Validating user credentials
From: Cathryn Johns (cjohns_at_gmail.com)
Date: 02/14/05
- Next message: Tobi: "Moving application that depends on deserialization on a CD"
- Previous message: bigredgum1_at_excite.com: "Re: .NET Remoting Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 14 Feb 2005 01:59:36 -0800
I have an app where, for security audit purposes, I need to know that
two valid users are present at the GUI. I'd like to enforce this by
forcing them both to logon, verify that each one is a valid user
belonging to the correct group, and only then allow access to the app.
So what I'm looking for is a way to validate a user's credentials
without them being logged in. I've seen the example at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod16.asp,
and something like that would work, but I'd prefer not to have to
handle the users passwords manually. Is there any way that I can cause
a login box to be shown, and then validate the given information
directly? Something like CredUIPromptForCredentials and
CredUIParseUserName, except that I need to not only get the username, I
also need to check that the password was valid and that the user
belongs to a specified group.
I'd prefer to do it without needing admin rights, but that will
probably be okay if there's no other way to do it.
Thanks
- Next message: Tobi: "Moving application that depends on deserialization on a CD"
- Previous message: bigredgum1_at_excite.com: "Re: .NET Remoting Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
