kind regards to all.
I'm faced against an implementation problem on which I need some
guidelines and advice.
my client has a Win2k3 domain with ActiveDirectory.
I need to implement two parts of the solution:
a) Web Service that will run on a computer in the client's domain with
access to the AD
b) Windows application that will run on computers which are NOT part of
the client's domain
Windows application will communicate to the Web Service via internet
and perform some tasks that way.
the real problem follows: users that will use Windows application have
AD accounts in the client's domain, but they themselves will use
Windows application on computers OUT of the domain. and my Web Service
must allow Windows application users to authenticate and authorize with
AD, but so that the password (in any form) is NEVER sent across the
wire. data also must be transferred in a secure manner. so I need
something like Kerberos, but that works in my case.
what would be the simplest, yet feasible solution to this problem? does
WSE 3.0 have anything that could help me?
I hope I managed to depict the problem and I apologize for my english
if it's causing any misunderstandings.
tnx in advance