About SPNEGO/Kerberos Authenticator and Active Directory Realm for Apache Tomcat

A fully featured, first-class SPNEGO/Kerberos Authenticator and Active Directory Realm for the Apache Tomcat servlet container. It integrates your Java webapp in your Active Directory environment with ease.

Getting Started

Download the artifact and read the user guide to get started. Make sure to read the changes also.

Origin of this Project

Working in a corporate environment leaves you virtually no option of not having real SSO for a (Java) webapp, especially when this works with Microsoft IIS with a few clicks. Unfortunately, the Apache Tomcat did not have anything like this out of the box for years.
After a deep dive into Kerberos, GSS-API, Active Directory and LDAP in Java, I made a custom component to fill that gap. Portions of this project have been integrated into Apache Tomcat 7 and onwards. Though, this project covers much more than an authenticator.

This library has served me very well for many years and still does a great job in a complex multi-realm environment, hopefully it will do for you too.