[jcifs] single sign on for desktop based java application
Michael B Allen
ioplex at gmail.com
Wed Nov 19 16:17:13 GMT 2008
On Wed, Nov 19, 2008 at 3:56 AM, Raghavendra MB <mb.ragu at gmail.com> wrote:
> Hi,
>
> I have a requirement to provide single sign on facility for windows
> admin/users in desktop based java application.
>
> the java program should run only if the user is authorized for that system.
>
> Please suggest me how to implement the solution for above requirement.
To do SSO from a desktop Java application you would have to use
something that has access to the user's NT username and password or
Kerberos credential cache. The only thing I know of that might work
would be the Keberos implementation of Sun's JRE. However, even Sun's
JAAS Kerberos module may have a problem with that. IIRC you had to
first do a Kerberos logon just to do anything related to Kerberos.
Meaning I'm not 100% positive that you can actually get a ticket using
an existing TGT. You have to get your own TGT which of course means
supply a domain, username and password.
I would simply try the latest JRE from Sun and try to get a Kerberos
ticket and hope it works without requiring a logon. But don't hold
your breath.
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
More information about the jcifs
mailing list