I have built spring web application by using spring security module for authentication and authorization functionality along with LDAP. Now I am planning to implement kerberos based authentication using spring security module and perform windows based authentication. Is it feasible to use kerberos for web applications. I am totally new to this kerberos and how its going to fit in web application architecture.
Asked
Active
Viewed 795 times
0
-
A search for `Kerberos spring security` on StackOverflow returns 213 results. Including this post, and some other posts that got no answer either; but I'm sure you will find some clues in there... – Samson Scharfrichter Mar 30 '17 at 21:54
1 Answers
0
Yes, it is feasible to implement Kerberos for web applications.
http://spnego.sourceforge.net/
This opensource library performs SSO without a username/password prompt.
It can also get groups/roles from LDAP...
"the javax.servlet.http.HttpServletRequest API is an interface that defines the method named getRemoteUser, in addition the API defines the method named isUserInRole. The SPNEGO Library also implements both of these methods"
Pat Gonzalez
- 249
- 2
- 7