Thanks, I'll give that a try.
-----Original Message-----
From: Russel Madere [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 09, 2000 10:27 AM
To: Fusebox
Subject: RE: Passing Windows NT Username & Password from Computer Login
To do this, you have to use the basic security in IIS, not the NT Challenge
and Response.
The big short coming of this is that the user name and password are passed
in plain text.
That is a huge no no. Leaves your site wide open to password sniffers.
What I ended up doing at a previous job was user the CF Advanced Security
(in CF Server Enterprise) and a custom form. There was no way to intercept
the NT password except having the user enter it into a form.
Russel
============================================================
Russel Madere, Jr. Senior Web Developer
ICQ: 5446158 http://www.TurboSquid.com
Some days you eat the bear; some days the bear eats you.
============================================================
> -----Original Message-----
> From: Jeff Stone [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, November 09, 2000 13:20
> To: Fusebox
> Subject: Passing Windows NT Username & Password from Computer Login
>
>
> I have a client who wants me to build a security intranet login
> application.
> Instead of having a login screen asking the user to fill in a username and
> password, they want the user's NT username and password to be passed to my
> ColdFusion application automatically. That way, the user will not have to
> login to the online application. I have figured out how to look up the
> Local Users & Groups on a web server and pass that information on once I
> have the NT username and password, but I cannot figure out how to
> automatically pass the username and password from the user's NT login.
>
> I know one possibility is to have the user specify their NT username and
> password in my application the first time they use it. Then, I can store
> this encrypted information in a database and give the user a cookie for
> future easy access, but this is not ideal plan.
>
> Has anyone done this before?
>
>
> Thank you,
>
> Jeff Stone
> [EMAIL PROTECTED]
>
> ------------------------------------------------------------------
> ------------
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fu
> sebox or send a message to [EMAIL PROTECTED] with
> 'unsubscribe' in the body.
>
----------------------------------------------------------------------------
--
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/fusebox or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
