Ok - within Windows Server 2008 - I'm assuming that you're going to be using IIS 6.0 or 7+ -- probably with the dispatcher running on it.
Check out this article here (http://dev.day.com/content/kb/home/cq5/CQ5SystemAdministration/SSOwithApacheIIS.html) - that provides a pretty good overview of how it works. Basically what you want to do is enable the OOTB SSO service (follow instructions here --http://dev.day.com/content/kb/home/cq5/CQ5SystemAdministration/HowToConfigureSSO.html) , or here http://experiencedelivers.adobe.com/cemblog/en/experiencedelivers/2012/06/http_header_base authenticationincq55.html
1) Set up IIS w/ apache's dispatcher to properly pass the server variables see (http://msdn.microsoft.com/en-us/library/ms524602(v=vs.90).aspx) - you're looking for (most likely) logon_user. What's going to happen is IIS will parse through the http headers and replace / add whatever variables as handled by IIS's integrated-NTLM authentication. Setting up Dispatcher properly to cache / not cache content as desired is another can of worms and you should set aside a good chunk of time to work through it.
2) Test that the server variables are being passed downstream to CQ.
* Create a simple component that lists out all the headers (see http://hc.apache.org/httpcomponents-core-ga/httpcore/apidocs/org/apache/http/HttpMessage.h tml#getAllHeaders()) , and prints them out with their values.
* This will let you test to make sure that all the proper server variables (logon_user, etc) are being passed.
3) Set up matching users in CQ
* this can be done by either manually creating them (not recommended) or by setting up LDAP connection with CQ (see http://wem.help.adobe.com/enterprise/en_US/10-0/core/administering/ldap_authentication.htm l for more details).
* compare the user names to the user names found from your test component that prints out the server variables. Note some regex decoding might be necessary (say you need to only look for everything past the domain NTUSER/joeuserx)'\
* note / test whatever regex patterns will be necessary to configure the OOTB SSO component -- ex ^<DOMAIN>\\(.+)$|1.
4) Set up trusted credentials attribute (again in http://dev.day.com/content/kb/home/cq5/CQ5SystemAdministration/HowToConfigureSSO.html)
Worked for me! Let me know if you need any more tips
Thank you very much for the reply. It seems that my REAL problem is a fundamental ignorence of how to set up the dispatcher in windows server, coupled with the fact that I have very little experience in Windows.
I was trying to get the dispatcher running in native windows, but that truely seems more complicated then it is worth. I've been able to get everything set up with a linux version of apache before, so I imagine the windows version will be very similar.
Thanks for your help! That is an excellent list of resources!
My mistake, I am actually trying to allow users to be able to log onto author and have the credentials automatically pulled using windows credentials. Is there a way to do this?