1 Reply Latest reply on Oct 15, 2003 3:13 PM by bmadigan2003

    Authentication without Login

    Andreas Newbie

      Hello.

      I'm writing an web based intranet application. All client are win nt/2000/xp workstations and domain members.

      Is it possible to to fetch the Windows username to authenticate the user without entering username and password?

      thx,

      Andreas

        • 1. Re: Authentication without Login
          bmadigan2003 Newbie

          I dont think anyone else will respond to this, so here goes:

          If a web browser could exposed user/password information about the client machine to web applications, the client's security would be useless. This would be considered a major security flaw. Even if this were just an intranet site, browsers are (hopefully) not implemented to expose this information at all. If you want to make it easier for clients to log in, keep a cookie on their machine to identify them and pre-fill their user/password information on the server side to automatically log them in. Also, client machines should be able to authenticate against the same directory service your web-app uses (LDAP). That way they can use the same usernames/passwords on the intranet and on their client machines. If the client machines are not authenticating against a central directory, this will not be feasible.