tomcat single-sign-on kerberos ntlm ntlmv2

Single Sign On using NTLMv1 or NTLMv2 or kerberos to a Spring webapp on tomcat on linux

We make an appliance with a spring web interface running on Tomcat on Centos Linux.

I'm investigating how we users can connect with out entering a username/password, but instead use windows authentication over http (aka SPNEGO).

as available options mentioned in other SO questions I'm seeing:

NTLMv1 but not NTLMv2 via JCIFS
NTLMv1+NTLMv2+kerberos via Waffle but only for windows :(
Kerberos only via "Spring Security Kerberos Extension"

none of which sounds like a reliable all around SSO option for tomcat on Centos. also much of the information on these projects is over a year old so it's hard to know if these limits still apply.

What is a viable option for SSO on linux these days?

Solution

Option three works perfectly here with Spring 3.0. Go for it!

Tomcat stop error
Tomcat won't stop or restart
What is the standard/modern way to use CAC/PIV card authentication in Java/Tomcat web applications?
What happens to a Java Web Container's memory when there are too many concurrent sessions?
An unknown setting with identifier [8] and value [0] was ignored
Process finished with exit code 1 Spring Boot Intellij
vulnerable Tomcat 10.1.31 embedded in Artifactory 7.98.13
how to use httpPlatformHandler with Tomcat on Virtual Directory only
What is the difference between Tomcat containers and Docker containers?
JAX-RS Tomcat 9.0.21 404 – Not Found when accessing resource
How to Configure Apache Camel with an HL7 Listener and deploy inTomcat
Server http:/localhost:8080 requires a user name and a password. The server says: XDB
Is it possible to externalize nested components
Spring Boot Application not starting. Error: Stopping Service [Tomcat]
Increase HTTP Post maxPostSize in Spring Boot
JAXB not available on Tomcat 9 and Java 9/10
Tomcat 10 Webapp migration - servletFileUpload.parseRequest error
Error after updating logback to version ^1.5.13
Docker s390x tomcat image is giving fileupload error when deployed on OpenShift
There is no port at rootFolderUrl and repoUrl in alfresco cmis browser api
Exclude tomcat dependency from maven when building
Quartz job at startup - Context Listener Addition
Spring Boot - Tomcat Multi-Tenant: Thread Pool per Tenant
Tomcat 9: header line does not conform to RFC 7230
Tomcat Manager Authentication repeated popup while running a Java web project
Using multiple SSL certificates in Tomcat 7
Service specific error code 1 using tomcat 8 as a windows service
Apache tomcat7 as windows service
could anyone please tell me where is AUTOBIND in server.xml in tomcat 9 as mentioned in attached answer
Tomcat in Intellij Idea Community Edition