Java: Can a desktop App log-in in a web app and retrieve a "session" object to authenticate itseft in other apps which trust the web app?

Question

I don't know if this question has any sense, but this is what my boss want.

I work in a company with an intranet web.

In my department we have developed an application wich connects to a Bussiness Object server and executes and prints reports. This is a regular client/server app with our own user/password manintenance to log in.

My boss want to remove our password maintenance and let the users log in using the intranet password, somehow the desktop app connect the intranet (i don't know if it has a web service, but probabilly yes), makes the log in and retrieves some kind of object the Bussiness Object can use to authenticate.

Can this be done? I know the B.O. can use LDAP authentication if its well configured, so that if i can verify the intranet password and redirect the same password to B.O. it can autenticate the user by itself.

Answer 1

The closest I have seen/created is to use the shared secret (ITrustedPrincipal) mechanism to authenticate the user against secEnterprise without knowing the true password of the user. The only gotcha with this log in model is that the Universe Connection needs to not use the Business Objects credentials for connecting to the database.

The alternate is LDAP can be used and is fairly easy to set up as an authentication method for logging into Business Objects and auto adding users. The only caveat is that LDAP groups need to be correctly such that the Business Objects groups that the LDAP groups associate to are set up correctly.

Answer 2

Probably you'll have to look to some kind of "Single Sign One" ( sso ) and see if 1) your server can handle, 2) You client can implement it.