In my current project I was asked to investigate the possibility of implementing a Single Sign On solution for a couple of Oracle UIX web applications I am implementing. A little investigation showed that all users login to their PCs using a “domain\user” username and a password. Our customer would like to use those credentials for logging into the UIX applications without getting a popup. My colleague Lucas Jellema recently posted about an NtlmHttpFilter class provided by the jCIFS project and I decided to try that out.
Using the NtlmHttpFilter proved to be extremely easy. The jCIFS NTLM HTTP Authentication documentation gives a few examples of how the filter can be incorporated into a web application. Using the Explicit Domain Controller web.xml Example I got it up and running in no time. The example only contains four configuration parameters and finding out the correct values for these parameters proved to be the most difficult exercise.
After having found them out I fired up OC4J from within JDeveloper on my laptop and gave the customer instructions on how to add my laptop IP address to the Trusted Sites list in Internet Explorer on his laptop and asked him to browse to my NTLM enabled web app. He was greeted by a page stating his Windows username in the form “domain\user”. The Windows username is available from the HttpRequest via the getRemoteUser() method. The password isn’t! So users who worry about their passwords can stop worrying