pavelmed
asked on
How to programmatically get username and password from SharePoint or AD?
Is it possible to programmatically retrieve a logged-in user's username and password from SharePoint or AD?
The system setup is that a user who is logged into the network does not need to login to Sharepoint - the existing credentials are used. How to retrieve these credentials programmatically?
User and password are needed to create a call to another application (web-based) and to avoid another login as that application uses the same credentials.
Thank you in advance.
The system setup is that a user who is logged into the network does not need to login to Sharepoint - the existing credentials are used. How to retrieve these credentials programmatically?
User and password are needed to create a call to another application (web-based) and to avoid another login as that application uses the same credentials.
Thank you in advance.
Adam Brown
I don't think you can. Seems like It would be a major major security flaw if you could (and probably against Common Criteria). However, you can bypass the issue by adding the Web Hostname to the Intranet zone in Internet Explorer. The Intranet zone automatically uses the user's credentials when faced with a domain login prompt.
Alternatively, you can configure the application to use passthrough authentication in IIS. I'm not sure of the proper setup for that, since I was unable to get it working properly without creating a Domain user specifically for that purpose.
ASKER
The call to authenticate with that third application has to be built in a very specific way. And that web application is installed on UNIX machine.
We can't also controls users' browsers setup
We can't also controls users' browsers setup
If you say: "that application uses the same credentials", I assume that application is authenticating against your own AD? It's just using some kind of logon page/forms based authentication that you want to skip with the current credentials, right?
I think this requires the configuration of some kind of single sign-on or pass-through authentication, in the web application.
I think this requires the configuration of some kind of single sign-on or pass-through authentication, in the web application.
You could probably get it done with Windows Federation Services come to think of it. That's capable of doing SSO with systems outside of the Domain. Unfortunately, I don't know much about setup for it. Just what it does.
ASKER
"It is using the same credentials" means that the application uses the same username and password for the same user as it is setup for the network login.
It does have its own login page, and the goal is to skip that login prompt because credentials are the same.
It does have its own login page, and the goal is to skip that login prompt because credentials are the same.
At first I was thinking ADFS as well, but it appears that the application involved can already verify the credentials.
Do you mind sharing with us what the application is, and what web server it runs on?
Also: have you tried searching Google for "Application X single sign-on"?
Also: have you tried searching Google for "Application X single sign-on"?
ASKER
Lawson, WebSphere.
I have an idea how to bypass the login prompt, but I need username and password for that anyway
I have an idea how to bypass the login prompt, but I need username and password for that anyway
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Lawson Single Sign-On still requires users to authenticate by entering username and password.The only advantage is that they can use the same username and password that they use to login initially.
The only way to bypass a login prompt is to programmatically obtain username and password and to pass them to Lawson in a call. But in order to do it, the calling program (SharePoint in this case) must know the user's username and password.
My question is how to programmatically retrieve user's username and password while being logged into the SharePoint.
The only way to bypass a login prompt is to programmatically obtain username and password and to pass them to Lawson in a call. But in order to do it, the calling program (SharePoint in this case) must know the user's username and password.
My question is how to programmatically retrieve user's username and password while being logged into the SharePoint.
ASKER
Although the issue was not completely resolved, I still would like to assign the points in appreciation for an assistance.
ASKER
The issue was not completely resolved, although in might not simply have solutions. I still would like to assign the points in appreciation for an assistance.