4

I need to develop a web application for the Intranet users. I dont want them to enter the login credentials each time they visit the site. It should be automatically loaded from the System Username and Password. i.e If they have a valid system username and password they should be able to login to the application. I am using Java. How to fulfill this requirement?

Improve this question
2
  • What do you mean by system username and password? Are you referring to the credentials used during NTLM auth? Commented Nov 3, 2010 at 6:11
  • @Vineet Reynolds yes..this is what i want Commented Nov 3, 2010 at 6:25

6 Answers 6

Reset to default
5

You can try out waffle Waffle for single sign on.
You can achieve auto authentication with waffle. I used it for intranet webapp project. For getting further information from active directory you can use COM4J COM4J

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

5

You can use waffle and COM4Jto resolve this issue. Thing you need to keep in mind is waffle works only with Windows credentials. You can use waffle api for auto login in your UI side code. COM4J api is useful if you want to write code for auto login on java side.

Improve this answer

Comments

4

SSO (single sign on) can be used for automatic login using system credentials. Waffle is used for implementing SSO over an active directory. It negotiates between local machine and active directory. But, all the parameters cannot be retrieved using Waffle once the user is authenticated. For that Com4j can be used.

Improve this answer

Comments

3

What you are looking for is called Windows Integrated Authentication. To be able to implement it, your server needs to support authentication against Active Directory (using Kerberos) and to be configured to respond to unauthenticated requests from the browser with WWW-Authenticate: NTLM or Negotiate header.

I can't tell you exactly how to do this, without knowing what server platform you're using. But assuming your platform supports JAAS, here's a blog post that gives some basics on configuring it - http://webmoli.com/2009/08/29/single-sign-on-in-java-platform/

Improve this answer

Comments

1

If it is specific to "Windows" you can use NTLM authentication. For example http://davenport.sourceforge.net/ntlm.html
I am not sure if this helps but you can take a look at how HTTP Client can be used http://hc.apache.org/httpclient-3.x/authentication.html#NTLM

Improve this answer

Comments

1

NTLM credentials can be passed to a server that supports either SPNEGO (Kerberos) or NTLM authentication (both of which constitute Windows Native Authentication). The unfortunate part is that not a lot of such servers support this by default. Microsoft IIS is one such server that does support the authentication mode that you require.

As far as I know, achieving this in a Java web application, will require you to verify the support for WNA on your application server. WebLogic Server, for instance, does support this to an extent, but requires the Microsoft IIS web server to front it.

It is also possible that Single Sign On solutions also support credential verification against Microsoft Active Directory, but the nature of seamless integration may vary from one product to another.

Additionally, the browser in use also matters. WNA is available since IE 5, and in certain versions of Firefox. It appears to be available in Google Chrome since version 5. NTLM authentication was initially introduced in Opera 9, as well.

Improve this answer

2 Comments

Chrome also supports NTLM/SPNEGO (though they do have a small bug). I believe Opera also supports it. In fact, of the major browsers I think only Safari does not support it.
@Franci Penov, thanks. I've updated the answer. Safari does support NTLM auth, but I believe it is buggy when SPNEGO is used as opposed to NTLM.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.