Page 1 of 1

help with ldap authentication

Posted: Wed Dec 15, 2010 1:36 pm
by 2000a
Hi,

I have the code to authenticate a set of credentials (user id/password) against ldap.

My question is: Is it possible to figure out if the user already authenticated, by logging in to windows (domain). This would be useful, as the user wouldn't need to provide credentials, if they are already logged in to the domain... This is a little like the Outlook client (it doesn't prompt for credentials if the user is already authenticated)...

If you know whether or not this is possible and how to do it, I would be grateful.


Thank you

Re: help with ldap authentication

Posted: Wed Dec 15, 2010 4:59 pm
by pickle
You can't and you shouldn't.

You can't because whether they've logged into a Windows domain or not is not something that can be accessed via a browser. If you must do that, you'd need a client side application running, or a Java applet.

You shouldn't because people have been trained to think that closing their browser logs them out of whatever they had open unless they've checked one of those "Remember me" boxes. There is a lot of danger in essentially auto-signing a person in using their windows credentials.