This might be an area for NTLM authentication -- MS specific but quite
widely supported by browsers.
Using IE if a site says it needs authentication and says it wants it via
NTLM then IE will automatically send the users credentials from the
workstation (at least for intranet sites - for the internet this would
allow external hackers to get hold of the user name though the password
is not accessible).
jCifs is an open source site that has implementations of this
http://jcifs.samba.org/src/docs/ntlmhttpauth.html
The link above starts:
JCIFS NTLM HTTP Authentication
A common requirement of websites on corporate Intranets is NTLM HTTP
authentication also sometimes referred to as Single Sign On (SSO).
Microsoft Internet Explorer has the ability to negotiate NTLM password
hashes over an HTTP session using base 64 encoded NTLMSSP messages. This
is a staple feature of IIS but Java application servers too can use
jCIFS to authenticate MSIE clients against a domain controller. This is
a useful feature because many of the tasks surrounding user management
now fall back to computer support and HR. It is not necessary to add and
remove users as they join and leave the company. Perhaps most important
from a user's perspective; they do not need to enter a username or
password if their workstation is a member of the domain. The password
hashes generated when they logged on to their workstation will be
negotiated during the initial request for a session, passed through
jCIFS, and validated against a PDC or BDC. This also makes the users
domain, username, and password available for managing session
information, profiles, preferences, etc. Using the jCIFS Servlet Filter
it is trivial to add NTLM HTTP authentication support to your site. It
is also possible to build custom authentication modules using the
NtlmSsp classes directly. This Filter scales very well primarily because
sessions are multiplexed over transports. But this functionality is not
without caveats.
--
Best wishes
John Burgess
Risk Decisions Limited
Buchan House
Parkway Court
Oxford Business Park South
OX4 2JY
T: 01865 718666
F: 01865 718600
M: 07984 863890
E: [EMAIL PROTECTED]
W: http://www.riskdecisions.com
----- Original Message -----
*From:* "Wong, Emmanuel \(Sam\)" <[EMAIL PROTECTED]>
*To:* "MyFaces Discussion" <[email protected]>
*Sent:* 09/02/2007 1:11:43 PM +0000
*Subject:* How to create and config a life scyle bean for automatic
authenticate username and password when user open a browser on window XP?
Hi:
Do anyone knows how to create and config JSF to have a life
cycle bean that is initial active when JBOSS is started? For Example:
When user login into their Win XP workstation, I would grab his
creditenal username and password from his workstation, then I open a
URL for my application. My application will not need to have a login
page and able to triger the authericatal method that I created. Thanks.
