I have a corporate network that users login via Active Directory and going to deploy a Java web Application which uses Spring Security and runs on Tomcat. So, I would like to create this single sign-on mechanism that enables users to login intranet websites without entering credentials after logging into their accounts on Active Directory.
Briefly people are logging in via active directory and don't want to login again to intranet web applications, so i have to get their sessions and complete authentication and authorization steps accordingly.
I think i should implement Java and Spring Security NTLM authentication.
I might consider the usage of OpenAM or JASIG Cas or etc.
What kind of structure i would use, any suggestions?
