I have a servlet basically in intranet and Windows system users can make request to jsp through browsers. The server uses kerberos authentication to allow access to the servlet. The servlet needs to call another servlet (mostly on the same server but different web app) for the current user making request. How can the current user be passed to the other servlet so that the request can be executed with the privileges of the current user. The authentication mechanis used is kerberos only.
Using an SSO framework will ensure that the user can make a request to the second web app (via the first), but you would still have to create and push the user privileges (to the container) on the second web app. SSO will help you avoid authentication at the second web app.
Thanks for your help. So that means I still need to pass the username and password to the other servlet? What will be the usefulness of SSO authentication to the server. Please could you elaborate a bit more.
I get it now. Thanks for the help. Any pointers on how to get the ticket. Do I need to get it always by querying KDC server from the servlet or is there any way I can use the same which is available in the http request headers to the first servlet. Any code sample would be helplful.