Is there any technology that supports SSO for thick java clients connecting to a J2EE application server via RMI/IIOP? Our thick client makes EJB calls to the server and uses JMS to listen for events on topics. The server (WebSphere) authenticates using LDAP.
A customer wants to have our thick client pick up the local (Windows or unix) user credentials and use them to logon to the server without prompting the user for ID or password. Kerberos has been mentioned as a possible enabler for something like this.
Is such a scenario feasible? Is there existing technology and support for this?
posted 8 years ago
Have you considered Federated SSO using SAML and Public/Private keys?
In this scenario, the thick client uses its private key to create a saml assertion and sends the request to the server. Server would confirm the assertion using client's public key and grant access.