Link o' the Day: Java/Active Directory/Kerberos/SPNEGO summary

Posted on April 19, 2010 by Tommy McGuire
Labels: authentication, protocols, link, active directory, java
In my experience, getting java apps (tomcat-linux) talking to an AD is not too difficult.

Until somebody says, "hey, we should integrate this with Windows Unified Authentication/SPNEGO so that instead of using a login screen, the brower uses the Windows domain session to automatically log in the user. That can't be so difficult, right?"

That way lies dark, dark Kerberos magic. And madness. And despair. Do not tread that path.
Thanks, Del.
active directory applied formal logic ashurbanipal authentication books c c++ comics conference continuations coq data structure digital humanities Dijkstra eclipse virgo electronics emacs goodreads haskell http java job Knuth ldap link linux lisp math naming nimrod notation OpenAM osgi parsing pony programming language protocols python quote R random REST ruby rust SAML scala scheme shell software development system administration theory tip toy problems unix vmware yeti
Member of The Internet Defense League
Site proudly generated by Hakyll.