I have a java indexer that index windows shared drive, including security. When the user logs in I am able to get the list of groups he belongs to. This list is then used to assess user access rights in the indexer. This works fine.
Now I'd like to have a 'principal authentication mode' where the user logs in to the application by some mean and then the application, being trusted by the indexer, just have to pass the user name.
I wanted to avoid passing Kerberos token around because it makes integration more difficult. But I'll probably go down that road as the 'principal authentication' option is that difficult.
Thanks for the fast answer anyway. You built a nice library and I appreciate your work on JNA too.