single sign on recommendations

We build a J2EE-Windows based enterprise solution.
We want a system where the user when signing on to his windows machine also logs on to his desktop through Single Sign on and active directory. The catch is we would also like the active directory information to propogate internally in our system to be used later for authenticating file shares etc.. from within our J2EE system.
Any ideas on how this can be done?

Anon
Tuesday, June 22, 2004

You  need your J2EE to play nice with delegation. A quick websearch turned up http://www.wedgetail.com/jcsi/sso/ .

Just me (Sir to you)
Tuesday, June 22, 2004

Please clarify your use of J2EE.  Is your system a browser-presented application, or do you have software running on the user's workstation too?

Miguel
Tuesday, June 22, 2004

I also built a J2EE Enterprise Solution! It kicks ass!

Season 3 was cool
Tuesday, June 22, 2004

Not single sign on, but we would have the users login to the web app and it would authenticate against the windows active directory as an LDAP look-up. Our goal was to minimize the number of login and passwords to remember, not the number of times they login. Having to login a few times extra per week does not make ROI on the massive SSO investment.

m
Tuesday, June 22, 2004

IBM has a "new" technology for Single SignOn,  EIM, Enterprise Identity Mapping, some related to "Kerberos".
you can found more info in
www.ibm.com/servers/eserver/security/eim/

Guillermo
Wednesday, June 23, 2004

  Recent Topics

  Fog Creek Home