Re: looking for a way to provide non-interactive a - WeOnlyDo Discussion board

Re: looking for a way to provide non-interactive a (General questions)

by cedral, Wednesday, September 06, 2006, 21:55 (6653 days ago) @ wodDamir

That doesn't seem like a good idea unless you are saying that the user has already been authenticated against the domain inside wodWebServer before UserAuthenticate is called. I can't just believe them when they tell me they are part of the domain. I have to verify it, either with ntlm challenge/response, in which I will never know their password or with kerberos ticket verification, in which I will never know their password.

Now of course sspi provides an abstracted interface using the negotiate protocol to authenticate at an abstracted level without dealing with the details of the specific system (kerberos/ntlm) used. which is why I asked about it.


Complete thread: