I have a spring application with a login screen that authenticates credentials that the user has entered with users on our Active Ditectory(using LDAP). However I'd like to add the capability of SSO , specifically with the Windows Credentials that the user has entered upon logging into Windows.
I'm aware that since AD uses Kerberos it wouldn't be such a "hard" task to do and I've found one possible solution as to how to implement it , specifically this guide , with what I want to achieve being on this part of the page.
But honestly I don't seem to be able to understand how to implement it...
I have the following questions:
1)Which parts/classes should I implement for what I actually need , meaning which of the following classes are needed in reality?(AuthProviderConfig , SpnegoConfig , KerberosRestTemplate , KerberosLdapContextSource)
2)If all my users are on a Windows environment do I really need cached tickets(kinit) or keytab? In that case application.yml is also not needed , right?
3)What does the AD admin need to do on his side to configure/enable this SSO with Kerberos?(For the login screen Adapter that works I have the domain, url, rootDn, service user, user searchbase, service user password in my application properties)
Based on this thread , specifically on what the highest scored answer shows , I'm missing only step 1 and 2(I suppose?).
If anyone has maybe a better "guide" or tips that I can follow in order to implement this I'm all ears.
In any case thank you for your time and appreciate any feedback you could give me.
I realised similiar task using tutorial:
https://www.baeldung.com/spring-security-kerberos
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.