Monday, February 20, 2012

Windows authentication using SingleSignOn within J2EE/.net application


Today I am going to write about Windows authentication using SingleSignOn method with-in j2EE and asp.net applications. Hope you will enjoy.

Consider the scenario where you are developing a web application, which can be used with-in an organization (Intranet environment) and also in Would Wide Web (Internet environment). Both the environments, application business logic would be. The only key difference would be, the authentication mechanism used among these two applications.

With in Internet environment, we may end up with displaying login page, where need to get the username and password from user and the same will to be validated in backend. Once authentication successful, we would be invoking application page.

Incase of Intranet environment, we know that the request is coming from trusted domain.  Hence we can go with Windows authentication using SingleSignOn option, to not to prompt username and password to login the application. Here, we can read the login username using windows shell script and set password can be set as some unique text and we can click the login submit button using java script. If request contains the password mentioned in html/jsp, we can consider request is intranet users, So we can consider the request as valid one, BUT we should check the username is correct and has correct privilege to access the application.

HTML code sample here explained for Windows authentication using SOO with in login page. Similar login page can be created for Internet application as well.  The only difference would be, we would be end u with calling setFocusForText java script mention in onload and anywhere with in th page.

<HTML>
<HEAD>
<TITLE> This is Windows authentication SOO testing TITLE>
HEAD>
<script type="text/javascript">
function setFocusForText() {
            document.getElementById("userNameText").focus();
            var wshShell = new ActiveXObject("wscript.shell");
            var userNameFromWin=wshShell.ExpandEnvironmentStrings("%username%");
            document.getElementById("userNameText").value=userNameFromWin;
            document.getElementById("passwordText").value="~~~~";
            document.getElementById("loginMe").click();
}
script>
<BODY onload="javascript:setFocusForText();">
<form id="loginForm" >
            <input type="text" id="userNameText" value=""/>
            <input type="password" id="passwordText" value="" />
            <input id="loginMe" value="Login" type="submit" />
form>
BODY>
HTML>


Do you think, hard coding the password with in html is venerable? If so, follow my previous blog to implement password encryption algorithm and store the same. And also, user can’t see the SSO page since it is kind of auto submit page. Page load would happen with in fraction of seconds.

Any other queries in your mind? Add it in comments section. Happy to respond to you. 
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Pega Decisioning Consultant - Mission Test Quiz & Answers

The Pega Certified Decisioning Consultant (PCDC) certification is for professionals participating in the design and development of a Pega ...