Link o' the Day: Java/Active Directory/Kerberos/SPNEGO summary
Posted on April 19, 2010 by Tommy McGuireamatriain:
In my experience, getting java apps (tomcat-linux) talking to an AD is not too difficult.Thanks, Del.
Until somebody says, "hey, we should integrate this with Windows Unified Authentication/SPNEGO so that instead of using a login screen, the brower uses the Windows domain session to automatically log in the user. That can't be so difficult, right?"
That way lies dark, dark Kerberos magic. And madness. And despair. Do not tread that path.