Single Sign On using NTLMv1 or NTLMv2 or kerberos to a Spring webapp on tomcat on linux

We make an appliance with a spring web interface running on Tomcat on Centos Linux.

I'm investigating how we users can connect with out entering a username/password, but instead use windows authentication over http (aka SPNEGO).

as available options mentioned in other SO questions I'm seeing:

• NTLMv1 but not NTLMv2 via JCIFS
• NTLMv1+N开发者_开发问答TLMv2+kerberos via Waffle but only for windows :(
• Kerberos only via "Spring Security Kerberos Extension"

none of which sounds like a reliable all around SSO option for tomcat on Centos. also much of the information on these projects is over a year old so it's hard to know if these limits still apply.

What is a viable option for SSO on linux these days?

Another option might be the "ntlmv2-auth" Java library:

https://sourceforge.net/projects/ntlmv2auth/

It also includes an SSO servlet filter.

Option three works perfectly here with Spring 3.0. Go for it!