User authentication

[Frank Esser]

Hello,

I have got a specific question on user authentication.

My customers usually use their workstations all together as a kind of public
terminal. This means one of the users in the team logs in in the morning and
everybody uses the workstation during the day (I know this is not a safe way
but they do so...).

Now I want to write an application that offers a user authentication to be
able to assign any user input to the corresponding user.

My idea is as follows:
1) My application reads out the user list from Windows domain and offers an
application specific rights management that is virtually linked to the user
names.
2) When anybody starts the application or uses a special command to change
user in the application then the application calls a system login dialog for
authentication. This dialog does not effect the windows login but returns
the user and success of authentication to the application.

My questions:
a) What do you think about that model? (Please no philosophic but technical
discussion)
b) Can it be realized with .NET framework 1.1 and C#?
c) Are there any suggestions to do it better?
d) Does anybody have C# code to implement such an architecture (reading out
domain users, calling login dialog)?

Thanks a lot !
Frank

 

[Guest]

Hey Frank,

I will not comment on a, b, and c in your post since I am not sure I
understand what you intend to do.

You can use the classes int the System.DirectoryServices namespace to read
the domain users from Active Directory. Also this article shows you how to
create a login dialog box using the Win32 API function
CredUIPromptForCredentials:
http://msdn.microsoft.com/library/d.../en-us/dnnetsec/html/dpapiusercredentials.asp

HTH, Jakob.

 

[Jim Douglas]

I am looking at building something like this, we the application shut-down
after a short period of inactivity and is re-activated by your employee
access card. This is a solution for the public area systems only.