I had come across that in my search too. However, it talks about putting libraries in the web app. If I'm going to do that I will use waffle - which works by the way. I want to use libraries already in jboss 7 modules. If I cannot do simple NTLM to get the windows login using libraries jboss comes with then I would like to add waffle to jboss as a new module. I had some but not complete success with that.

My main problem in using supplied jboss libs is:  I don't fully know how. I don't want to set up a security domain.

I'm comparing this to waffle which uses NTLM negotiation. With it you put the libs in the web app, set up a filter and create jave code to get the login.

I want waffle-like functionality using supplied jboss libs. No kerberos, just NTLM.

Part of the problem is I don't know enough about it to know exactly what I need.

I found libs in \modules\org\jboss\security\negotiation\main\ that look like what I want.

jboss-negotiation-common-2.2.0.SP1.jar

jboss-negotiation-ntlm-2.2.0.SP1.jar

But I don't know if/how I can set up a filter in the web app and get the windows login via ntlm.

Picketbox and picketlink are even more mysterious to me - never heard of them before.

So, given that I only want the windows login using NTLM:

My first question is: Which jboss libraries to use.

Second is how to use them.

For others interested, I gave up on using jboss supplied libraries for now.

I was able to set up waffle ntlm as a jboss module. So now the waffle jars are in jboss and not in every web application that uses it.

The hardest part was figuring out the dependencies in module.xml. In short do this:

• under \modules\ add waffle\main
• put waffle files in main folder:
  • jna.jar
  • platform.jar
  • waffle-jna.jar
• in main create file: module.xml

<module xmlns="urn:jboss:module:1.1" name="waffle">

    <resources>

        <resource-root path="waffle-jna.jar"/>

        <resource-root path="jna.jar"/>       

        <resource-root path="platform.jar"/>       

    </resources>

    <!-- quava is already on jboss so just point to it. -->

    <!-- commons logging is sort of on jboss so just point to it. -->

    <!-- It actually points to org.slf4j.jcl-over-slf4j. -->                       

    <dependencies>

        <module name="javax.servlet.api"/>   

        <module name="com.google.guava"/>   

        <module name="org.apache.commons.logging"/>

        <module name="sun.jdk"/>

    </dependencies>

</module>

• Edit \modules\sun\jdk\main\module.xml

<dependencies>

        <system export="true">

            <paths>

          Add this

          <path name="javax/security/auth"/>

At this point you can use waffle ntlm in the usual way with a filter in web.xml and a class to get the login name.