Ives, I'm confused: are we actually talking about the same project, or have we veered off and are dealing with different envts/objectives?
> If the authentication is integrated with NT, the application should > never see the password... Unless you're referring to *browser* authentication (I never was), the server sure does see the password: the credentials are entered and sent to the CGI in plain-text. This would be the case whether you're dealing with ISAPI, NSAPI, CGI, etc. You can't flat-out *read* the credentials from NT, nor from any NOS, but once you get a pass/fail from the NT security layer, you certainly know whether you're dealing with valid creds or not...and you'll continue to have the original plain-text version of those creds available, provided that they can be placed in a session variable or server variable. With the portal using LDAP against AD, and IMail hitting the same AD via SAM, you have fully synced accounts, so the only thing that remains is posting the same creds to both realms, as I proposed. Since I'm sure you won't disagree with the above, I have to guess that you thought Nikhil was doing browser-integrated authentication (Integrated Windows Authentication/IWA) using one of IE's "automatic logon" options and challenge-response on the back end. I don't think we really have anything to suggest that that's the case, but you certainly could be right. And if you're right, the server would not have access to the credentials to store and forward to another realm, and therefore your solution, or a similarly complex setup, would have to be used. So it's not so much that we disagree on tactics as that we started from very different assumptions. And since Nikhil doesn't seem to be around anymore, maybe we should just table this stuff for now. :) -Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
