sangonzal
commented
3 years ago @David-Engel The short answer is: no, currently there is no way to implement integrated windows authentication with MSAL Java without providing an username, as MSAL essentially uses the same logic under hood as ADAL does.
I agree though that it would make for a better end user experience to not have to provide this value, and this might be something that could potentially be included in MSAL. For this though, I would open up an issue on the MSAL repository, so the team can investigate and prioritize the feature request accordingly.
Also, could you point to how this is currently being done in mssql-jdbc with ADAL? curious as to how what the workaround currently looks like.
David-Engel
Is there any way to implement the Integrated Windows Authentication flow without providing a username? The sample seems to imply that MSAL4J requires the application to provide it. From: https://github.com/Azure-Samples/ms-identity-java-desktop/blob/4a24acc4726153cae06a81793c82ff721bdb8600/Integrated-Windows-Auth-Flow/README.md#step-4--configure-the-sample-to-use-your-azure-ad-tenant
Step 4: Configure the sample to use your Azure AD tenant
src\main\resources\application.propertiesfileCLIENT_IDproperty to the client ID value you recorded earlierUSER_NAMEproperty to yourWindows signed-in user IDFrom a Windows standpoint, having to provide the username doesn't quite seem "integrated", so I hope I'm missing something simple.
Background: We (the mssql-jdbc team) are migrating from ADAL4J to MSAL4J. I think ADAL4J also requires username to be passed in but I was hoping to eliminate the current ugly workaround used for our IWA auth flow by using MSAL4J.
Thanks!
CC: @lilgreenbird