Does form spider support single sign on integration with windows authentication? If so, how? My intended use is be able to use formspider for a few in-house apps and our standard is to leverage the authenticated user credentials from an windows AD domain. I think I get the LDAP approach for the authorization and direct authentication but the preference is to use a passthrough authentication from the users host OS. (Kerberos, NTLM?)

Thoughts?

Thanks

asked 19 Sep '14, 17:32

Grant%20Orr's gravatar image

Grant Orr
113
accept rate: 0%


Hi Grant,

Formspider uses Java Servlets. The steps to make it use Windows AD authentication (from the user's host OS) is not different from configuring any Java based web application. Once the application server (Tomcat, Glassfish, Weblogic etc...) is set up correctly, Formspider has an API called api_session.getRemoteUserName that you can use to find out the connected OS user.

I found a couple of libraries on the Internet that may help you to set up your application server. I haven't tried them personally but I suppose they are good ways to start.

http://spnego.sourceforge.net/

https://github.com/dblock/waffle

Hope this helps.

Kind Regards,
Yalim

link

answered 20 Sep '14, 03:03

Yalim%20Gerger's gravatar image

Yalim Gerger ♦♦
1.8k5
accept rate: 15%

edited 20 Sep '14, 03:07

FUNCTION login_ldap(ip IN VARCHAR2, port IN NUMBER, domain_name IN VARCHAR, user_name IN VARCHAR, user_pass IN VARCHAR2) RETURN BOOLEAN IS l_session DBMS_LDAP.session; l_retval PLS_INTEGER; BEGIN l_session := DBMS_LDAP.init(hostname => ip, portnum => port);

l_retval := DBMS_LDAP.simple_bind_s(ld     => l_session,
                                    dn     => domain_name || '\' ||
                                              user_name,
                                    passwd => user_pass);
l_retval := DBMS_LDAP.unbind_s(l_session);

IF l_retval = DBMS_LDAP.success THEN
  RETURN TRUE;
ELSE
  RETURN FALSE;
END IF;

EXCEPTION WHEN OTHERS THEN RETURN FALSE; END;

link

answered 23 Sep '14, 09:25

lezgin's gravatar image

lezgin
71423
accept rate: 0%

alt text

link

answered 23 Sep '14, 09:34

lezgin's gravatar image

lezgin
71423
accept rate: 0%

Thanks Lezgin but I am looking for passthrough auth (silent) where the app recognizes the authenticated user against the AD domain through their OS. The idea is that the user should not have to enter their username and password as they had previously authenticated when they logged onto their device.

(23 Sep '14, 15:43) Grant Orr

did anyone get anywhere with this? I'm going to have to implement something like ths in the near future, passthrough auth that Grant Orr mentioned about

(09 Mar '15, 11:48) apacheuk

Glassfish server might be used for that with snpego as per above:

http://spnego.java.net/documentation/getting_started.html http://docs.oracle.com/javaee/6/tutorial/doc/bnbxj.html http://blogs.technet.com/b/askds/archive/2008/03/06/kerberos-for-the-busy-admin.aspx http://blogs.technet.com/b/askds/archive/2008/05/29/kerberos-authentication-problems-service-principal-name-spn-issues-part-1.aspx

http://blogs.nologin.es/rickyepoderi/index.php?/archives/74-SPNEGOKerberos-in-JavaEE-spnego.java.net.html

What you're asking is kerberos auth, not ldap (might be a failover tho), and that my friend is not easy with any appl. Hint: you can't even test the auth with krb on the same box hosting browser and glassfish. Good luck.

link

answered 17 Mar '15, 03:55

downunder's gravatar image

downunder
613
accept rate: 0%

edited 17 Mar '15, 04:00

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×3
×2

Asked: 19 Sep '14, 17:32

Seen: 2,244 times

Last updated: 17 Mar '15, 04:00


© Copyright Gerger 2017