问题
The title may seem a little weird but what I find around the internet is methods to sign on to stuff automatically with windows domain authentication (Single Sign On), but that is not what I want.
In my use case I want to explicitly ask the person to enter their windows domain user/password combination to make sure that the person performing the transaction is the one that is authorized to do so, i.e. not someone who secretly makes use of the authorized person's computer while he/she is away and left their computer unlocked.
Note
- I am working on Java
- I only want to authenticate a single transaction, no login session (if possible).
- Only certain people should be authorized. (I believe this is done through roles in active directory?)
回答1:
What I have used in the past is to authenticate against an LDAP server. Active directory works as an LDAP server so you should be able to authenticate against it. This can be used to verify the username/password combination.
I found this article showing how it works with java.
来源:https://stackoverflow.com/questions/3091249/using-windows-domain-authentication-for-authentication