Our team built a WebLogic intranet site. Users currently must type in their Active Directory login/password to access the site.
Since most of our users are already logged in to the domain, we would like to use Integrated Windows Authentication so users do not have to re-type their login password.
I have done this with .NET applications hosted on Windows/IIS. However, this app is built in WebLogic/Java and is hosted on RedHat Linux.
Is there a step-by-step guide or prototype application available?
(Please assume for this question that we are standardized on Internet Explorer browser.)
Have a look at jcifs. Although its mechanism is deprecated (it does not support NTLMv2) its still working in my projects. You might have to use an older version. They recommend to use jespa, but its not free.
There is also spnego, it has a filter too. And tomcatspnego. But I dont know how easy they are to use.
Waffle looks also interesting.
Here is another answer with some details: Authenticating against Active Directory with Java on Linux
So far I have only used jcifs, so I can not tell you which other option is the best. Apaches HttpClient also has some capabilities, I used it, but not as SSO in a webapp.
EDIT:
I found another project: ntlm-authentication-in-java, but I have not used or tested it yet.
Look at this answer, if you use NTLMv1, it gets you the logged in user's username. (does not work with NTLMv2 though..)
WebLogic supports SPNEGO natively and therefore, you do not need to use workarounds. More documentation is available here - http://docs.oracle.com/cd/E21764_01/web.1111/e13707/sso.htm. You can also refer to this blog article for step-by-step process - http://oraclelabspace.blogspot.in/2012/01/configurining-sso-using-kerberosspnego.html
来源:https://stackoverflow.com/questions/4751157/integrated-windows-authentication-ntlm-in-a-java-weblogic-app