Thread: Single Sign On in VB .NET
View Single Post
  #10 (permalink)  
Old 10-08-2008, 6:41 AM
JohnH's Avatar
JohnH JohnH is offline
VB.NET Forum Moderator
.NET Framework: .NET 3.5 (VS 2008)
  
Join Date: Dec 2005
Location: Norway
Age: 37
Posts: 10,329
Reputation: 1315
JohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond reputeJohnH has a reputation beyond repute
Default
Quote:
Originally Posted by benjeeqds View Post
PS: What I was talking about Fred getting Bob's credentials is just Fred hacking the TCP/IP message accross the network and substituting "My name is Domain\Fred" with "My name is Domain\Bob".
Why? He could just run your app with Process.Start(filename, username, password, domain), or log into computer as "Fred" in the first place. Point is what My.User.Name returns is an authenticated windows user. (="Windows Integrated Authentication")
__________________
Reply With Quote