Our customers have reported that a recent security patch MS15-027/KB3002657 from Microsoft when installed on Domain Controllers affects EasySSO ability to successfully perform authentication (as well as other applications).
An updated version of EasySSO 1.0.27 has been released to address this - please upgrade if affected.
EasySSO works only in conjunction with IOPLEX Jespa library - the only pure java implementation of NTLMv2 authentication.
Microsoft patch MS15-027/KB3002657 breaks "localhost.netbios.name" feature of IOPLEX Jespa. In EasySSO this was always set via "Instance identifier" parameter in UI, which now has been removed.
The localhost.netbios.name property no longer works with the Microsoft NETLOGON spoofing patch MS15-027 / KB3002657 released on Tuesday March 10, 2015.
Prior to the release of KB3002657, the localhost.netbios.name property was used to share Computer accounts between multiple instances of Jespa running on the same server. This property is not set by default but if you have set this property, you will now need to create separate Computer accounts for each instance of Jespa loaded in a ClassLoader and NOT set the localhost.netbios.name property.
In the context of webapps and Servlets, this means that each webapp (even if they're running in the same app server) will need it's own Computer account. You can no longer share Computer accounts between webapps.