I know that I need to enable identity impersonation to run an asp.net application as me, instead of as the machine account on the web server.

However, I now have a requirement where I need to have the user log in to the asp.net application using their domain username/password. The catch is, I should only be able to log into the asp.net application as myself if I am logging in from a machine that I am already logged into.

For example, Joe Schmo from the cubicle next to me can log in from his machine, but not from mine, unless he logs out and re-logs in as himself.