2

My team and I are trying to add a single-sign-on functionality, to our Spring Web App, but we could not find a good solution for this. The authentication will be done against the client companies Active Directory.

What we want to accomplish is the following: After a user logs in, using his username and password, in his Windows Workstation, he would be able to directly access our web-app without any need to enter his credentials again. The problem we are facing is that we don't know how (or if its even possible) for the front-end client app to automatically retrieve the credentials from Windows and send them to the server.

In short, is there a way for any browser to retrieve a users Active Directory credentials in a trusted manner? Or are we going about this problem in the wrong way?

Note: (if this matters) We offer our app on premise and in cloud. We need this to work for both solutions.

Mihai Ciully
  • 49
  • 1
  • 6
  • Possible duplicate of [Is it possible to authenticate javascript username password with Active Directory?](https://stackoverflow.com/questions/38305071/is-it-possible-to-authenticate-javascript-username-password-with-active-director) – olinox14 Jun 27 '19 at 14:23
  • Have a look at [Integrated Windows Authentication](https://en.wikipedia.org/wiki/Integrated_Windows_Authentication). Maybe that's what you're after. Quote: "Integrated Windows Authentication works with most modern web browsers, but does not work over some HTTP proxy servers." (the proxy part might be a problem for the cloud deployment - depending on the exact requirements and environment). – Thomas Jun 27 '19 at 14:30
  • Have you looked at using Spring Security to achecive this? [Reference for using Spring Security to achieve SSO with AD as master](https://stackoverflow.com/questions/17973579/how-to-implement-single-sign-on-using-spring-and-active-directory) – Vanitha Kumar Jun 27 '19 at 14:43
  • this https://stackoverflow.com/questions/33257969/windows-ad-single-sign-on-using-javascript-and-node has a solution that doesn't even require any special configuration except writing the nodejs script and including the lib. It simply works. – Emmanuel Mahuni Feb 02 '20 at 04:25

0 Answers0