Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows Server 2003Windows 2000Windows NTSmall Business ServerVirtual ServerExchange ServerIISHost Integration ServerISA ServerSMSWSUSMOMWindows Media ServerSecurityCertification
Related Topics
SQL ServerMS WindowsMS OfficePC HardwareMore Topics ...
Windows Server Forum / IIS / IIS Security / October 2008

Tip: Looking for answers? Try searching our database.

Authentication againts ADS

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Michel777 - 02 Oct 2008 10:20 GMT
Dear members,

I need some inputs for the following scenario:

(1) the java application (JAPP) running on Windows XP, which is part of an
NT-Domain
(2) the user (USER) on this box is logged in the NT-Domain
(3) the JAPP access a server (SERVER) via HTTP / HTTPS
(4) the SERVER should be authenticate the USER againts ADS without requiring
password from USER ans without using Kerberos.

Is there any way ? Perhaps using NTLM ?

Thanks in advance,

Michel
Reply to this Message
David Wang - 04 Oct 2008 09:11 GMT
On Oct 2, 2:20 am, Michel777 <Michel...@discussions.microsoft.com>
wrote:
> Dear members,
>
[quoted text clipped - 12 lines]
>
> Michel

The Java Application is no different than a BROWSER in this case and
is able to authenticate the user to the server automatically using any
authentication protocol that you see working with normal browsers.

However, it is the user application's responsibility to do the auto-
logon to the server. There is no such thing as "the server should be
authenticate the user against ADS without requiring password". Servers
have no magic. The client is always responsible for
[pre]authenticating to the server.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
Reply to this Message
David Wang - 05 Oct 2008 10:57 GMT
On Oct 2, 2:20 am, Michel777 <Michel...@discussions.microsoft.com>
wrote:
> Dear members,
>
[quoted text clipped - 12 lines]
>
> Michel

The Java application is no different than a Web Browser in your
scenario. Anything you observe the web browser can do, you can re-
implement in your Java application using standard, open protocols and
APIs.

FYI: There is no such thing as what you want in #4. The server always
requires authentication. The issue is whether the web client is able
to automatically provide it. If the web client (i.e. Java application)
fails to do so, then some form of authentication prompt has to be
raised to the user.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//
Reply to this Message
Michel777 - 07 Oct 2008 16:53 GMT
Hi David,

thanks a lot. In our case ois teh server also our product. The main question
is, how to send the the three parameters to the domain controller for the
authentication. See step 5 in document:

http://msdn.microsoft.com/en-us/library/aa378749.aspx#

Thnak s alot in advance,

laszlo

> On Oct 2, 2:20 am, Michel777 <Michel...@discussions.microsoft.com>
> wrote:
[quoted text clipped - 30 lines]
> http://blogs.msdn.com/David.Wang
> //
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.