A lot of users are having trouble when dealing with NTLM based authentication with Spring Security. The underlying NTLM support is built on top of JCIFS (jcifs.samba.org), an open source client library that implements the CIFS/SMB networking protocol in Java.

NTLM authentication allows the login credentials of a Windows user, who is logged on into a domain, to be automatically passed to your browser.
NTLM is a Microsoft-developed protocol providing single sign-on capabilities to web applications. It allows a web server to automatically discover the username of a browser client when that client is logged into a Windows domain and is using an NTLM-aware browser. A web application can then reuse the user’s Windows credentials without having to ask for them again.

This only works for Internet Explorer. When using Firefox, you will be prompted with an authentication prompt where you can enter your username and password. You can enable NTLM authentication also in Firefox, by doing the following steps:

• Type “about:config” in the address bar of Firefox
• You will see all settings of Firefox, but you need to find the key “network.automatic-ntlm-auth.trusted-uris”.
• Enter the hostnames like: “host1.domain.com, host2.domain.com”
  or just “.domain.com” to list them all at once

Once you have setup your project with the correct dependencies and libraries, we are ready to start configuring our application context. You need spring-security-core and spring-security-ntlm as project dependencies in order to get it working.

more…