views:

479

answers:

0

Assuming I have a client and a server java process running on the commandline. I want the identity of each to come from the windows process it is executing under (in order to associate permissions in AD groups).

Assuming I have a working knowledge of setspn http://technet.microsoft.com/en-us/library/cc773257(WS.10).aspx

How do I get the server process to find the identity of the client process (for example the client process opening a network socket to the server process) in active directory?

JG


In my java non-web client, I want to pass the authentication context established with jcifs from the active directory domain account it was running under to a backend component like a mid-tier server to establish a trusted authenticated connection (for a SOAP RPC call).

Can someone give me an example of this?


  • The mid-tier and client are running on two different machines

  • The context is not serializable


The question is somewhat similar to this: http://stackoverflow.com/questions/1010356/java-active-directory-integrated-windows-authentication

If I can access active directory using dsquery without providing a password - how can I pass my logged in context to another application in the domain as authentication without having to provide a password or use password-applied keystores.

Or is this just private-access windows APIs not provided to the outside world?