locked
ADFS (server 2012 R2) with Tomcat 7 RRS feed

  • Question

  • Hi all

    Do any fo you know if there is possible to directly integrate ADFS (in Windows Server 2012 R2) with a Tomcat 7 website to provide SSO and authentication for windows AD users?

    So far I have been reading there are some third party tools to integrate both, but nothing about if it is possible to do it without third party software.

    Thanks!

    Friday, July 22, 2016 5:18 PM

Answers

  • While it is possible to integrate Tomcat 7 with ADDS, I would assume the same would be true with ADFS - if ADFS is integrated with the same ADDS that Tomcat 7 is integrated with. However, this is not for the faint of heart. Unless you are developer with good Kerberos experience and decent knowledge of ADDS, the below article may be a difficult read:

    https://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html


    Best Regards, Todd Heron | Active Directory Consultant

    Friday, July 22, 2016 6:00 PM
  • If you are hosting a claimed based authentication application on Tomcat 7, why not. ADFS is an STS. It supports: SAML2, WS-Fed, OAuth... So as long as your hosted application leverages one of these protocols, you can integrate with ADFS (and potentially other 3rd party STS). It's at the app level, not a the server level.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, July 22, 2016 8:28 PM

All replies

  • While it is possible to integrate Tomcat 7 with ADDS, I would assume the same would be true with ADFS - if ADFS is integrated with the same ADDS that Tomcat 7 is integrated with. However, this is not for the faint of heart. Unless you are developer with good Kerberos experience and decent knowledge of ADDS, the below article may be a difficult read:

    https://tomcat.apache.org/tomcat-7.0-doc/windows-auth-howto.html


    Best Regards, Todd Heron | Active Directory Consultant

    Friday, July 22, 2016 6:00 PM
  • If you are hosting a claimed based authentication application on Tomcat 7, why not. ADFS is an STS. It supports: SAML2, WS-Fed, OAuth... So as long as your hosted application leverages one of these protocols, you can integrate with ADFS (and potentially other 3rd party STS). It's at the app level, not a the server level.

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, July 22, 2016 8:28 PM