• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How to implement NT authentication in Servlets

 
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
I have an Intranet application where in the java application is running in NT server to which all the users associated.
My requirement is to login the user into my java application if he successfully logs in to his domain.
I am using only servlet and plain htmls as part of implementation
and using Tomcat to serve servlets and apache for pain htmls
Can any body suggest me how do I go abt it?
Thanks in advance
Mrutyunjay
 
Saloon Keeper
Posts: 27762
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Your first problem is that Java is supposed to be "write-once/run-anywhere". So there can by definition be no Windows security services except by escaping via JNI.
Additionally an HTTP server and an NFS (LAN server) have only 2 things in common. 1) they both work using network hardware 2) they have the word "server" in their name. Any computer with a network card in it can be an HTTP server, whether the word "Server" appears in its OS name or not. In fact, I think you might even find HTTP servers for DOS!
What you really want, I think, is to try apply the security tokens granted by logging in as user X on domain Y to provide some sort of guidelines on what services and features the HTTP server will grant the user. That's not always as straightforward as it seems. Only in the case where you're using HTTP as a glorified file server is there a direct correspondence.
Most people who ask this kind of question really want merely to avoid a second-level signon, so what they are really looking for is a way to determine the user's identify. There are some products out there to help with that
You might also want to search the local servlet and JSP forums and see what others have had to say on the topic.
 
Sheriff
Posts: 17644
300
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Jason Hunter's book "Java Servlet Programming" (I have the 2nd edition that covers 2.2 and 2.3 servlet specs) might give you some ideas. See chapters 4, 7, & 8. It would be a bit too lengthy to discuss in one reply but here are a few things you could look into to get started:
String System.getProperties().getProperty("user.name")
String HttpServletRequest.getRemoteUser()
java.security.Principal HttpServletRequest.getUserPrincipal()
HTTP Authentication
HTH
Junilu
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic