0

waffle

Enable drop-in Windows Single Sign On for popular Java web servers.

Official Site
Github repo
Main metrics

Github stars Tracking Chart

WAFFLE - Windows Authentication Framework

Build Status
Build status
Coverity Scan Build Status
Coverage Status
Maven central
releases
Eclipse
Project Stats
Github All Releases

waffle

WAFFLE is a native Windows Authentication Framework consisting of two C# and Java libraries that perform functions related to Windows authentication, supporting Negotiate, NTLM and Kerberos. Waffle also includes libraries that enable drop-in Windows Single Sign On for popular Java web servers, when running on Windows. While Waffle makes it ridiculously easy to do Windows Authentication in Java, on Windows, Waffle does not work on *nix(UNIX-like).

Unlike many other implementations Waffle on Windows does not require any server-side Kerberos keytab setup, it's a drop-in solution. You can see it in action in this slightly blurry video produced for TeamShatter.com.

Sites

Essentials

Documentation

There're several semi-independent parts to Waffle. Choose the appropriate HowTo.

  • Simple native interfaces in C# and Java to do all things Windows authentication. Useful if you're building a custom client that requires Windows authentication. See Getting Started with WAFFLE API
  • A generic Servlet Negotiate (NTLM and Kerberos) Security Filter that can be used with many web servers, including Tomcat, Jetty and WebSphere. See HowTo.
  • A Tomcat Negotiate (NTLM and Kerberos) Authenticator Valve, built for the Tomcat Web Container. See HowTo.
  • A Tomcat Single Sign-On + Form Authentication Mixed Valve, built for the Tomcat Web Container and allowing users to choose whether to do form authentication (a username and password sent to the server from a form) or Windows SSO (NTLM or Kerberos). See HowTo.
  • A Spring-Security Negotiate (NTLM and Kerberos) Filter. See HowTo.
  • A Spring-Security Windows Authentication Manager. See HowTo.
  • A JAAS Login Module, useful when extending a custom Java client that already implements JAAS to support Windows SSO. See HowTo.
  • A WildFly Security Domain implementation, offering support for local Windows and Active Directory users authentication when deploying web apps on WildFly servers. See HowTo.

Waffle was created and is sponsored by Application Security Inc.. For a long story, read the Project History. Also, feel free to use this PowerPoint presentation from NYJavaSIG to talk about Waffle.

Features

  • Account lookup locally and in Active Directory via Win32 API with zero configuration.
  • Enumerating Active Directory domains and domain information.
  • Returns computer domain / workgroup join information.
  • Supports logon for local and domain users returning consistent fully qualified names, identity (SIDs), local and domain groups, including nested.
  • Supports all functions required for implementing server-side single-signon with Negotiate and NTLM and various implementations for Java web servers.
  • Supports Windows Identity impersonation.
  • Includes a Windows Installer Merge Module for distribution of C# binaries.

Contributing

Copyright (c) Application Security Inc., 2010-2017 and Contributors.

This project is licensed under the Eclipse Public License.

Project maintained by Daniel Doubrovkine & Jeremy Landis.

Main metrics

Overview
Name With OwnerWaffle/waffle
Primary LanguageJava
Program languageJava (Language Count: 5)
Platform
License:MIT License
所有者活动
Created At2012-04-05 23:18:03
Pushed At2025-05-15 20:54:38
Last Commit At2025-05-15 16:53:35
Release Count67
Last Release Namewaffle-3.5.1 (Posted on 2025-01-01 00:01:12)
First Release Namewaffle-pom-1.6 (Posted on 2014-01-02 10:59:50)
用户参与
Stargazers Count482
Watchers Count24
Fork Count186
Commits Count6.7k
Has Issues Enabled
Issues Count245
Issue Open Count58
Pull Requests Count2295
Pull Requests Open Count1
Pull Requests Close Count294
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private