File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Thick client SSO - any such thing? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Thick client SSO - any such thing?" Watch "Thick client SSO - any such thing?" New topic

Thick client SSO - any such thing?

Mark McMillan

Joined: May 16, 2008
Posts: 5
Is there any technology that supports SSO for thick java clients connecting to a J2EE application server via RMI/IIOP? Our thick client makes EJB calls to the server and uses JMS to listen for events on topics. The server (WebSphere) authenticates using LDAP.

A customer wants to have our thick client pick up the local (Windows or unix) user credentials and use them to logon to the server without prompting the user for ID or password. Kerberos has been mentioned as a possible enabler for something like this.

Is such a scenario feasible? Is there existing technology and support for this?
Santhosh Kumar
Ranch Hand

Joined: Nov 07, 2000
Posts: 242
Have you considered Federated SSO using SAML and Public/Private keys?

In this scenario, the thick client uses its private key to create a saml assertion and sends the request to the server. Server would confirm the assertion using client's public key and grant access.
I agree. Here's the link:
subject: Thick client SSO - any such thing?
It's not a secret anymore!