tomcatspnego version 1

Rating:        Based on 3 ratings
Reviewed:  3 reviews
Downloads: 7323
Change Set: 76816
Released: Jul 4, 2009
Updated: Jul 21, 2016 by doumeguerin
Dev status: Stable Help Icon

Recommended Download

application, 7861K, uploaded Mar 22, 2014 - 1161 downloads

Other Available Downloads

application, 192K, uploaded Sep 19, 2009 - 114 downloads
Source Code
source code, 107K, uploaded Aug 4, 2009 - 101 downloads
application, 192K, uploaded Sep 19, 2009 - 132 downloads
Example example070709
example, 24K, uploaded Aug 4, 2009 - 398 downloads
documentation, 73K, uploaded Aug 4, 2009 - 218 downloads
application, 193K, uploaded Aug 10, 2009 - 37 downloads
application, 89K, uploaded Aug 10, 2009 - 32 downloads
Source Code src100809
source code, 107K, uploaded Aug 10, 2009 - 36 downloads
example, 23K, uploaded Aug 10, 2009 - 131 downloads
documentation, 73K, uploaded Aug 10, 2009 - 128 downloads
example, 26K, uploaded Sep 7, 2009 - 432 downloads
application, 229K, uploaded Sep 14, 2009 - 26 downloads
application, 310K, uploaded Sep 19, 2009 - 34 downloads
application, 539K, uploaded Sep 19, 2009 - 110 downloads
application, 616K, uploaded Nov 2, 2009 - 259 downloads
application, 630K, uploaded Feb 20, 2010 - 384 downloads
application, 1526K, uploaded Apr 21, 2010 - 74 downloads
application, 28K, uploaded Jun 2, 2010 - 21 downloads
Application trunk-jna-1006210
application, 7470K, uploaded Jun 10, 2010 - 31 downloads
application, 3088K, uploaded Jun 14, 2010 - 36 downloads
application, 3068K, uploaded Jun 15, 2010 - 575 downloads
application, 3163K, uploaded Nov 21, 2010 - 360 downloads
application, 20857K, uploaded Mar 14, 2011 - 264 downloads
Application trunk-03062011
application, 21362K, uploaded Jun 3, 2011 - 555 downloads
Application trunk-02122012
application, 21238K, uploaded Jan 2, 2012 - 240 downloads
application, 21468K, uploaded Apr 9, 2012 - 125 downloads
Application frdoumesspitc6jbossjna.jar
application, 42K, uploaded May 22, 2012 - 10 downloads
application, 28742K, uploaded Jun 2, 2012 - 127 downloads
application, 28743K, uploaded Jul 23, 2012 - 135 downloads
application, 38566K, uploaded Sep 19, 2012 - 34 downloads
application, 38628K, uploaded Sep 26, 2012 - 993 downloads
application, 36K, uploaded May 16, 2014 - 10 downloads

Release Notes

Download the version 22032014(March 23,2014). This version works with tomcat 8.5 and 9 too (remark : July 21, 2016)
You can now use tomcat 8.
version 29092012 (September 29, 2012)
With the fourth solution: the JVM and the CLR in the same process, without native code
version 23072012:
The possibility to choose between Negotiate and the old NTLM has been added(when the parameter spnegoandntlm is set). You can use the version tomcat55 with jboss 5. There is a version with jboss6

Preceding Versions:
The file doc contains the javadoc and the configuration file
The file trunk contains the DLL, JAr and the configuration file
The file src contains the C and Java source
The file all contains the sources, javadoc, dlls and jars
The file example is like the name

In the version 100809.
1)Most of the log messages are in english
2)A problem with IE and SPNEO/NTLM is resolved

version 140909:
Now, the file contains the two files of the release 140909 ( and The file contain documentation, sources, example, jar, dll and the Windows service.

version 02112009
The file contains the two files of the release 02112009( and The file contain documentation, sources, example, jar, dll and the Windows service.
The groups names are translated into sids (Security Identifiers) only at the startup of the application (versions tcp and dll).
I added the file Negoserver.chm to help to read the source. (I used SandCastel).

version 20022010:
The file is only renamed, but not changed.
The time-out are modified in the java and c# code. The JVM and CLR garbage collectors could be running...
Negosoerver uses only threads of the pool and the minimum number of threads is modified (2 -> 4). You can also modify this value in the parameters of Negoserver.
In java, WeakSocketsListForNtlm is no more used. If an NTLM authentication is not finished after 15 seconds, the socket used for this authentication between tomcat and Negoserver is closed. SSPauthentication cancel the timer used to close this socket if the authentication is finished.
Version 15062010:
There is a correction of a bug in the dll. There was a memory leak in the preceding versions with the dll.
Version 21112010:
The possibility to use tomcat 7 is added.
Version 15032011(March 15, 2011)
It is now possible to call, with tomcat 7,the methods request.login, request.authenticate, request.logout.
There are examples for tomcat 7 with the versions using JNA and TCP using request.login
The minimum version of dotnet with TCP is now dotnet 3.5. If it is a problem, send a message.
Version 030862011:
I only changed the examples for jna and tcp:
There is now 4 examples:
1)example (for tomcat 6 and 7 )with Windows accounts and groups (directory example)
2)example (for tomcat 6 and 7) with Windows accounts and groups defined with another Realm (directory explWithoutWinGroups) with a login page as the error 401 page. This page is defined in a free zone.
3) like the preceding example (directory explWithoutWinGroupsNoFree) but the error page is not defined in a free zone
4)example (only for tomcat 7) with fallback : Login/pwd with Windows accounts and groups (directory explOnlyT7FallbckUsrPwd)
Version 02122012:
(1) I replace v2 by jna and v3 by tcp.
(2) Fixed a bug in version using JNA
To avoid a resource leak when the methods DeleteSecurityContext and FreeCredentialsHandle are not called, I used the finalize method to call these mathods.
This can occur during NTLM (not Kerberos) authentication.
Indeed the NTLM authentication involves several exchanges between the client and the server.
If the client does not do all exchanges, these methods are not called.
But the class Structure given by JNA also has a finalize method to free allocated memory.
The order of the calls, by the JVM, of the finalize methods is undefined. Hence the bug.
(3) Refactoring NegoServer to facilitate the use of asynchrony with a future version of Dotnet.
(4) Check the example

Reviews for this release

Works very well, easier to setup than some commercial alternatives.
by neilmusgrove on Oct 15, 2009 at 2:32 PM
I've used this with Tomcat to enable SSO integration with Sun Identity Manager. Great job!
by RomanLi on Sep 3, 2009 at 9:11 AM
The very popular Spring security , and Jcif don't work when using NTLMV2. This version was easy to install and handles NTLMV2 very well. I'm very impressed and I'm going to use it in my projects to allow SSO. Keep the great work, Alberto Acevedo
by pitirre on Jul 16, 2009 at 2:55 AM