Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

JAAS Single sign On

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,

I was able to use jaas NTLogin authentication successfully for my project.
For the moment it will ask user for userName & password.

But because user is already login to the matchine (intranet) login again seems unnecessary.

I need a way to use those credentials without login again.
(i found out its callre "Single signOn")

thanks

manoj.
 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Single SignOn .....

The http is a stateless protocol. So after the user login , the user information will be lost in the next request. So the user would be asked to login again and again. To overcome this , the user information is passed in the HTTP header automatically, then the user only has to login once. This is one side of Single SigOn.

With the internet application development , more and more internet applications are integrated together. Suppose an user A sends a request to application server B and application server B delegate the request to application server C. The user has login on the server A but has not login on server C. The server B can pass the user credential to server C. Then the user A does not have to login in on Server C again. This is another side of Signle SignOn.

The requirement you have might not have been solved. I might be wrong on this because I am not an expert. Only the operation system knows everything. The browser does not have the user password information. The browser might be able to get user credential information from OS. However if the application server accepts the credential information sent by a browser simply, there could be a security hole. A malicious browser can forge the credentail to do something.....

One walk around for your requirement might be using client certification.

Thanks

Lin
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic