Skip to main content

SSO with Active Directory and Kerberos

1 reply [Last post]
berndkoester
Offline
Joined: 2013-03-26
Points: 0

Hello!

I want to configure the following scenario:

I have a windows domain with an Active Directory. The users are logged into their windows accounts.
I configure a glassfish application server (V3 or V4).

When the users start the client application, I want them to be single signed on to the application server.
The client uses ejb remote calls, so SPNEGO for web requests is not the solution.

Can you point me to some information to get started with this configuration? Do you questions about the
configuration?

Thank you for your time,

Bernd Köster

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
moj2ee
Offline
Joined: 2004-08-11
Points: 0

You need JAAS.

1. a file .java.login.config
WindowsLoginJaas {
com.sun.security.auth.module.NTLoginModule required
debug=false;
};

2. In your client

import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import com.sun.security.auth.*;
...
System.setProperty("java.security.auth.login.config", "url to above file");
lc = new LoginContext("WindowsLoginJaas");
lc.login();
sub = lc.getSubject();
sub.getPrincipals();
...