Transparent authentication via LDAP

[dsukharev]

Hello, guys.
I need your advice.
I have an Vaadin application with an internal authentication machanism. Each user should enter username/password in the application login form to be logged in.
But now we want to add some global authentication mechanism for a transparent authentication without prompting username/password. The point is..if user already logged in into AD domain or already authenticated on the LDAP server, he shouldn't enter any username/password again and we can trust him.
Is there a universal solution for different operaing systems(UNIX,Windows) and differnet LDAP servers(AD, OpenLDAP). Can I use SpringSecurity in order to implement this?

Thanks.

[thobson]

You would want to use kerberos/spnego for this. There is an spring project for this but I'm not sure how well maintained it is. We're currently implementing Active Directory support for our single sign on platform but in our case we decided to go for a Windows based gateway which acts as a mediator between our platform and AD. We found this was a lot less painful than trying to use a java based solution.