1 Reply Latest reply on Jun 2, 2006 11:16 AM by senthilid14

Negotiate Authentication SPNEGO Runtime Settings

senthilid14 May 31, 2006 5:45 AM

Hi,

I want to use Negotiate Authentication, (silent authentication, ie my windows login credentials should be automatically silently taken to jboss)

I read wiki page(http://wiki.jboss.org/wiki/Wiki.jsp?page=NegotiateKerberos)

I want to run that sample application, I need the runtime settings information, who already run please help me

Can I run from my home pc ?(i have windows 2000 server and Internet connection)

Or Do I need really 2 comptuers (one with windows 2000 server, and one with windows xp)? (i can try in my office)

JDK 1.4 or JDK 1.5 ?

what values i have to give for domainController (ip address of windows 2000 server?)

and for defaultDomain(suppose i created domain like MYDOMAIN.LOCAL, so i have to give MYDOMAIN or MYDOMAIN.LOCAL ?)

give me some links, so that i can understand what is spnego, and working things behind

thanks

1. Re: Negotiate Authentication SPNEGO Runtime Settings

senthilid14 Jun 2, 2006 11:16 AM (in response to senthilid14)
Thanks a lot to Jochen, I am slowly understanding Negotiate Authentication.

I am able to run Negotiate Authentication, I have Win XP workstation which is in Win 2000 Domain. My workstation is in India, our Win 2000 Domain Controller is in Toronto.

So I could not see what are groupnames given to my username, I know every username in Active Directory will have a group called Domain Users, so I mentioned this as role-name in my web.xml and used the following code to display other group names(alloted for me)

<% out.println(request.getRemoteUser()); Subject userSubject=(Subject)PolicyContext.getContext("javax.security.auth.Subject.container"); out.println("<br>"+userSubject); %>

Wiki page says you have to replace <attribute...>WebCallbackHandler line with <attribute...>AdvancedWebCallbackHandler line. But there is no line as <attribute...>WebCallbackHandler. I just added the <attribute...> line for AdvancedWebCallbackHandler

I am able to run on JBoss 4.0.2 with JDK 1.5. If I am trying to run on JDK 1.4.2, I am getting the following exception

14:52:17,665 ERROR [CoyoteAdapter] An exception or error occurred in the container during the req uest processing java.lang.NoClassDefFoundError: jcifs/ntlmssp/Type3Message at org.jboss.web.tomcat.security.HttpServletRequestResponseValve.authenticate(HttpServlet RequestResponseValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:446) at org.jboss.web.tomcat.security.HttpServletRequestResponseValve.invoke(HttpServletReques tResponseValve.java:70) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http 11Protocol.java:744) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:11 2) at java.lang.Thread.run(Thread.java:534)

Please Let me know if anybody is able to run with JBoss 4.0.2 and JDK 1.4.2

But our project is on JBoss 3.2.3 (Porting into 4.0.2 will happen at 2007). But I have to implement Negotiate Authentication within one or two weeks time. Is there any solution which can run on JBoss 3.2.3, And it should be free. I have to do this for Websphere, Weblogic, SAP Netweaver also.

If anyone is able run this(Negotiate Authentication) on JBoss 3.2.3, please tell me

Thanks
Actions