SSO Web Authentication against Active Directory - AD
843810Apr 2 2008 — edited Feb 4 2010Hi, everybody!
I've read a lot about authentication in other forums. I got a lot of pieces of information but didn't find how to get them together in a working solution.
I read that there are some kinds of authentications available, like Kerberos, Spenego, NTLM and so on. Well, I know it's boring to ask that, but I would like someone who has implemented a Web Authentication solution that is working well to help me to implement mine. Maybe a summary of how they work in real world would help a lot.
My current solution is using a NTLM implementation, but the user is prompted the username and password on Firefox and on IE (because of a browser configuration) it sends the user local credentials. If the user changes the configuration on IE he can send whatever he wants. The fact is that I need to authenticate the user against my local domain (i.e. my AD) - it'll be an intranet web application.
In an offline mock application I could get it done by using kerberos, but I needed to provide the user password. However, in a web environment, I know I can't just get the logged user's password. So, maybe the solution should be implemented on the server instead of the application. I don't really know! This is the point, the information I got until now didn't lead me any further...
If you have a working solution, please... tell me all steps necessary to get it working here!
My environment is Java 5 and JBoss 4.0.5 running on MS Windows 2000. The AD is on a Windows 2003 Server machine.
Any help will be welcome...
Thanks in advance!
Marcio Lima