Waffle and Play Framework

Apr 30, 2012 at 9:33 AM


Could you let me know if waffle would be suitable for the following scenario.

Client Application: Browser (IE 8, FF) on Windows 7

Server: Play Framework 1.2.4 standalone (using Netty internally)

Now I can do LDAP authentication easily but I would like to add SSO capabilities so the users can bypass the login screen if they have been successfully authenticated on the domain already.

Play framework is not built on the J2EE stack and does not have a Servlet container. 

Now could I use waffle to process the kerberos token from the request header and check if the user is authenticated with the domain?

PS: I am not an expert on windows authentication so examples and explanations are welcome.


May 20, 2012 at 8:41 AM

Hi there.

I am currently working on a Play 1.2.4 module that uses waffle to provide sso with ntlm.

I don't know much about win authentication either. I'm just using the Tomcat filter example and adjusting it to Play, by creating "fake" implementations of HttpServletRequest and HttpServletResponse.

I can't promise you when the module is done, since I'm doing it in my spare time. Could be a first version is ready for you to try out in a week. 

Christian Guldner

May 20, 2012 at 11:33 AM

This sounds good. Note that we moved to Github: https://github.com/dblock/waffle, so fork and pull!

May 20, 2012 at 12:25 PM

Hi christian, 
That's good news that!
Let me know if I can help in anyway.
 Wayne might be able to help as I believe he started looking into such a module recently.


Aug 13, 2012 at 9:23 PM

Just to let you know that I stopped working on the module. I encountered a problem I couldn't solve, unless I changed Play framework code.
See: https://groups.google.com/d/topic/play-framework/vRGxfh1AjIo/discussion

If you can live with NTLM (or Negotiate) authentication only, it can be done, but I needed to be able to send the user to a log-in page, in case NTLM wasn't supported.