|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Authentication againts ADSDear members,
I need some inputs for the following scenario: (1) the java application (JAPP) running on Windows XP, which is part of an NT-Domain (2) the user (USER) on this box is logged in the NT-Domain (3) the JAPP access a server (SERVER) via HTTP / HTTPS (4) the SERVER should be authenticate the USER againts ADS without requiring password from USER ans without using Kerberos. Is there any way ? Perhaps using NTLM ? Thanks in advance, Michel On Oct 2, 2:20 am, Michel777 <Michel***@discussions.microsoft.com>
wrote: Show quoteHide quote > Dear members, The Java Application is no different than a BROWSER in this case and> > I need some inputs for the following scenario: > > (1) the java application (JAPP) running on Windows XP, which is part of an > NT-Domain > (2) the user (USER) on this box is logged in the NT-Domain > (3) the JAPP access a server (SERVER) via HTTP / HTTPS > (4) the SERVER should be authenticate the USER againts ADS without requiring > password from USER ans without using Kerberos. > > Is there any way ? Perhaps using NTLM ? > > Thanks in advance, > > Michel is able to authenticate the user to the server automatically using any authentication protocol that you see working with normal browsers. However, it is the user application's responsibility to do the auto- logon to the server. There is no such thing as "the server should be authenticate the user against ADS without requiring password". Servers have no magic. The client is always responsible for [pre]authenticating to the server. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // On Oct 2, 2:20 am, Michel777 <Michel***@discussions.microsoft.com>
wrote: Show quoteHide quote > Dear members, The Java application is no different than a Web Browser in your> > I need some inputs for the following scenario: > > (1) the java application (JAPP) running on Windows XP, which is part of an > NT-Domain > (2) the user (USER) on this box is logged in the NT-Domain > (3) the JAPP access a server (SERVER) via HTTP / HTTPS > (4) the SERVER should be authenticate the USER againts ADS without requiring > password from USER ans without using Kerberos. > > Is there any way ? Perhaps using NTLM ? > > Thanks in advance, > > Michel scenario. Anything you observe the web browser can do, you can re- implement in your Java application using standard, open protocols and APIs. FYI: There is no such thing as what you want in #4. The server always requires authentication. The issue is whether the web client is able to automatically provide it. If the web client (i.e. Java application) fails to do so, then some form of authentication prompt has to be raised to the user. //David http://w3-4u.blogspot.com http://blogs.msdn.com/David.Wang // Hi David,
thanks a lot. In our case ois teh server also our product. The main question is, how to send the the three parameters to the domain controller for the authentication. See step 5 in document: http://msdn.microsoft.com/en-us/library/aa378749.aspx# Thnak s alot in advance, laszlo Show quoteHide quote "David Wang" wrote: > On Oct 2, 2:20 am, Michel777 <Michel***@discussions.microsoft.com> > wrote: > > Dear members, > > > > I need some inputs for the following scenario: > > > > (1) the java application (JAPP) running on Windows XP, which is part of an > > NT-Domain > > (2) the user (USER) on this box is logged in the NT-Domain > > (3) the JAPP access a server (SERVER) via HTTP / HTTPS > > (4) the SERVER should be authenticate the USER againts ADS without requiring > > password from USER ans without using Kerberos. > > > > Is there any way ? Perhaps using NTLM ? > > > > Thanks in advance, > > > > Michel > > > The Java application is no different than a Web Browser in your > scenario. Anything you observe the web browser can do, you can re- > implement in your Java application using standard, open protocols and > APIs. > > FYI: There is no such thing as what you want in #4. The server always > requires authentication. The issue is whether the web client is able > to automatically provide it. If the web client (i.e. Java application) > fails to do so, then some form of authentication prompt has to be > raised to the user. > > > //David > http://w3-4u.blogspot.com > http://blogs.msdn.com/David.Wang > // > 
Other interesting topics
IIS 6 Integrated Security....risks??
IIS requiring authentication Kerberos Configured, but occasionally users login using NTLM The 'Source' permission for WebDAV in IIS 7.0 SQL injection attempt IIS 6 <domain>\<user> vs <user>@<domain> URLScan a single site? Requiring Logon Want IIS5 ASP page to read data on another server IIS 7 Windows Authentication - Setting Default Domain For Remote U |
|||||||||||||||||||||||
