SSO with NTLM on spring-security 2.0 snapshot

[ariel.araza]

Hi,

Has anyone tested on the above setup? I followed the JIRA ticket mentioned in http://www.researchkitchen.co.uk/blog/archives/55 and it finally pointed me to

http://acegisecurity.sourceforge.net/nightly/

which has the binaries but not the documentations. Is the latest SNAPSHOT of spring-security 2.0 already useable?

Regards

[Luke Taylor]

It depends on your definition of "usable". If you like exploring new code and features without any guarantees then yes. If you have limited understanding of the technologies or are looking for guaranteed stability, no bugs and step-by-step tutorials, then no.

The NTLM authentication is an external contribution and, as you can see from the issue, it has developed over many iterations over an extended period

http://opensource.atlassian.com/proj...g/browse/SEC-8

In my opinion, it's a great example of the user community getting together to make things work in a constructive way, without any prior demands or expectations. I haven't used it myself and one of the problems with testing it is that NTLM is a proprietary technology and you need a Windows domain controller to authenticate against (which I don't have). From the discussion and comments, it seems obvious that plenty of people have used it though.