File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Can silent login be achieved? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Can silent login be achieved?" Watch "Can silent login be achieved?" New topic
Author

Can silent login be achieved?

Kelly Dolan
Ranch Hand

Joined: Jan 08, 2002
Posts: 109
I have a JBoss web application that currently uses FORM-based authentication to request a userid/password from a user and once submitted, a custom login module contacts a custom security service to authenticate the user. This works perfectly.

I now want to change this scenario to be able to auto-detect the userid/password with which the user logged into his Windows workstation, pass this information along with the initial HTTP request, have the custom login module contact the custom security service and authenticate the user. In the case the credentials are not valid, display the "denied" version of the form and let the user enter a different userid/password.

I have been researching this, read many articles about windows integration authentication and tried to prototype something that works. I have applied changes to IE as the articles describe but I bypass the instructions for configuring the server to use login modules that authenticate the credentials with Windows itself because this is not what I need to do. Unfortunately, I have yet to get my scenario to work.

Has anyone ever tried to do this? Does anyone know if it is even possible? All thoughts, suggestions, etc. are greatly appreciated.

Kelly
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41599
    
  55
This blog entry talks about using the Windows Login for web apps, and indicates that it is possible without too much work.


Ping & DNS - my free Android networking tools app
 
wood burning stoves
 
subject: Can silent login be achieved?