WAFFLE - Windows Authentication Functional Framework (Light Edition) is a native C# and Java library that does everything Windows authentication (Negotiate, NTLM and Kerberos).
- Download Version 1.4
- Next Release 1.5 (Alpha)
- Need Help? Google Group
- Frequently Asked Questions
- Troubleshooting Negotiate
- Older Versions on CodePlex.
Most people will be interested in one of the following.
- Simple native interfaces in C# and Java to do all things Windows authentication.
- A generic Servlet Negotiate (NTLM and Kerberos) Security Filter - Tutorial.
- A Tomcat Negotiate (NTLM and Kerberos) Authenticator Valve - Tutorial.
- A Tomcat Single Sign-On + Form Authentication Mixed Valve - Tutorial.
- A Spring-Security Negotiate (NTLM and Kerberos) Filter - Totorial.
- A Spring-Security Windows Authentication Manager
- A JAAS Login Module - Tutorial.
- If you're using Tomcat, Jetty or Websphere with an IIS front-end to do authentication only, Waffle will allow you to get rid of IIS.
Unlike many other implementations WAFFLE on Windows does not usually require any server-side Kerberos keytab setup, it's a drop-in solution. You can see it in action in this slightly blurry video produced for TeamShatter.com.
Waffle was created and is sponsored by Application Security Inc. For a long story, read the Project History. Also, feel free to use this PowerPoint presentation from NYJavaSIG.
- Account lookup locally and in Active Directory via Win32 API with zero configuration.
- Enumerating Active Directory domains and domain information.
- Returns computer domain / workgroup join information.
- Supports logon for local and domain users returning consistent fully qualified names, identity (SIDs), local and domain groups, including nested.
- Supports all functions required for implementing server-side single-signon with Negotiate and NTLM and various implementations for Java web servers.
- Supports Windows Identity impersonation.
- Includes a Windows Installer Merge Module for distribution of C# binaries.
Waffle includes a servlet filter that works with any servlet container, including Tomcat, Jetty and Websphere. It also contains a native package for Tomcat 6 and Spring Security 3. There're branches for Tomcat 5, Tomcat 7 as well as Spring Security 2 support.
- Quest Vintella Single-Sign-On (Commercial)
- IOPlex Jespa (Commercial)
- Josso
- Tomcat SPNEGO
Copyright (c) Application Security Inc. and Contributors.
This project is licensed under the Eclipse Public License.