I have an existing ADE (Access Data Project compiled) project that has been in use in a production environment for nearly 3 years, and has been working great. It's been working so great, in fact, that my client is asking me to look at porting it over to another take the place of another system.
In going through their requirements, one line caught my attention. The current port of the project uses the Windows NT Authentication method to connect to the SQL Server, and uses a user's table to see if the user opening the project is a valid application user.
The "new port" they are asking for requires that the user enter in their Windows login/password (which is managed by an Active Directory LDAP server). I've never, ever, had a client ask for a Windows authenticated system to prompt for the same username/password again before opening the app. I'm not even sure ADP applications can do this with the way they use OLE to connect to the SQL Server.
I've searched around a bit today and haven't found a clear answer. Can anybody shed some insight?
2  2418 
Hi. As you rightly point out, your client seems to be confusing things a little here. To be able to run the application at all the user has to log in via the LDAP authentication. Once this hurdle is cleared the system 'knows' who the user is, and you could use system routines to return the username to Access so that you can continue to use the existing user table and custom login routines to provide custom access to the application.
If you are being asked to authenticate users a second time from Access the only real advantage I can see is that you are guarding against other non-authorised persons running the application while the logged-in user has slipped away from the workstation for a while. As you also point out, this has nothing at all to do with connecting to the SQL server back-end - it is still a user authentication task, not a connection one.
It is certainly possible to use windows API code from Access to query the LDAP server and return the username, ask for a password, and authenticate the user accordingly. If you do a Google search for such code you will find examples that could help you in VB and other languages.
I have used commercial applications which do require such enter-again authentication using LDAP, and these have pre-filled the user's log-in ID (obtained from the LDAP server) in the application's user authentication window, just leaving the password to be entered. It is not uncommon to have to re-authenticate the existing user, although its benefits in your clients particular case are unclear.
Well done for developing an application that your client is keen to develop further! I hope the project goes smoothly for you.
-Stewart
Thanks for the reply!
I'm waiting to find out today if the reason they want a separate login is so that a different user other than the logged in system user can open it. If that's the case, it opens up a whole new ball of wax and delves into Windows Impersonation etc.
I got a solution using SSPI to manually verify user credentials against the domain, so if they're fine with that, it'll be an easy solution :)
Sign in to post your reply or Sign up for a free account.
Similar topics
by: Bruce Loving |
last post by:
I have an ADP connected to an SQL 2000 database that works fine on my
machine,
Opening the ADP show lists of stored procedures ala
up_ListPrograms
but, when I copy it to another computer, and...
|
by: Ciaran McAuliffe |
last post by:
Hey,
I have a bit of a tricky problem, here is a quick overview. I have a
website which connects to a webservice, this web service is a front for
access to the Reporting Services Web Service, the...
|
by: Jerry Boone |
last post by:
A long time ago Larry Linson (MVP contributor to this group) made a point to
me that mdb's could do anything ADP's (Access Projects) could by using
linked tables to leverage Sql server databases. ...
|
by: Joseph Geretz |
last post by:
I'm having a credentialing problem in my web application. Actually, I don't
think this is an IIS security issue, since I'm able to access the page I'm
requesting. However, the executing page itself...
|
by: Keith H |
last post by:
I'm looking for a way to force the user to re-authenticate with their Windows
username/password/domain after clicking the submit button on an ASP.NET page.
This is for an internal application.
...
|
by: AkAlan via AccessMonster.com |
last post by:
I store my front ends on a web server that all my users have access to and
need to be able to run a script that first checks to see if the front end the
user opens is the most current version. That...
|
by: wapsiii |
last post by:
Is it possible to have a windows network prompt pop up on a asp.net
site that uses <authentication mode="Forms">?
Back in the classic asp day, I simply set the NTFS permissions on the
folder in...
|
by: Bruno Barros |
last post by:
Hey there. I'm currently working on an intranet, and would like to
know how I can get the windows usernames of the visitors.
You can get their IP with $_SERVER;
But what about their Windows...
|
by: choukse |
last post by:
Hi All,
I am trying to bind to ADAM instance with a windows user through JNDI and it keeps failing. My ADAM and AD is running on same Windows 2k3 server.
But, through LDP I am able to bind with...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
