I am doing a Java EE web application that requires Single Sign On with Active Directory.
The application will no longer prompt for a username and password. The authentication process would require retrieval of the current Windows logged on user. Once I have the user, I need to query Active Directory to get the roles for that logged on user. I am aware that this will exclude non-Windows users, but this is an internal application and all clients are using Windows.
I have to implement the SSO in 2 Java EE web applications. 1 application is runnning on GlassFish v2.1.1 (JDK 1.6) and the other is running on Tomcat (JDK 1.5).
Basically my main problem is how to retrieve the current Windows logged on user.
I've already come across JAAS and Kerberos. Kindly correct me if I'm wrong. My understanding is that these are authentication protocol and they do not have the feature to retrieve the current windows logged on user.
I've already tried the following but I am always getting null
or Server's own username.
System.getProperty("user.name");
new com.sun.security.auth.module.NTSystem().getName();
request.getUserPrincipal().getName();
System.getenv("USERNAME");
I am open to any suggestions.
WAFFLE is a great solution for this. It does not need Kerberos configuration.
SPNEGO is an open source project that provides a servlet filter that provies Integrated Windows Authentication.
if your organization uses java based web/application servers, and you prefer Kerberos/SPNEGO instead of NTLM as the authentication protocol, and you would rather have a Java Servlet Filter (JSR-53) based implementation instead of a container specific authentication module (JSR-196), and you want SSO (no username/password prompt), then this project may be of some interest to you.
It has instructions for configuring both Tomcat and Glassfish.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With