Single Sign On for Web Applications – Use of Windows Login details

Lucas Jellema 3
0 0
Read Time:54 Second

The post JCIFS and jWebUnit by Matt Raible describes use of JCIFS to achieve single sign on for web applications based on the Windows Login.

On my current project, we’re using JCIFS to integrate our application authentication process with NT Domain logins. While I found it quite easy to integrate, the one issue I found is I couldn’t replicate the login process in a jWebUnit test. I tried setting the WWW-Authentication header to NTLM, but couldn’t get it to work. The solution I ended up using is to subclass the NtlmHttpFilter and disable authentication when the User-Agent is “httpunit”.

I have not had a chance to work on this, but it certainly seems interesting for intranet applications where full blown Portal-based SSO solutions are beyond reach. I hope we can try to get a test of this running and see how to incorporate it in some of our internal applications.

A very useful description of the “Single Sign On” process, using the Windows login for logging in to the Web Application is found here:JCIFS NTLM HTTP Authentication

About Post Author

Lucas Jellema

Lucas Jellema, active in IT (and with Oracle) since 1994. Oracle ACE Director and Oracle Developer Champion. Solution architect and developer on diverse areas including SQL, JavaScript, Kubernetes & Docker, Machine Learning, Java, SOA and microservices, events in various shapes and forms and many other things. Author of the Oracle Press book Oracle SOA Suite 12c Handbook. Frequent presenter on user groups and community events and conferences such as JavaOne, Oracle Code, CodeOne, NLJUG JFall and Oracle OpenWorld.
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

3 thoughts on “Single Sign On for Web Applications – Use of Windows Login details

  1. I am trying to use JCIFS to integrate our application authentication process with NT Domain logins . Everything is fine in Mozilla . But in IE it is giving me page not found . I am using tomcat 5.5 and IE 6 with jcif 1.2.13b4 is there any special setup required for IE ?

  2. […] In my current project I was asked to investigate the possibility of implementing a Single Sign On solution for a couple of Oracle UIX web applications I am implementing. A little investigation showed that all users login to their PCs using a "domainuser" username and a password. Our customer would like to use those credentials for logging into the UIX applications without getting a popup. My colleague Lucas Jellema recently posted about an NtlmHttpFilter class provided by the jCIFS project and I decided to try that out.Using the NtlmHttpFilter proved to be extremely easy. The jCIFS NTLM HTTP Authentication documentation gives a few examples of how the filter can be incorporated into a web application. Using the Explicit Domain Controller web.xml Example I got it up and running in no time. The example only contains four configuration parameters and finding out the correct values for these parameters proved to be the most difficult exercise. After having found them out I fired up OC4J from within JDeveloper on my laptop and gave the customer instructions on how to add my laptop IP address to the Trusted Sites list in Internet Explorer on his laptop and asked him to browse to my NTLM enabled web app. He was greeted by a page stating his Windows username in the form "domainuser". The Windows username is available from the HttpSession via the getRemoteUser() method. The password isn’t! So users who worry about their passwords can stop worrying   […]

  3. Lucas,

    I have used these classes to implement a SSO for the customer I currently am at. Using the instructions found on http://jcifs.samba.org/src/docs/ntlmhttpauth.html all users within the domain specified in web.xml now can login to a test web application I created. Using JNDI/LDAP lookups in thier Active Directory server I can get the full name of the user (and other details). I will create a post about this later this week.

    Greets, Wouter

Comments are closed.

Next Post

Addition to LOG4PLSQL to make loglevel adjustments at runtime.

I have recently used the LOG4PLSQL software for logging in a small application. I missed the possibility to change the logging level at runtime. In the production environment code changes are only allowed during specified deploy time windows, so changing the DEFAULT_LEVEL parameter in the PLOGPARAM package specification was not […]
%d bloggers like this: