How do I make my application Integrated Loginable?

How do I make my application Integrated Loginable?

I am always doing the following Login module:

  1. Create a table with Username and Password
  2. Login by checking the user table.

So how do I use integrated Login just like the application like Sql Server? I don't mean by passing a connection string, I mean it will check the credential of my application without putting any username and password.



I don't mean the SQL Server integrated Login, I mean my application's integrated login, is it possible?

For example, my application will read the AD's name and compare to the current username, then I don't need the user to type in a password for my application.

I am not sure how do I do that and where to start, since if I search Integrated Login, 99.9% of the results from Google will give me the connection string, which I am not looking for that.

Subversion - how do I control user access for single repository when SVNParentPath is used?


Understanding .NET's “SecurityAction” parameter for permissions
[This answer assumes that you're on an Active Directory domain].
How do I grant limited access to sysprocesses in SQL Server 2005?
Are you using active directory windows authentication? If this is the case you can use the integrated security option in the connection string..
How does .NET security really work?
Here's an example connection string using integrated security:.
What are the most common, typical things to AVOID coding into my ASP.NET app in order for it to run under Medium Trust on a shared host?
"Data Source=MyServer;Initial Catalog=db name;Integrated Security=True" 
This would reduce the complexity allowing you to forget about having to ask the user for a username and password because it'll pick up the windows credentials that they've logged into the workstation with..
Windows process structure: How to store user information?
Web authentication state - Session vs Cookie vs?
If the application is a website then you'll need to set the SQL server as "trusted for delegation" in active directory (see

iPhone client certificate
This will allow the webserver to delegate the user's windows login credentials to the SQL server.

If you don't do this then the SQL connection will be anonymous..


Assuming that your application will be running with Active Directory on the local network I think there are a few options, depending on how do you want to implement authorization.. If you want/need to do authorization with some custom rules/logic then the first thing you need is to determine who ran the application:.
  • Environment.UserName in conjunction with Environment.UserDomainName will give you enough information;
  • Alternatively (and more secure) you have use the following code snippet:.
    AppDomain.CurrentDomain.SetPrincipalPolicy(     System.Security.Principal.PrincipalPolicy.WindowsPrincipal); var identity = Thread.CurrentPrincipal.Identity; 
From the identity you can extract Security Identifier which is designed to be globally unique.

(But not that pretty as domain\username pair.). After getting current user's name you can apply whatever authorization rules you want..

83 out of 100 based on 53 user ratings 503 reviews