Trying to implement SSO capabilitites in a spring boot application. I need to fetch the current logged in OS-user (windows) in order to lookup in the Active Directory and retrieve the roles.
I have seen some samples with the use of SecurityContextHolder, but this seems to be relevant for web application with integrated authentication mechanisms.
Any idea how to fetch the current windows user in a spring application?
Thanks
Try this,may works on ie and chrome:
public String WindowsUserDemo(HttpServletRequest request, HttpServletResponse response) {
String auth = request.getHeader("Authorization");
if (auth == null) {
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "NTLM");
try {
response.flushBuffer();
} catch (IOException e) {
//e.printStackTrace();
}
}
if (auth.startsWith("NTLM ")) {
byte[] msg = new byte[0];
try {
msg = new sun.misc.BASE64Decoder().decodeBuffer(auth.substring(5));
} catch (IOException e) {
e.printStackTrace();
}
int off = 0, length, offset;
if (msg[8] == 1) {
byte z = 0;
byte[] msg1 = { (byte) 'N', (byte) 'T', (byte) 'L', (byte) 'M', (byte) 'S', (byte) 'S', (byte) 'P',
z, (byte) 2, z, z, z, z, z, z, z, (byte) 40, z, z, z, (byte) 1, (byte) 130, z, z, z,
(byte) 2, (byte) 2, (byte) 2, z, z, z, z, z, z, z, z, z, z, z, z };
response.setHeader("WWW-Authenticate", "NTLM " + new sun.misc.BASE64Encoder().encodeBuffer(msg1));
try {
response.sendError(response.SC_UNAUTHORIZED);
} catch (IOException e) {
e.printStackTrace();
}
} else if (msg[8] == 3) {
off = 30;
length = msg[off + 17] * 256 + msg[off + 16];
offset = msg[off + 19] * 256 + msg[off + 18];
String remoteHost = new String(msg, offset, length);
length = msg[off + 1] * 256 + msg[off];
offset = msg[off + 3] * 256 + msg[off + 2];
String domain = new String(msg, offset, length);
length = msg[off + 9] * 256 + msg[off + 8];
offset = msg[off + 11] * 256 + msg[off + 10];
String username = new String(msg, offset, length);
return remoteHost+"name:"+username+",domain:"+domain;
}
}
return "error";
}
