File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Servlets and the fly likes How to implement NT authentication in Servlets Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "How to implement NT authentication in Servlets" Watch "How to implement NT authentication in Servlets" New topic

How to implement NT authentication in Servlets

Mrutyunjay Hanchinal
Ranch Hand

Joined: Sep 26, 2001
Posts: 50
I have an Intranet application where in the java application is running in NT server to which all the users associated.
My requirement is to login the user into my java application if he successfully logs in to his domain.
I am using only servlet and plain htmls as part of implementation
and using Tomcat to serve servlets and apache for pain htmls
Can any body suggest me how do I go abt it?
Thanks in advance
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17421

Your first problem is that Java is supposed to be "write-once/run-anywhere". So there can by definition be no Windows security services except by escaping via JNI.
Additionally an HTTP server and an NFS (LAN server) have only 2 things in common. 1) they both work using network hardware 2) they have the word "server" in their name. Any computer with a network card in it can be an HTTP server, whether the word "Server" appears in its OS name or not. In fact, I think you might even find HTTP servers for DOS!
What you really want, I think, is to try apply the security tokens granted by logging in as user X on domain Y to provide some sort of guidelines on what services and features the HTTP server will grant the user. That's not always as straightforward as it seems. Only in the case where you're using HTTP as a glorified file server is there a direct correspondence.
Most people who ask this kind of question really want merely to avoid a second-level signon, so what they are really looking for is a way to determine the user's identify. There are some products out there to help with that
You might also want to search the local servlet and JSP forums and see what others have had to say on the topic.

An IDE is no substitute for an Intelligent Developer.
Junilu Lacar

Joined: Feb 26, 2001
Posts: 6529

Jason Hunter's book "Java Servlet Programming" (I have the 2nd edition that covers 2.2 and 2.3 servlet specs) might give you some ideas. See chapters 4, 7, & 8. It would be a bit too lengthy to discuss in one reply but here are a few things you could look into to get started:
String System.getProperties().getProperty("")
String HttpServletRequest.getRemoteUser() HttpServletRequest.getUserPrincipal()
HTTP Authentication

Junilu - [How to Ask Questions] [How to Answer Questions]
I agree. Here's the link:
subject: How to implement NT authentication in Servlets
It's not a secret anymore!