Thanks Dominique, the answers:
1) no, tomcat is running on a different computer
2) I think so
3) tomcat is running with SYSTEM
4) No i haven't a link to that discussion, thanks
5) ah ok, to do those type of operations I depend upon a group that manage the network. I'm not able to change anything in network
[6)] no sorry I thought that when I install the DLL part I cannot use any other thing in different packages...
I have asked to our group that manage the network to help us and they suggest to use another library called WAFFLE (probably 'cause they have already experience with that, I think).
I don't know if next informations can help you to improve your library, but anyway:
Trying that library I was able to run immediately your example called authbysspi, using the servlet filter called waffle.servlet.NegotiateSecurityFilter provided by WAFFLE and without asking to do any change on network (probably this remove
configuration of AD from possible causes?)
With this server filter we was able to run the application on all machines and on iPad too BUT only with Google Chrome.
In logs I have found that when the connections is made with a NO MAC machine, the protocol used is Negotiate. Connecting with a iPad or Mac is always NTLM. Chrome was able to manage that NTLM but Safari stop after authentication saying "Connection
Updating an init-param of the filter called waffle.servlet.spi.NegotiateSecurityFilterProvider/protocols removing the NTLM from possible protocols solved the problem also on the Safari browser.
I hope this help you to improve your library.