Hi Garoad, I believe Shiro can support this use case without too much effort, but I'm not sure that it exists in Shiro at the moment. There is Active Directory integration already, but how would that differ from your requirements? What would the communication workflow look like (starting w/ the end-user's login to their Windows PC)?
Thanks, -- Les Hazlewood Founder, Katasoft, Inc. Application Security Products & Professional Apache Shiro Support and Training: http://www.katasoft.com On Sun, Apr 3, 2011 at 1:17 PM, Garoad <[email protected]> wrote: > Is there a way to use Shiro to integrate with the user's regular Windows > Active Directory domain account? > > In other words once they log into their Windows PC, they should get access > to a Shiro/Java web application without entering their credentials a second > time. Preferably it would also be possible to have the application's > database store the username of the user (along with role/authorization info > for that user), used to determine whether they actually have access to the > application. > > There doesn't seem to be any (much) info about SSO w/Shiro out there at all, > and the info that is out there seems to be a different type of solution (no > integration w/Windows AD domain). But something that meets the requirements > I specify above would pretty much be the 'holy grail' of security solutions > in my environment. Is this worth pursuing w/Shiro or should I look > elsewhere? > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/SSO-with-a-Windows-domain-tp6236647p6236647.html > Sent from the Shiro User mailing list archive at Nabble.com.
