Get username of client who connected to web server

Question

Here\'s the scenario. I am code running on a web server in an AD domain. Some client has connected to me. How do I get that client\'s username, without having the client fill ou

Answer 1

The latest way for Windows to do it is SPNEGO. To make it work fully you need you server to have an account in AD, and communicate with Kerberos. Then Spring Security, I was told, supports this.

Now, not always you need to authorize users. Sometimes (e.g. for stats reasons) it's enough to get the AD id of the user. When I was playing with SPNEGO, the binary data that was passed from browser were including the user id in clear text. It can be extract from there, but cannot be trusted of course.

NTLM is outdated, considered less secure, and largely rolled out from the environments.