[英]How can I check if user has alread logged in into Windows Active Directory
I've got a problem and since I am new to login/authentication stuff, I do not have clear vision about where to find the answer. 我遇到了问题,由于我不熟悉登录/身份验证,因此我对在哪里找到答案没有明确的认识。
Here is the issue: 这是问题:
I am going to create webapp ( jsf with primefaces + ejb3 ) which allows users be logged into it without login dialog - which means, that all the auth info, about user's roles, groups etc must be gathered from Active Directory. 我将创建一个webapp(带有primefaces + ejb3的jsf),该应用程序允许用户无需登录对话框即可登录到该应用程序-这意味着必须从Active Directory中收集有关用户角色,组等的所有身份验证信息。 How can I get that ? 我该怎么办? How can I get users info, if user did not provide at least his or her user name ? 如果用户至少没有提供他或她的用户名,我如何获得用户信息? What about I must ask Active Directory domain? 我必须问Active Directory域怎么办?
Can somebody provide if not working one than at least pseudo-code? 如果没有工作,有人可以提供至少伪代码吗?
If you are talking about Windows systems, Microsoft offers two protocols that are able to do SSO (Single Sign On), which is what you are looking for: NTLM and SPNEGO (a variant of Kerberos). 如果您在谈论Windows系统,Microsoft提供了两种能够执行SSO(单点登录)的协议,这就是您要寻找的协议:NTLM和SPNEGO(Kerberos的一种变体)。
The answer to your question depends a bit on the operating system your application will run on. 问题的答案取决于您的应用程序将在其上运行的操作系统。 If that is Windows, then there are a couple of options that use the Windows API to make it a lot easier. 如果是Windows,那么有几个使用Windows API的选项使其变得更加简单。 ( mod-auth-sspi , Waffle ) ( mod-auth-sspi , 华夫格 )
If you are running other systems, you have to use libraries that provide the whole stack like Jespa , modauthkerb or others. 如果您正在运行其他系统,则必须使用提供整个堆栈的库,例如Jespa , modauthkerb或其他。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.