Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

SSO with Tomcat and IIS

843810Sep 20 2007 — edited Oct 24 2007
Hi all!

In our company we use different technologies to combine Java and Microsoft / .NET world. Let me first explain the scenario. Maybe you then have other suggestions... The scenario is the following:
On the one side, we have a web application running on a java web server (i.e. Tomcat). On the other side there is a Microsoft application running in IE on an IIS server. We integrated our (java) web application to this, that means a user opens the browser with the Microsoft application and there he or she can call our application by clicking on a link which includes our content via an IFrame. To exchange (send and receive) data from the Microsoft application to our web application, we implemented two connectors, a JavaConnector and an Asp.NetConnector. The Asp.NetConnector can receive and send data from the Microsoft application via WebServices. So if the user selects something in our application the JavaConnector is called. This opens an URLConnection to a special Asp.Net-Site and gets the data from it via URLConnection->getInputStream(). I hope you understand!

So now, we want to use NTLM authentication, because at the moment, we use one special user which is always the same, i.e. we created a user on the server where the Microsoft application is hosted and who is the standard user for all requests and responses for IIS. The problem is that we didn�t have the context of the real user who is actually logged in on windows. We tried the NtmlHttpFilter (jcifs) and added it to Tomcat. If we switch on logging for this filter, we can see that the user is successfully authenticated. But the problem is now, how to use this authentication in the JavaConnector. Without NTLM we created the URLConnection with an empty user name and password because the Asp.NetConnector uses our standard user. With NTLM, Java should know the user name and password. How did we realize this? Can you help me? Do you have any suggestions? Maybe we have errors in reasoning�

What we need is an integrated windows authentication which can be used in the java connector without showing login pages.

I hope this is the right place to post.

Thanks in advance,
jacquipre
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Nov 21 2007
Added on Sep 20 2007
#kerberos-java-gss-jgss
2 comments
318 views