Single Sign On for Web Applications – Use of Windows Login details


The post JCIFS and jWebUnit by Matt Raible describes use of JCIFS to achieve single sign on for web applications based on the Windows Login.

On my current project, we’re using JCIFS to integrate our application authentication process with NT Domain logins. While I found it quite easy to integrate, the one issue I found is I couldn’t replicate the login process in a jWebUnit test. I tried setting the WWW-Authentication header to NTLM, but couldn’t get it to work. The solution I ended up using is to subclass the NtlmHttpFilter and disable authentication when the User-Agent is “httpunit”.

I have not had a chance to work on this, but it certainly seems interesting for intranet applications where full blown Portal-based SSO solutions are beyond reach. I hope we can try to get a test of this running and see how to incorporate it in some of our internal applications.

A very useful description of the “Single Sign On” process, using the Windows login for logging in to the Web Application is found here:JCIFS NTLM HTTP Authentication

About Author

Lucas Jellema, active in IT (and with Oracle) since 1994. Oracle ACE Director and Oracle Developer Champion. Solution architect and developer on diverse areas including SQL, JavaScript, Kubernetes & Docker, Machine Learning, Java, SOA and microservices, events in various shapes and forms and many other things. Author of the Oracle Press book Oracle SOA Suite 12c Handbook. Frequent presenter on user groups and community events and conferences such as JavaOne, Oracle Code, CodeOne, NLJUG JFall and Oracle OpenWorld.


  1. I am trying to use JCIFS to integrate our application authentication process with NT Domain logins . Everything is fine in Mozilla . But in IE it is giving me page not found . I am using tomcat 5.5 and IE 6 with jcif 1.2.13b4 is there any special setup required for IE ?

  2. Pingback: AMIS Technology blog » Blog Archive » Single Sign On in UIX applications

  3. Wouter van Reeven on


    I have used these classes to implement a SSO for the customer I currently am at. Using the instructions found on all users within the domain specified in web.xml now can login to a test web application I created. Using JNDI/LDAP lookups in thier Active Directory server I can get the full name of the user (and other details). I will create a post about this later this week.

    Greets, Wouter