Java/WebLogic 应用程序中的集成 Windows 身份验证 (NTLM)?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4751157/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Integrated Windows Authentication (NTLM) in a Java/WebLogic app?
提问by frankadelic
Our team built a WebLogic intranet site. Users currently must type in their Active Directory login/password to access the site.
我们的团队构建了一个 WebLogic 内部网站。用户目前必须输入他们的 Active Directory 登录名/密码才能访问该站点。
Since most of our users are already logged in to the domain, we would like to use Integrated Windows Authentication so users do not have to re-type their login password.
由于我们的大多数用户已经登录到域,我们希望使用集成的 Windows 身份验证,这样用户就不必重新输入他们的登录密码。
I have done this with .NET applications hosted on Windows/IIS. However, this app is built in WebLogic/Java and is hosted on RedHat Linux.
我已经使用托管在 Windows/IIS 上的 .NET 应用程序完成了这项工作。但是,此应用程序是用 WebLogic/Java 构建的,并托管在 RedHat Linux 上。
Is there a step-by-step guide or prototype application available?
是否有分步指南或原型应用程序可用?
(Please assume for this question that we are standardized on Internet Explorer browser.)
(对于这个问题,请假设我们在 Internet Explorer 浏览器上是标准化的。)
回答by morja
Have a look at jcifs. Although its mechanism is deprecated (it does not support NTLMv2) its still working in my projects. You might have to use an older version. They recommend to use jespa, but its not free.
看看jcifs。尽管它的机制已被弃用(它不支持 NTLMv2),但它仍在我的项目中工作。您可能必须使用旧版本。他们建议使用jespa,但它不是免费的。
There is also spnego, it has a filter too. And tomcatspnego. But I dont know how easy they are to use.
还有spnego,它也有一个过滤器。和tomcatspnego。但我不知道它们使用起来有多容易。
Wafflelooks also interesting.
华夫饼看起来也很有趣。
Here is another answer with some details: Authenticating against Active Directory with Java on Linux
这是另一个包含一些细节的答案:在 Linux 上使用 Java 对 Active Directory 进行身份验证
So far I have only used jcifs, so I can not tell you which other option is the best. Apaches HttpClientalso has some capabilities, I used it, but not as SSO in a webapp.
到目前为止,我只使用了 jcifs,所以我不能告诉你哪个选项是最好的。Apaches HttpClient也有一些功能,我使用过它,但不是作为 web 应用程序中的 SSO。
EDIT:
编辑:
I found another project: ntlm-authentication-in-java, but I have not used or tested it yet.
我发现了另一个项目:ntlm-authentication-in-java,但我还没有使用或测试过它。
回答by Peter
Look at this answer, if you use NTLMv1, it gets you the logged in user's username. (does not work with NTLMv2 though..)
看看这个答案,如果您使用 NTLMv1,它会为您提供登录用户的用户名。(虽然不适用于 NTLMv2 ..)
回答by Ravi Pinto
WebLogic supports SPNEGO natively and therefore, you do not need to use workarounds. More documentation is available here - http://docs.oracle.com/cd/E21764_01/web.1111/e13707/sso.htm. You can also refer to this blog article for step-by-step process - http://oraclelabspace.blogspot.in/2012/01/configurining-sso-using-kerberosspnego.html
WebLogic 本身支持 SPNEGO,因此您不需要使用变通方法。此处提供了更多文档 - http://docs.oracle.com/cd/E21764_01/web.1111/e13707/sso.htm。您还可以参考这篇博客文章了解分步过程 - http://oraclelabspace.blogspot.in/2012/01/configurining-sso-using-kerberosspnego.html
