I was recently working on a project that required us to integrate our Spring MVC application with Microsoft's Active Directory (AD).

Most online tutorials discuss using a privileged system account for perfoming lookups of the user's distinguished name (DN) based on the provided at login user name. Setting up a generic system account to enable authentication from our application became problametic due to organisational policies.

Recently, I was asked to assist with an integration of an existing suite of JEE web applications with an Oracle single sign-on solution being rolled out across a large organisation. 

The IBM WebSphere platform that was used for running existing web applications was somewhat outdated (WAS v6.1) and there was no possibility of an upgrade.  To make things even more difficult, the applications in question used a home grown single sign-on solution with little documentation.

I remember when I first started using EJBs, there was a lot of talk about physical separation of the presentation and business tiers via remote interfaces and RMI. So, technically you could have your business logic sitting on a different server than you web application. It sounds great but I cannot remember actually doing that.

I have recently rolled out a single sign-on solution using Atlassian Crowd. My client's applications were running on Apache Tomcat and required FORM based authentication. After briefly Googling around, I have found the Crowd JAAS Login Module (see https://plugins.atlassian.com/plugin/details/6045) which fitted my requirements perflectly.

Here is an example of how to integrate a Crowd JAAS login module into Tomcat so that all web applications can be authenticated against the Crowd server.

Recently, while rolling out a single sign-on solution for a client, I have stumbled across an interesting problem.

Here's the situation. We had a bunch of web applications that needed to be deployed onto Apache Tomcat (v6.0.29) server. Each application needed to be secured using FORM based authentication. We were using Atlassian Crowd identity management application for managing our users and providing the authentication and authorisation services.