote TCP/IP address of the client application that sent the HTTP request. The request-URL key is used as a pseudo header to retrieve the URL that is used by the client application to make the request. The interceptor uses the result of the getRequestURL operation in the javax.servlet.http.HttpServletRequest interface to construct the web address. If a query string is present, the result of the getQueryString operation in the same interface is also used. In this case, the complete URL is constructed as follows:String url = request.getRequestURL() + ‘?' + request.getQueryString();

=================================

For the multiple useragent you can configure a SPNEGO filter to prevent SPNEGO from intercepting. Please see the following steps

1) Open the Administrative Console for the server

2) Click Security > Global Security

3) From Authentication, expand Web and SIP Security

4) Click SPNEGO Web Authentication

5) Under SPNEGO filters, click New or select an existing one to edit

6) for the value, set the following

user-agent!=Mac OS X;user-agent!=JavaCrawler

7) Save the changes to mater configuration.