tags:

views:

1335

answers:

3
Q: 

Tomcat and windows integrated authentication

Hi!

I'm developing a JAVA APP that must run on a Tomcat and I need to be able to identify the remote user who is acceding to my application web.

This remote user is running on a windows, so I need to get his "windows login" (sAMAccountName active directory attribute).

On IIS is easiest. I follow this http://stackoverflow.com/questions/688939/detect-user-logged-on-a-computer-using-asp-net-app to get the user logged

The content of server.xml is:

<Realm
    className="org.apache.catalina.realm.JNDIRealm" debug="99"
    connectionURL="ldap://DAServer:389"
    connectionName="[email protected]"
    connectionPassword="secret"
    referrals="follow"
    userBase="OU=mycompany,DC=mydomain,DC=local"
    userSubtree="true"
    roleBase="OU=groups,DC=mydomain,DC=local"
    roleName="name"
    roleSubtree="true"
    roleSearch="(member={0})"/>

And the content of web.xml is:

<!-- Define a Security Constraint on this Application -->
    <security-constraint>
     <web-resource-collection>
     <web-resource-name>Entire Application</web-resource-name>
      <url-pattern>/*</url-pattern>
     </web-resource-collection>

     <auth-constraint>
      <role-name>myCompany Users</role-name>
     </auth-constraint>
    </security-constraint>

    <!-- Define the Login Configuration for this Application -->
    <login-config>
     <auth-method>BASIC</auth-method>
     <realm-name>myRealm</realm-name>
    </login-config>

    <!-- Security roles referenced by this web application -->
    <security-role>
     <description>The role that is required to log in to APP</description>
     <role-name>myCompany Users</role-name>
    </security-role>

I need Automatic Login.

Thank you!

A: 

you have to use the Tomcat JNDI realm and integrate it with your server's active directory

Try here for some guidelines

Konstantinos  2009-04-09 08:15:47
I added more details about my problem
VansFannel  2009-04-09 09:53:33
+1  A: 

If you are building an Intranet application and are looking for SSO then you can use something like Jespa which is based on jCIFS.

bmatthews68  2009-04-13 02:04:07
Maybe I don't need a new library, I only need to integrate windows authentication like IIS does.
VansFannel  2009-04-14 09:43:11
Jespa is NOT based on JCIFS. The JCIFS NTLM HTTP filter is flawed in a number of ways so it is very unfortunate to characterize Jespa in this way. Jespa just uses JCIFS for it's MS-RPC layer and some basic NTLM computations. But the API and functionality bare no resemblance.
 2009-10-10 01:15:42
Note that jespa is not free.
Thorbjørn Ravn Andersen  2010-07-21 14:28:57
A: 

An answer could found here:

http://stackoverflow.com/questions/726249/detect-user-logged-on-a-computer-using-java-web-app

See you!

VansFannel  2009-04-22 13:50:01

related questions

Best way for allowing subdomain session cookies using Tomcat
Is there a way to specify a different session store with Tomcat?
How to avoid temporary file creation on server-side when pushing back full HTML content to clients?
What tools are there for timed batch processes in J2EE?
Eclipse - How can I change a 'Project Facet' from Tomcat 6 to Tomcat 5.5?
What must I do to make content such as images served over HTTPS be cached client-side?
Packaging up Tomcat
What is the Simplest Tomcat/Apache Connector (Windows)?
Wildcards for resources in a Tomcat Servlet's context.xml
How to debug a JSP tomcat service using eclipse?
Why does Tomcat 5.5 (with Java 1.4, running on Windows XP 32-bit) suddenly hang?
In Tomcat how can my servlet determine what connectors are configured?
tomcat5 fails to start on CentOS 5 with NoClassDefFoundError exception
Accessing Tomcat Context Path from Servlet
Unit-testing servlets
Some Tomcat webapps not opening
Java ConnectionPool connection not closing, stuck in 'sleep'
Tomcat vs Weblogic JNDI Lookup
Tomcat doFilter() invoked with committed response
Difference between the Apache HTTP Server and Apache Tomcat?
Should you run one or multiple applications per tomcat cluster?
Invalid <url-pattern> servlet mapping in tomcat 6.0
How do you configure tomcat to bind to a single ip address (localhost) instead of all addresses?
Java+Tomcat, Dying databse connection?
Arrays of Arrays in Java