Solved

Active Directory Authentication

Posted on 2003-12-08
9
2,661 Views
Last Modified: 2012-08-14
In ASP I can easily authenticate the user using the IIS feature. In JSP how is this possible ?
0
Comment
Question by:glottis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 19

Assisted Solution

by:Kuldeepchaturvedi
Kuldeepchaturvedi earned 20 total points
ID: 9902428
It depends what kind of authentication you want to perform,
If you want form authentication then you will have to write your own form to accpet user name and password and then you may authenticate it against a database table may be....

Once authentiacted you can put a switch in session to denote a successfull login to the system. every jsp of yours will check this session value before proceeding....

Another option can be tomcat realm authentication. It will require you to change server.xml to store valid users and their roles..

your login form will look something like
<html>
<head>
<title>Login Page for Examples</title>
<body bgcolor="white">
<form method="POST" action='<%= response.encodeURL("j_security_check") %>' >
  <table border="0" cellspacing="5">
    <tr>
      <th align="right">Username:</th>
      <td align="left"><input type="text" name="j_username"></td>
    </tr>
    <tr>
      <th align="right">Password:</th>
      <td align="left"><input type="password" name="j_password"></td>
    </tr>
    <tr>
      <td align="right"><input type="submit" value="Log In"></td>
      <td align="left"><input type="reset"></td>
    </tr>
  </table>
</form>
</body>
</html>

and your tomcat-users.xml will look something like
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="admin"/>
  <role rolename="manager"/>
  <role rolename="role1"/>
  <role rolename="tomcat"/>
  <user username="admin" password="point" roles="admin,manager"/>
  <user username="both" password="tomcat" roles="tomcat,role1"/>
  <user username="role1" password="tomcat" roles="role1"/>
  <user username="tomcat" password="tomcat" roles="tomcat"/>
</tomcat-users>


Another authentication will be NT authentication for which you will have to use JNI features JAAS is also a very good option
check out this URL for more information...
http://java.sun.com/products/jaas/reference/docs/index.html
0
 
LVL 2

Author Comment

by:glottis
ID: 9902496
ill get back onto this question... checking the URL
0
 
LVL 14

Expert Comment

by:kennethxu
ID: 9905080
more information on J2ee web security:
http://www.onjava.com/pub/a/onjava/2001/08/06/webform.html
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Accepted Solution

by:
Plumppudding earned 30 total points
ID: 9905179
You can also authenticate against Active Directory using JNDI

You can download, view code samples and the API from java.sun.com

Here is a part of the code that I wrote in my servlet to authenticate the user against active directory.
   public boolean validateUser(String username, String password) {
        DirContext context = null;
        Hashtable env = new Hashtable();
        env.put (initial_context_factory, (String)Config.getProperty(Config.INITIAL_CONTEXT_FACTORY));
        env.put (provider_url, (String)Config.getProperty(Config.PROVIDER_URL));
        env.put (security_authentication, (String)Config.getProperty(Config.SECURITY_AUTHENTICATION));

        env.put (Context.SECURITY_PRINCIPAL, username);
        env.put (Context.SECURITY_CREDENTIALS, password);

        try {
            context = new InitialDirContext (env);
        } catch (NamingException ne) {
            System.out.println ("Exception: " + ne);
            ne.printStackTrace();
            return false;
        }

        if (context == null) {
            // Invalid user
            return false;
        } else {
            return true;
        }
   }

HTH
Plumppudding
0
 
LVL 2

Author Comment

by:glottis
ID: 9910604
Plumppudding,

Will this example work in every scenario ?
no matter what application server I'm using... etc...

or does it have some specific requirements which I should meet.
0
 
LVL 1

Expert Comment

by:Plumppudding
ID: 9928704
I guess it should as long as JNDI jar is in your classpath. I tried it in tomcat

Plumppudding
0
 
LVL 2

Author Comment

by:glottis
ID: 9935589
oh ok thanks a bunch
0
 

Expert Comment

by:zukeLong
ID: 10156094
Hi,
This solution is fine, but if I am using a popup window for the userid/pwd, (auth-method = BASIC), then how do I capture the password. I understand that the user id can be captured by
getUserPrincipal() or getRemoteUser(). My client does not want a login page. Hence I cannot provide one and filter the password field.
Please help me in this regard.
Thanks in advance!
-Zuke
0
 
LVL 2

Author Comment

by:glottis
ID: 10161405
Am... it would be nice if you would as a seperate question.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question