Jan 6th, 2010, 10:54 AM
Spring Security 3 + NTLM no longer supported?
According to SEC-1087, it looks like NTLM is not supported with Spring Security 3.
There is the JCIFS library (who seem to recommend Jespa, though it has a cost associated with it). But does the community here have any thoughts on the best approach for enabling integrated windows domain authentication?
I have an ldap based (using spring security 3) authentication working, but in our enterprise all the IIS based webapps are already single sign on and that will also be required for our tomcat based webapps.
Jan 6th, 2010, 10:57 AM
... aaand I just stumbled across this previous post
Jan 6th, 2010, 11:08 AM
I believe the Kerberos extension is the recommended approach, then, correct?
Mar 21st, 2010, 04:37 PM
If you can't use Kerberos, you can try the spring-security-ntlm extension that I build using 2.0.5 code. I migrated the code to work with the last version (3.0.2) of spring security.
This extension works for spring security 3.0, more information here:
Tags for this Thread