I am working on application which needs to be authenticated in different domain. To authenticate a user I have to capture his/her credentials send to server side and enter them into LsaUserLogon() function to impersonate user.
My fear here is, what I don't want take responsibility for Pop up my own dialog, /cript/encript information for transmittion. I am looking for different approach which removes all responsibility for me to capture user passwords. Only fact here, what I need this credentials on my server machine, to impersonate user. Any tips and suggestions?
( Windows, .NET )
Thanks!
Windows has native API to assist in this case (which helps you launch an IE style dialog to prompt for user name and password).
You can invoke it in .NET,