I am having trouble grasping the components I need to develop and put
together in order to have a solid, integrated security authentication
mechanism for a custom C# .NET application that involves a client application
connecting to a remote Windows (server) application that is not running IIS
or SQL Server. I want the users to be able to seemlessly start the
application on the client, use the same credentials they used to log on to
their Windows workstation without having to retype them and have the option
to provide the credentials manually. When received on the server side
application, I would like to authenticate it against various groups
(installed with the server application) in Active Directory to provide roles
based permissions to application functionality.
Basically, I want the same abilities that IIS uses when a client browser
attempts to access a secured page - but I do not want to include another
unnecessary layer into the total solution. With all that I have read, I know
there is a way, however, I cannot put the pieces together logically and
cannot find a suitable example of this. The communication transport can be
named pipes or TCP or other alternatives, however I really want a seemless
logon managed via Active Directory.
Any help would be greatly appreciated! Thanks!
- Bob
together in order to have a solid, integrated security authentication
mechanism for a custom C# .NET application that involves a client application
connecting to a remote Windows (server) application that is not running IIS
or SQL Server. I want the users to be able to seemlessly start the
application on the client, use the same credentials they used to log on to
their Windows workstation without having to retype them and have the option
to provide the credentials manually. When received on the server side
application, I would like to authenticate it against various groups
(installed with the server application) in Active Directory to provide roles
based permissions to application functionality.
Basically, I want the same abilities that IIS uses when a client browser
attempts to access a secured page - but I do not want to include another
unnecessary layer into the total solution. With all that I have read, I know
there is a way, however, I cannot put the pieces together logically and
cannot find a suitable example of this. The communication transport can be
named pipes or TCP or other alternatives, however I really want a seemless
logon managed via Active Directory.
Any help would be greatly appreciated! Thanks!
- Bob