Single Signon using Active Directory
My security framework is using AD to authenticate users. However, if user is already logged into their machine and their machine is also a member of the domain which is used by the application, I want to bypass authentication and not display the annoying login screen.
Right now they have to login on all applications.
I am thinking of using the WindowsIdentity.Token and pass the AccoutDomainSID and compare it to the SID of the domain used by my application.
Any caveats to this?(Can somebody spoof the token, how do they do that?)
"Dont you ever give up!"
\"Dont you ever give up!\"