It's not a secret anymore!
The moose likes Java in General and the fly likes Server Side Java and CAC authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Server Side Java and CAC authentication" Watch "Server Side Java and CAC authentication" New topic

Server Side Java and CAC authentication

George Impagliazo
Ranch Hand

Joined: Sep 25, 2010
Posts: 41

I'm in completely new territory and I am unsure of where to start investigating.

I work for a big org with many Windows PCs controlled by a Microsoft network.
The org began using CACs ( smart cards ) to authenticate users who want to get into their PCs and into Windows.

My boss would like the users of our Java webapp ( Spring 3.1 and legacy servlets duct taped together ) to be able
to access our Java webapp, without authentication, if they are already in Windows via their CAC.

Like I wrote, I do not know what is involved or where to start for this goal.

Would I try to get the WebApp to talk to the Microsoft Network or the user's PC to ask if that person has been CAC authenticated?

Would I try to read a web certificate from the CAC with Java? If so, I have never used certificates before. Where could I go to learn about as if I am complete beginner, which I am?

Thanks in advance for any information or tips

I agree. Here's the link:
subject: Server Side Java and CAC authentication
jQuery in Action, 3rd edition