Maybe someone could help me a little here.
On a project I am working on, we have some LDAP authentication to
Active Directory which allows users to login to our application - this
is fine. When accessing this application from off campus, they
routinely get this login window confused with the one they login to
Exchange Sever with for their email.
I am wondering if it is possible to setup some kind of button/link
that is displayed after they have logged in (to the web application -
not Exchange) that will redirect them to their email inbox without
having to login again.
I could setup a form that posts to the Exchange login script, with
their username and passwords in hidden fields, but I don't see this as
being secure - perhaps if the password was encrypted (encrypted as
what, though?) I would feel more at ease with this. (Not tried this,
perhaps it would even work?)
Basically, as we know their AD login credentials, all I need to know
is it possible to pass them to the Exchange Server so they can bypass
the login process for Exchange. All I want to do is try and avoid them
logging in twice - once to their email and once to our application.
I hope you follow me, any help would be greatly appreciated.