permaculture playing cards*
The moose likes Spring and the fly likes How to implement Single Sign On in a Java EE application? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "How to implement Single Sign On in a Java EE application?" Watch "How to implement Single Sign On in a Java EE application?" New topic
Author

How to implement Single Sign On in a Java EE application?

Deiva Arumugam
Greenhorn

Joined: Oct 13, 2009
Posts: 2
Dear All,

When the user (client) tries to get into the application by typing the URL, i need to get that machine's windows logged in username.

I have tried with System.getProperty("user.name") but when I access the application from some other machine(client) then this still shows username of logged in user on server. I want this is to be changed according to the client machine username every time.

And also I have tried with some javascript code, it only works on IE but we are using Firefox.

Kindly suggest the possible ways to work with all kind of browsers.

Application Details:

View: Struts
Application Framework: Spring 3.1.1
Application Server: jboss-6.1.0.Final
Server OS: CentOS 5

Thanks,
Deivaa
Jelle Klap
Bartender

Joined: Mar 10, 2008
Posts: 1666
    
    7

The browser would need to support some sort of single sign-on mechanism like Kerberos or NTLM, and so would the remote application.
Firefox supports both Kerberos and NTLM (most browsers do), but the remote host has to be included as a trusted URI in the browser configuration.
For an intranet application this is a viable option, but for a public internet site there's not much use persuing this kind of solution.

Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18129
    
    8

This requirement should really only arise when it's an intranet application, anyway. Why would a server which is accessed by the general public need to know the ID which the user used to sign on to their personal computer? That crosses the spyware line in my opinion.
Deiva Arumugam
Greenhorn

Joined: Oct 13, 2009
Posts: 2
Hello Jelle Klap/Paul Clapham,

Thanks for your reply, my actual requirement is..

I am having a J2EE intranet application, in that currently I am using form authentication (getting username and password from the user) to validate the user. Now am trying to implement SSO (Single Sign On) in my application. I don’t have any idea about SSO. So that I asked above question, Kindly suggest (Sequence of steps I need to follow) me to proceed further on this.
Paul Clapham
Bartender

Joined: Oct 14, 2005
Posts: 18129
    
    8

Now that's a much better question. In fact it's the question you should have asked in the first place, instead of guessing at a solution and then asking how to implement it.

So let me change your thread title, so that people will know what it is actually about.
Bill Gorder
Bartender

Joined: Mar 07, 2010
Posts: 1632
    
    7

Assuming your intranet already has single sign on options, step one is to figure out what is being used. Then you can look at using Spring Security to integrate. Spring Security supports a wide variety of options including CAS, Kerberos, JNDI/LDAP, Active Directory, OAuth, and OpenID.


[How To Ask Questions][Read before you PM me]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to implement Single Sign On in a Java EE application?
 
Similar Threads
Not able to use two ports in RMI chat application
How to obtain NT User Information in J2EE
Need to get the user id of the machine raising the request.
Java - Getting Login ID
How to get username of currently logged user on client machine