HI,

Has anyone successfully configured JAAS security, using AD to store users and roles/groups, with single sign-on from Internet Explorer? Our goal is to free the user from any login screens after they successfully have logged in to the Windows domain.

We're talking about a J2EE application, with JSF frontend and EJB3 backend. We're using JBOSS 4.0.4.

If we're just using LdapLoginModule, the user will have to acknowlege their user credentials when accessing the application - that's where jCIFS comes into play!

To free the user som entering any username and password, after successfully login to the Windows domain, we use jCIFS, which validates the user againt the domain controller. But jCIFS doesn't retrieve the users roles from the AD behind the domain controller.

How can we achieve our goal? Can we somehow integrate ex. jCIFS with a LdapLoginModule. Does anyone have some experience with such a setup?

Regards
Jacob Boje