Using cookie to remember credential in mobile devices

I have a requirement to build a responsive web application where users would like the browser to remember their login credential for about a month.  I have a couple of question about this.
1.  In a PC I could use a cookie to do this.  What do I do when it's a mobile device?  How can I set the browser to remember the user's credential when they navigate to the site?
2.  Can I use that for all browser on the mobile device?
3.  They want the web application to authenticate using users' window' account credential.   I'm not sure if I can store the user's password since it's in AD.  How can I do this?

Thank you.
lapuccaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Imran Javed ZiaConsultant Software Engineer - .NET ArchitectCommented:
Hi,

Do you want to make remember me cookieless?

In general, you don't have to take care either it is desktop or any other device until unless you have browser which is cookie  enabled.

for best practices on cookie and authentication please refer to following articles:

http://jaspan.com/improved_persistent_login_cookie_best_practice
https://web.archive.org/web/20150204143440/https://resonantcore.net/blog/2015/02/remember-me-safely-secure-long-term-authentication-strategies

Thanks and Regards
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ambienceCommented:
You should not have to do anything specific for a Mobile browser at the Server's end. Mobile browsers indeed support Cookies, whether all browsers support cookies at all the times? The answer is probably No, which is true even for a desktop browser, where cookies can be turned off.

As for authentication, the credentials are to be supplied by the user, and then remembered. You only have to use these credentials to login to the AD and/or Impersonate the user.

See this code example: https://msdn.microsoft.com/en-us/library/system.security.principal.windowsimpersonationcontext.aspx
0
lapuccaAuthor Commented:
So, my codes doesn't, and shouldn't, do anything about storing or remember the user's credential?  that would be my preference.  So, is it up to the users to configure the browser they're using on their device to remember login credential?

Customer's requirement is not having to entering their userid or password each time they browse to the website, for up to 30 datys.  

Thank you.
0
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

ambienceCommented:
You should push the creds as a cookie to the client. Client per discretion can enable or disable cookies. In the latter case, your website would continue as usual and ask for credentials.
0
lapuccaAuthor Commented:
What do you mean by my application "push" the credential as a cookie?  

The user will be logging into the web application using their Window's credential.  By pushing, do I store their userid and password on the browser as a cookie?

Thank you.
0
ambienceCommented:
It just means, send a cookie from the server to be stored on the client.

By pushing, do I store their userid and password on the browser as a cookie?

Exactly! After a successful login.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C#

From novice to tech pro — start learning today.