WAFFLE is a native Windows Authentication Framework consisting of two C# and Java libraries which perform functions related to Windows authentication, supporting Negotiate, NTLM and Kerberos. Waffle also includes libraries which enable drop-in Windows Single Sign On for popular Java web servers when running on Windows.

Note the following:

• Waffle makes it easy to do Windows Authentication in Java on Windows.
• Waffle does not work on Linux/Unix.
• Unlike many other implementations, Waffle on Windows does not require any server-side Kerberos keytab setup, it is a drop-in solution.

Online Information

• More information is available at the homepage of the WAFFLE product.

Valuemation with WAFFLE as a Sample of the getRemoteUser() SSO Method

The simplest way of using SSO by WAFFLE is to use the WAFFLE servlet filter.

For general information, please go to the Github website.

Note: The filter definition is already included in the Valuemation servlet deployment descriptor (the 'web.xml' file). It is commented.

Out-of-domain Access to Tomcat with WAFFLE

A browser is not able to send a valid username and password when a user who is out of domain tries to access Tomcat. The authentication fails and Waffle tries to display the 'HTTP Error 401' error page. In this case, it is desirable for the user to log in using the standard login dialog. For this Valuemation Configuration, please see the 'Out-of-domain access' section in the 'SSO Configuration of Valuemation with WAFFLE servlet filter' topic.