K
Koutilya
Hi all,
I am new to Windows Authentication altough I have been reading about windows
authentication for a few days now. Here is my problem.....I have windows
client applications that users would login to. All client instances will be
running on windows machines and will be connected to a server where I have DB
and other server side components running. My Authentication requirements are
as follows:
A. On most of the client machines I would like to use single sign on to
login to my application. In other words the client application shall pass the
user credential to my server and have it authenticated. Therefore there is no
need for the user to enter his credentials.
B. On some client machines I do not want SSO and would like to prompt the
user for his credentials (user name and password) which shall be sent to the
server for Authentication.
I am thinking of a solution which is in lines of writing a web service that
will do the Authentication and Authorization (with AzMan). Client apps during
login shall invoke a service on this web service and while doing so pass
their credentials (not as part of the service call) to the web service which
shall do the authentication using AD.
My questions are as follow:
1. Is there a better way of doing this?
2. Requirement A - I am not able to figure out how to pass the logged in
user credentials from a windows application to a server for authentication.
The server could be running Active Directory and the credentials it receives
from the clients will have to be authenticated against the AD. Also in this
scenario if we remove the AD from the server then how would the server do
authentication?
3. Requirement B - I was thinking of doing this by directly querying the AD.
Is there a way I can meet both my requirements while I make the most of the
windows authentication infrastructure that is available?
Thanks,
Koutilya
I am new to Windows Authentication altough I have been reading about windows
authentication for a few days now. Here is my problem.....I have windows
client applications that users would login to. All client instances will be
running on windows machines and will be connected to a server where I have DB
and other server side components running. My Authentication requirements are
as follows:
A. On most of the client machines I would like to use single sign on to
login to my application. In other words the client application shall pass the
user credential to my server and have it authenticated. Therefore there is no
need for the user to enter his credentials.
B. On some client machines I do not want SSO and would like to prompt the
user for his credentials (user name and password) which shall be sent to the
server for Authentication.
I am thinking of a solution which is in lines of writing a web service that
will do the Authentication and Authorization (with AzMan). Client apps during
login shall invoke a service on this web service and while doing so pass
their credentials (not as part of the service call) to the web service which
shall do the authentication using AD.
My questions are as follow:
1. Is there a better way of doing this?
2. Requirement A - I am not able to figure out how to pass the logged in
user credentials from a windows application to a server for authentication.
The server could be running Active Directory and the credentials it receives
from the clients will have to be authenticated against the AD. Also in this
scenario if we remove the AD from the server then how would the server do
authentication?
3. Requirement B - I was thinking of doing this by directly querying the AD.
Is there a way I can meet both my requirements while I make the most of the
windows authentication infrastructure that is available?
Thanks,
Koutilya