我部署和春天有个Windows网络上建立了一个Java应用程序。网络使用Active Directory，以便用户登录到其桌面与他们的Active Directory用户名。

I'm deploying a java application built with spring on a windows network. The network uses Active Directory so the users login to their desktops with their active directory user names.

现在，我试图使得当用户打开浏览器来访问该应用程序（其被部署在同一个网络上的），以添加新功能的应用程序自动地拿起他们的用户名和认证它们。

Now, I'm trying to add a feature so that when the user opens the browser to access this application (which is deployed on the same network) the application automagically picks up their username and authenticates them.

在我的研究，我发现这个博客帖子： HTTP：/ /blog.springsource.org/2009/09/28/spring-security-kerberos/ 不过，我认为这种做法可能不会需要我的情况，因为我将应用程序部署到相同的Windows网络。

During my research I came across this blog post: http://blog.springsource.org/2009/09/28/spring-security-kerberos/ However, I think this approach might not be required in my scenario since I'm deploying the application to the same windows network.

问题

还有什么比这一些方法来简单地访问用户令牌，使我的web应用程序可以验证用户身份？

What could be some ways to simply access the user token so that my web app can authenticate the users?

推荐答案

我们使用 NtlmHttpFilter 。

您配置它在你的web.xml的过滤器，告诉它你的域控制器的生活，而且pretty的多少只是工作。 Internet Explorer将提供凭据不采取任何行动，火狐（和我想的Chrome），会提示你输入登录名。

You configure it as a filter in your web.xml, tell it where your domain controllers live, and it pretty much just works. Internet Explorer will provide credentials without you taking any action, Firefox (and I suppose Chrome) will prompt you for a login.