File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes Using JAAS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Using JAAS" Watch "Using JAAS" New topic

Using JAAS

Catriona McCann

Joined: Aug 31, 2000
Posts: 24
Instead of having a log in page I need to authenticate and authorise the username and password using JAAS and get the u/name and p/word from the System that the user is already logged in to e.g Windows NT.
I think you do this in the LoginModule - login() but don't know how to access the systems username and password...Any examples I have seen use Callback handlers to prompt the user..
Any ideas ??
Thanks in advance.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17417

Seems a little strange. You want the login to the SERVER to be the same as the login to the CLIENT?
Actually, I presume what you really want is that the user's web security to be based on the user's LAN security context. For one thing, not all computers attached to the Internet "log in".
This is done at the click of a checkbox in IIS admin, but I've not dealt with it in a Java webserver context, since it's Windows-specific. I'm pretty sure that there's documentation floating around somewhere and that you probably could find docs on it. I'd try the Sun and Microsoft websites ( - occasionally, when Bill & Steve are at lunch Java-helpful stuff shows up in the Evil Empire's online info-base.
In the Easy Way Out department, you can just allow for the fact that you can't access the web browser on a client's machine unless the client is ALREADY logged in. For a more secure environment, you could have id/password verification for the website, but it's not even necessarily desirable that they be the same as that used in Windows Networking.
The main reason you'd want the tighter integration would be if you're planning to validate user operations against the LAN ACLs.
As mentioned, I think it's doable and probably documented, but I don't know specifically where.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: Using JAAS
It's not a secret anymore!