Jespa

Jespa is a pure Java software library that directly implements the Microsoft Windows protocols and logic necessary to easily and efficiently integrate Java applications into Windows environments.

Jespa has no dependencies on other packages or the host (not even DNS) and, as 100% Java, it is memory-safe and runs equally well on Linux, macOS, Windows or any other Java device.

Windows Silent SSO for Java HTTP Servers

The most popular feature of Jespa is the SPNEGO HTTP Single Sign-On (SSO) Jakarta servlet filter which implements the type of SSO built into Windows clients (herein referred to as Windows Silent SSO).

Windows Silent SSO does not require users to type in credentials. It simply reuses the credentials already entered to log into the client workstation or device. Compared to other common types of SSO, this is faster, more convenient and more secure because users are not manually typing in passwords.

Windows Silent SSO is supported by all of the popular browsers, by the various Windows programming APIs and by the major programming languages.

This might be why, in a market saturated with SSO solutions, Jespa has been sold in over 60 countries with thousands of active installations in use today.

Maximum Windows Compatibility

Jespa carefully mimics exactly the network behavior and encodings of Windows communication for maximum security and compatibility.

For example, the Jespa Kerberos initiator will locate DCs using the DC Locator protocol, follow Kerberos client and server redirects across forest trusts and transparently canonicalize the common Windows account name forms (backslash, principal name, alternate UPN suffix).

Jepsa implements SPN and channel bindings (also known as Extended Protection for Authentication or EPA) and AES SecureChannel NETLOGON. Using either SPN binding or session security will block an NTLM relay attack. Jespa properly implements and uses both by default.

By default, Jespa's LDAP client uses SPNEGO with SPN binding and SASL sealing. No CA certificate necessary.

More features ...

One installation may be used in production with up to 25 users for free. To get started, download the Jespa package and try the example webapp as described in the Install the Jespa Example Webapp in the Jespa Technical Documentation area.