• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Rob Spoor
  • Bear Bibeault
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh

Network Authentication

 
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can we do network authentication in JSP. For example, while accessing a webpage it should pop-up a standard NT authentication dialog.
If we can do the authentication, which application server supports this?
Thanks,
Mani
 
author
Posts: 3252
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
A couple things come to my mind.
First, do you want integration with web container security? In that case, you'll have to rely on container-provided authentication methods, or external authentication code with some glue logic that you write to integrate it with the container-specific security API.
Second, if your browser is Internet Explorer and the clients are all logged in on the network, then you can use NTLM to authenticate the clients transparently. If your container doesn't support this out of the box, have a look at jCIFS. It is not just an SMB library, but also contains NTLM goodies including an NTLM HTTP Authentication servlet Filter for authenticating MSIE clients.
Third, if you want a pop-up window to log on (using container security or not) and authenticate the user that way, consider JAAS with the Windows NT authentication module. You can probably also use jCIFS, but JAAS is the standard and an integral part of JDK 1.4 (for earlier versions you can download it as an add-on).
Whatever you do, beware of using basic HTTP authentication over anything other than a HTTPS connection. You won't want your NT credentials to go over the network in plaintext, I suspect.
Does that help?
- Peter
 
Mani Balasubramanian
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Peter,
My case is the second one, where the users log into network and access the site. The browser is also Internet Explorer. Do I need to go for JAAS in that case?
Can you explain how the NTLM authentication is done in case of IE-NT combination.
Thanks,
Mani
 
Bartender
Posts: 73
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
NTLM? And that would be "Nationaly Televised Long-Legged Moose" authentication?
 
Peter den Haan
author
Posts: 3252
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Mani Balasubramani:
My case is the second one, where the users log into network and access the site. The browser is also Internet Explorer. Do I need to go for JAAS in that case?

No, JAAS is probably not your best bet; rather, check out the jCIFS NTLM authentication filter.
NTLM is a proprietary Microsoft challenge-response protocol allowing the server to verify the client's credentials against a Windows authentication server. It is reasonably secure and completely transparent to the user -- i.e. the user doesn't get a login prompt, the server simply "knows" who the user is logged in as.
Sounds like the way to go in your case.
- Peter
 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi peter,
I am trying implementing ntlm authentication for my application. I know jcifs can do the work. (I am using tomcat as webserver I am trying to configure as realm. Can any one help me how to configure jcifs as realm? I gone through the jcifs website I couldn�t find proper answer.
Thanks in advance.
Hima
 
Peter den Haan
author
Posts: 3252
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That would require plubming jCIFS right into the Tomcat authentication code; I'm not enough of a Tomcat wizard to tell you how. Consider bouncing this off the Tomcat forum.
- Peter
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Our application resides in Weblogic 6.1 runnning on Solaris machine, whereas the clients(IE) are on Windows2000. My objective is to get the user's windows login id in the server side, and then authenticate him across our LDAP server. Will jCIFS help doing this? It would be great if someone could throw some light on this issue. Any sort of help is appreciated.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic