If you can require that your users use IE, then you could conceivably
implement true NTLM authentication on the server side. (IE is the only
browser - that I'm aware of, at least - that supports NTLM authentication.)
Although this would not fall under your preference for a straightforward
solution, it would be secure.
Unless someone has already implemented a Java wrapper for the NTLM
authentication mechanism, you'd have to start by using JNI to get that part
done. This would involve some rather arcane parts of the NT API, but it
shouldn't be that hard. Then, on top of that, you would implement the NTLM
handshake using the HTTP authentication/authorization headers.
To be honest, I'm not sure if this would really work, since I'm not sure of
the details of how the authentication mechanism, the web server, and the
servlet container interact. But if its possible for a servlet to implement
its own authentication scheme, then this should be a viable solution.
--
Martin Cooper
Tumbleweed Communications
----- Original Message -----
From: "Paul Nadler" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, September 12, 2000 12:57 PM
Subject: An equivalent to "trusted connection"?
> Folks -
>
> Does anyone know a way (preferably a straightforward way) for JSP code to
pick
> up the user's NT Login via the browser? We'd like our servers to know the
user's
> network login ID without the user having to log in to the browser. (In
other
> words, we'd like to create something akin to a "trusted connection").
>
> Thanks.
>
> Paul Nadler
>
**************************************************************************
> The information contained herein is confidential and is intended solely
> for the addressee(s). It shall not be construed as a recommendation to
> buy or sell any security. Any unauthorized access, use, reproduction,
> disclosure or dissemination is prohibited.
>
> Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates
> shall assume any legal liability or responsibility for any incorrect,
> misleading or altered information contained herein.
>
**************************************************************************
>
>
>
>
> **************************************************************************
> The information contained herein is confidential and is intended solely
> for the addressee(s). It shall not be construed as a recommendation to
> buy or sell any security. Any unauthorized access, use, reproduction,
> disclosure or dissemination is prohibited.
> Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates
> shall assume any legal liability or responsibility for any incorrect,
> misleading or altered information contained herein.
> **************************************************************************
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
