Hi I have an Intranet application where in the java application is running in NT server to which all the users associated. My requirement is to login the user into my java application if he successfully logs in to his domain. I am using only servlet and plain htmls as part of implementation and using Tomcat to serve servlets and apache for pain htmls Can any body suggest me how do I go abt it? Thanks in advance Mrutyunjay
Your first problem is that Java is supposed to be "write-once/run-anywhere". So there can by definition be no Windows security services except by escaping via JNI. Additionally an HTTP server and an NFS (LAN server) have only 2 things in common. 1) they both work using network hardware 2) they have the word "server" in their name. Any computer with a network card in it can be an HTTP server, whether the word "Server" appears in its OS name or not. In fact, I think you might even find HTTP servers for DOS! What you really want, I think, is to try apply the security tokens granted by logging in as user X on domain Y to provide some sort of guidelines on what services and features the HTTP server will grant the user. That's not always as straightforward as it seems. Only in the case where you're using HTTP as a glorified file server is there a direct correspondence. Most people who ask this kind of question really want merely to avoid a second-level signon, so what they are really looking for is a way to determine the user's identify. There are some products out there to help with that You might also want to search the local servlet and JSP forums and see what others have had to say on the topic.
Customer surveys are for companies who didn't pay proper attention to begin with.
Jason Hunter's book "Java Servlet Programming" (I have the 2nd edition that covers 2.2 and 2.3 servlet specs) might give you some ideas. See chapters 4, 7, & 8. It would be a bit too lengthy to discuss in one reply but here are a few things you could look into to get started: String System.getProperties().getProperty("user.name") String HttpServletRequest.getRemoteUser() java.security.Principal HttpServletRequest.getUserPrincipal() HTTP Authentication HTH Junilu