I need to develop a web application for the Intranet users. I dont want them to enter the login credentials each time they visit the site. It should be automatically loaded from the System Username and Password. i.e If they have a valid system username and password they should be able to login to the application. I am using Java. How to fulfill this requirement?
Asked
Active
Viewed 1.2k times
4
-
What do you mean by system username and password? Are you referring to the credentials used during NTLM auth? – Vineet Reynolds Nov 03 '10 at 06:11
-
@Vineet Reynolds yes..this is what i want – rgksugan Nov 03 '10 at 06:25
6 Answers
5
You can try out waffle Waffle for single sign on.
You can achieve auto authentication with waffle. I used it for intranet webapp project. For getting further information from active directory you can use COM4J
COM4J
Sudeep Gujar
- 327
- 2
- 8
5
You can use waffle and COM4Jto resolve this issue. Thing you need to keep in mind is waffle works only with Windows credentials. You can use waffle api for auto login in your UI side code. COM4J api is useful if you want to write code for auto login on java side.
Ketan Chitale
- 331
- 3
- 4
4
SSO (single sign on) can be used for automatic login using system credentials. Waffle is used for implementing SSO over an active directory. It negotiates between local machine and active directory. But, all the parameters cannot be retrieved using Waffle once the user is authenticated. For that Com4j can be used.
Sudeep Gujar
- 327
- 2
- 8
Srushti Patil
- 41
- 3
3
What you are looking for is called Windows Integrated Authentication. To be able to implement it, your server needs to support authentication against Active Directory (using Kerberos) and to be configured to respond to unauthenticated requests from the browser with WWW-Authenticate: NTLM or Negotiate header.
I can't tell you exactly how to do this, without knowing what server platform you're using. But assuming your platform supports JAAS, here's a blog post that gives some basics on configuring it - http://webmoli.com/2009/08/29/single-sign-on-in-java-platform/
Franci Penov
- 74,861
- 18
- 132
- 169
1
If it is specific to "Windows" you can use NTLM authentication. For example http://davenport.sourceforge.net/ntlm.html
I am not sure if this helps but you can take a look at how HTTP Client can be used http://hc.apache.org/httpclient-3.x/authentication.html#NTLM
ch4nd4n
- 4,110
- 2
- 21
- 43
1
NTLM credentials can be passed to a server that supports either SPNEGO (Kerberos) or NTLM authentication (both of which constitute Windows Native Authentication). The unfortunate part is that not a lot of such servers support this by default. Microsoft IIS is one such server that does support the authentication mode that you require.
As far as I know, achieving this in a Java web application, will require you to verify the support for WNA on your application server. WebLogic Server, for instance, does support this to an extent, but requires the Microsoft IIS web server to front it.
It is also possible that Single Sign On solutions also support credential verification against Microsoft Active Directory, but the nature of seamless integration may vary from one product to another.
Additionally, the browser in use also matters. WNA is available since IE 5, and in certain versions of Firefox. It appears to be available in Google Chrome since version 5. NTLM authentication was initially introduced in Opera 9, as well.
Community
- 1
- 1
Vineet Reynolds
- 76,006
- 17
- 150
- 174
-
Chrome also supports NTLM/SPNEGO (though they do have a small bug). I believe Opera also supports it. In fact, of the major browsers I think only Safari does not support it. – Franci Penov Nov 03 '10 at 06:45
-
@Franci Penov, thanks. I've updated the answer. Safari does support NTLM auth, but I believe it is buggy when SPNEGO is used as opposed to NTLM. – Vineet Reynolds Nov 03 '10 at 07:00