"Andy" wrote:

> Windows authentication schemes don't expose the login ID or the
> password to anybody.  Instead, they depend on the user to prove their
> identity (by supplying correct credentials) and respond by creating a
> token that represents an authenticated user.
>
> A server such as IIS (rather than your code) uses the presence of the
> token to figure out whether to load, run, and give access to a
> particular program.  If your code has a call to an external secured
> service (ie webservice or website), it has to supply the credentials
> (either as default - the windows login, or hard coded - loginID and
> password) for it to be granted access by the server that runs it.  This
> can be done by:
>
> someservice.Credentials = System.Net.CredentialCache.DefaultCredentials
>
>
> Active Directory also holds "user properties" for its accounts which I
> believe could be accessed via the token.  But, you will need to have
> active directory installed for this.
>
> Andy
>
>

> Hi,
>
> I am looking at developing web form application that is accessed
> through a windows Network (win2k3 server).
>
> I want the application to a) be able to login from the application or
> b) be recognised as their login if they got to the web form by a link
> on the intranet. Either way, the web form needs to know who the user
> is to be able to customse their experience.
>
> Is their an object which holds this information (User name & password)
> which I can use to authenitcate or identify the user?
>
> I have never done this before so excuse my ignorance...
>
> Thanks very much for any ideas in advance
>
> Ant
>