0

I have requirement to implement SSO Authentication and validate user with LDAP / AD server in our web application. The web application is made using Spring (Java) / Hibernate and application server is Jboss in UAT and Websphere in Production.

I am searching for some good and easy solution that can help me to implement it and heard from couple of friends Waffle is good solution, however after searching on net and trying since past few days am unsure if I am heading in right direction. I am naive in this area, so asking some basic questions to the masters here.

1. Can Waffle help in this case? I mean, I got confused as couple of links that I read said that Waffle only helps in Java based application, but not Web application.

2. If answer to above is Yes, is there some example that I can refer to? I am not sure how to pass identity information from client to server and then validate it with the LDAP / AD.

3. If answer to point 1 is No, any other solution that you can recommend?

Thanks a lot in advance :)

vnkotak
  • 129
  • 4
  • 14

1 Answers1

0
  1. Yes, Waffle can help in this case; it can be used for web applications, see for example here:

https://github.com/Waffle/waffle/blob/master/Docs/tomcat/TomcatSingleSignOnValve.md

Waffle is useful for this reason: "(it) allows users to browse to a Windows intranet site without having to re-enter credentials"

Waffle seems to fit your requirements. It works with various versions of Tomcat application server.

  1. from the same link before, see Waffle Authenticator Demo
mrtexaz
  • 663
  • 7
  • 22
  • Thank you @mrtexaz, While I started implementing the created NegotiateSecurityFilterProvider and other configuration as suggested in Waffle documentation, however I am not getting any information from the browser in the request. I mean the Security Package or Authorization header. Any clue, what I might be doing wrong or is there any setup that needs to be done in Browser end to pass such information? Thanks :) – vnkotak Sep 25 '17 at 11:38
  • what browser are you using? I would try Internet Explorer with the pc being part of a windows domain. But it would be best to see all the log files, to undestand the issue. Set waffle.apache.NegotiateAuthenticator.level = FINE in tomcat configuration. – mrtexaz Sep 26 '17 at 12:48