When the user (client) tries to get into the application by typing the URL, i need to get that machine's windows logged in username.
I have tried with System.getProperty("user.name") but when I access the application from some other machine(client) then this still shows username of logged in user on server. I want this is to be changed according to the client machine username every time.
Kindly suggest the possible ways to work with all kind of browsers.
Application Framework: Spring 3.1.1
Application Server: jboss-6.1.0.Final
Server OS: CentOS 5
The browser would need to support some sort of single sign-on mechanism like Kerberos or NTLM, and so would the remote application.
Firefox supports both Kerberos and NTLM (most browsers do), but the remote host has to be included as a trusted URI in the browser configuration.
For an intranet application this is a viable option, but for a public internet site there's not much use persuing this kind of solution.
Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.
This requirement should really only arise when it's an intranet application, anyway. Why would a server which is accessed by the general public need to know the ID which the user used to sign on to their personal computer? That crosses the spyware line in my opinion.
Joined: Oct 13, 2009
Hello Jelle Klap/Paul Clapham,
Thanks for your reply, my actual requirement is..
I am having a J2EEintranet application, in that currently I am using form authentication (getting username and password from the user) to validate the user. Now am trying to implement SSO (Single Sign On) in my application. I don’t have any idea about SSO. So that I asked above question, Kindly suggest (Sequence of steps I need to follow) me to proceed further on this.
Assuming your intranet already has single sign on options, step one is to figure out what is being used. Then you can look at using Spring Security to integrate. Spring Security supports a wide variety of options including CAS, Kerberos, JNDI/LDAP, Active Directory, OAuth, and OpenID.