In an enterprise applications, how to seamless sign in to application without login page by reading the windows AD credentials using Spring boot and React.
Ex: if i login to my desktop using organisation AD credentials, can my spring boot react application read that and auto sign in with out login popup?
Yes that is possible. There are few necessary steps you need to perform.
Whenever user hits the application url, check Authorization header and verify if the kerberos ticket is present.
If the ticket is not present, respond with http header WWW-Authenticate and value Negotiate. Make sure the http status should be SC_UNAUTHORIZED(401). (note: usually spring kerberos filters should do it for you. If you are not using Spring kerberos filters, then you have to do this negotiation manually as stated above.
When browser receives this response, it understands that the application requires kerberos token. To ensure that the browser sends the kerberos token, trust the application url in browser settings. Check this link for exact steps.
Once browser sends the kerberos token, use Spring Secuiryt Kerberos libraries to accept the token and extract user principal out of it.
