I need to implement SSO for a java based (JSP, struts) web application. Iam using Tomcat as web server deployed on Windows 2003 server.
I plan to the above in follwing steps - 1. Obtain logged user information via http request. 2. Check with ADS if the user exists in the priviliged user group. 3. If I get Yes in above step then create a session and show the home page. 4. if I get No in step 2, then I show a login page and validate user through db.
Now, Iam able to perform steps 2 and beyond but only problem left is step 1. I dont know how to get the client side logged user information via Http Request.
Would appreciate suggestions on this. Also would be happy to discuss if there is any other approach on achieving SSO.