How to programmatically get username and password from SharePoint or AD?

pavelmed
pavelmed used Ask the Experts™
on
Is it possible to programmatically retrieve a logged-in user's username and password from SharePoint or AD?
The system setup is that a user who is logged into the network does not need to login to Sharepoint - the existing credentials are used.  How to retrieve these credentials programmatically?
User and password are needed to create a call to another application (web-based) and to avoid another login as that application uses the same credentials.

Thank you in advance.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
I don't think you can. Seems like It would be a major major security flaw if you could (and probably against Common Criteria). However, you can bypass the issue by adding the Web Hostname to the Intranet zone in Internet Explorer. The Intranet zone automatically uses the user's credentials when faced with a domain login prompt.
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
Alternatively, you can configure the application to use passthrough authentication in IIS. I'm not sure of the proper setup for that, since I was unable to get it working properly without creating a Domain user specifically for that purpose.

Author

Commented:
The call to authenticate with that third application has to be built in a very specific way.  And that web application is installed on UNIX machine.
We can't also controls users' browsers setup
Should you be charging more for IT Services?

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Commented:
If you say: "that application uses the same credentials", I assume that application is authenticating against your own AD? It's just using some kind of logon page/forms based authentication that you want to skip with the current credentials, right?

I think this requires the configuration of some kind of single sign-on or pass-through authentication, in the web application.
Adam BrownSenior Systems Admin
Top Expert 2010

Commented:
You could probably get it done with Windows Federation Services come to think of it. That's capable of doing SSO with systems outside of the Domain. Unfortunately, I don't know much about setup for it. Just what it does.

Author

Commented:
"It is using the same credentials" means that the application uses the same username and password for the same user as it is setup for the network login.
It does have its own login page, and the goal is to skip that login prompt because credentials are the same.

Commented:
At first I was thinking ADFS as well, but it appears that the application involved can already verify the credentials.

Commented:
Do you mind sharing with us what the application is, and what web server it runs on?

Also: have you tried searching Google for "Application X single sign-on"?

Author

Commented:
Lawson, WebSphere.
I have an idea how to bypass the login prompt, but I need username and password for that anyway
Commented:
I'm afraid you're asking the wrong question. You won't get the password out of AD, and they're not stored in Sharepoint.

Is this of any use?

http://www.redbooks.ibm.com/abstracts/redp4192.html
http://blog.lawsonguru.com/2007/01/11/lawson-ssoor-sos/

Author

Commented:
Lawson Single Sign-On still requires users to authenticate by entering username and password.The only advantage is that they can use the same username and password that they use to login initially.
The only way to bypass a login prompt is to programmatically obtain username and password and to pass them to Lawson in a call.  But in order to do it, the calling program (SharePoint in this case) must know the user's username and password.  
My question is how to programmatically retrieve user's username and password while being logged into the SharePoint.

Author

Commented:
Although the issue was not completely resolved, I still would like to assign the points in appreciation for an assistance.

Author

Commented:
The issue was not completely resolved, although in might not simply have solutions.  I still would like to assign the points in appreciation for an assistance.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial