Are you using WAFFLE in your product?

Mar 4, 2010 at 2:15 PM

We'd like to collect field stories about using WAFFLE. Your response is much appreciated.

* What's the name and url of your company?
* What product(s) are using WAFFLE?
* How are you using WAFFLE?

Please share any other implementation details, but keep this to a few lines, don't write a novel :)

Jul 6, 2010 at 11:46 AM
Edited Jul 6, 2010 at 11:47 AM

We are using Waffle at Jyske Bank (

Waffle is used to provide authentication between Java developers and our buildserver, replacing a previous SSPI wrapper written in Ruby.

We use it in a small service framework called Authorized Job Server (AJS) that allows us to do authenticated+authorized builds of Java applications.

I expect to open source AJS some time in late summer/fall via my blog at


Jul 6, 2010 at 3:22 PM
Edited Jul 6, 2010 at 4:25 PM

We are definitely using Waffle here at Texas Health Resources (  We have been using JCIFS for the past 5 years for an enterprise intranet application, however when I understood that JCIFS could not support NTLMv2 which is what the Windows 7 client required, we were forced to make a move to find another authentication tool.  For 2 months, literally, I tried to make the Tomcat Connector ISAPI filter work, with a lot of help from the guys on the Tomcat Users List (they were great!!), with our intranet application and unfortunately could never make it work.  dB was kind enough and patient enough with me to help me setup my environment for Waffle (web.xml) and within 5 minutes we were up and running and I was able to authenticate the user and use that in my application.  In our intranet application we are running Tomcat 6.0.18.

After getting Waffle to run on Tomcat I wanted to get it running on IBM Websphere v7.0 for a new project I've been assigned.  After asking dB whether he thought Waffle would work or not, dB stated that did not have Websphere to test with, but said that if Websphere handled java servlet filters Waffle should work right out of the box.  Well it did just that successfully.  All I did different from Tomcat was add the 3 jar files to the WEB-INF\lib directory in my IBM RAD web project instead of the server LIB directory and Waffle worked flawlessly. 

I would highly recommend WAFFLE without reservation to anyone needing authentication code.  Thank you, dB, for all your help and work on this project.


Jul 15, 2010 at 1:38 PM

I am using Waffle at Air Liquide Process & Construction in Houston ( to secure our intranet applications, just replaced the JCIFS implementation and it works as advertised. Thanks for this project, it has been needed for a long time.

Jul 28, 2010 at 12:07 PM

I am using WAFFLE with an embedded Jetty server (and also embedded Derby database) for a small healthcare-related project.  We're about to deploy next month.

Sorry I can't give many more details unless our marketing dept gives approval :(

Thank you for all your hard work on WAFFLE.


Sep 10, 2010 at 9:28 AM

i-net software ( uses WAFFLE in its two major products as third party authentication method besides others. On of them is a help desk software for the german market ( which uses LDAP to import users into its database. We use WAFFLE in our latest release to have a tighter integration with windows and to offer automatic authentication.

Our second software using WAFFLE is a wide spread reporting suite, called i-net Crystal-Clear (, targeting the world wide market. It offers a reporting server with ad hoc, scheduling and repository functions as well as a client side designer software. WAFFLE enhances our security concept to give the user the freedom of choice for the integration into their own network architecture or product.

Feb 7, 2012 at 9:45 PM

I have tried Waffle and it is really simple to set up and use with Tomcat. It doesn't however work behind IIS6 using ISAPI redirectors. I keep getting "The token supplied to the function is invalid". It does work on the same server direct ot Tomcat on port 8080. Fancy that! Anyway, I'll persevere and it works well and its probably IIS or the ISAPI filter failing. Will try Apache next.