i really need help. I'm searching for this from a very long time. I would like to make a servlet (application deployed on OC4J ) which will allow to enter users logged in domain (Active Directory) without any prompt for login and password. Is it possible to retrive in servlet : user name via getRemoteUser or getUserPrincipal methods without authentication form? Or other way of doing that what i need?
+1
A:
You can achieve that with the Kerberos protocol. Here is a good explanation of how it might work in a servlet/jsp environment.
http://webmoli.com/2009/08/29/single-sign-on-in-java-platform/
leonm
2009-10-17 23:49:42
+1
A:
You need to configure what OC4J calls 'Windows Native Authentication', as described in the OC4J Security Guide. It's a bit more work than just calling a particular function - you have to configure Active Directory and OC4J first.
Andrew Strong
2009-10-18 14:56:36
A:
Here's an open source library, http://spnego.sourceforge.net, that will do exactly what you want.
It only has examples for Tomcat, JBoss, and Glassfish.
But it's implemented as a servlet filter so it should work on any servlet container.
Pat Gonzalez
2009-11-16 07:07:14