Hi all,
I'm using Tomcat 7 and Waffle on a Windows server for NTLMv2 SSO Negotiation. Specifying "<role-name>BUILTIN\Administrators</role-name>" allows me to restrict access to individual webapps to only local system administrators, as desired. https://github.com/dblock/waffle/blob/master/Docs/tomcat/TomcatSingleSignOnValve.md This works great for my web browsers which have built-in support. Now I'm trying to write a Java client application. The documentation I've come across either involves using credentials (not desired) or leveraging SSPI and manually exchanging the 3 messages between server and client. http://hc.apache.org/httpcomponents-client-4.3.x/ntlm.html http://code.dblock.org/pure-java-waffle http://larryboymi.blogspot.com/2012/03/in-my-last-post-i-had-successfully-used.html Are there any better references or examples out there for using SSPI with httpclient? I'd like to avoid Kerberos because it requires: 1) Windows registry change, 2) SPN, 3) login.conf, 4) krb5.ini, 5) user session key, and sometimes 6) keytab. Will httpclient improve support for SSPI or any other means to achieve SSO from Java client applications? Are there other non-commercial solutions (i.e. not Jespa)? Thanks, Justin --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
