We have Windows Active Directory, where all users are registered and use to login in Windows.

We have an Apache server configured to use LDAP to authenticate users in that Active Directory. It’s setup so that, in PHP, all we have to do is call $_SERVER['REMOTE_USER']. Browser verifies user login in Windows and sends this data to Apache, which talks to LDAP to verify authentication. When LDAP authenticates, that code returns user’s login, otherwise it returns null.

This way we can safely and easily authenticate users inside PHP and use their AD login to control access to our softwares. Another advantage is that we don’t need a login page and not even have to handle passwords in variables: authentication is handled transparently to users and they are automatically logged to our softwares all the time, and their password never comes into our code.

I’d like to do the same thing with Servlet. I see no reason for it not happen if it works with PHP. But I can’t find how to do it. I googled but couldn’t find anything. Has anybody done something like that and could point me a way?

Standard authentication with login and password is working in Java. If I have domain, login and password, (that in Servlet would come from a login page) I can authenticate any user.