>I recently had to deal with how to handle passwords. I first looked at using GPG to create the password then Hash+salt (very similar BTW). Then I realized that I had active directory tools available. So that is what I'm doing using AD to hold everything. I figured that if it was good enough for MS I guess it will work for me. You can setup user groups to control access to your app .
>
>Of course I was working with a desktop app and had a MS server available.
>
>Johnf
Hi John,
I am coming back to explore the idea/suggestion of using AD. I am trying to wrap some of the concepts of AD around what I need to do. So, if you (or anybody else who reads) don't, I want to ask a couple of questions:
1. In my application, when I/manager grant access to the application, you assign a user to a User Group (feature of the application). Say, I have to assign a person JOHN SMITH to the application, what value from the AD I need to know to set it into a field of my application?
2. When a user opens/loads the application, how do you authenticate him/her? My understanding that you "get" some value from the AD for the currently logged user (in this PC) and compare it with a value in your application database. Right?
TIA for clarifying these questions; or informing me that my understanding is wrong.
"The creative process is nothing but a series of crises." Isaac Bashevis Singer
"My experience is that as soon as people are old enough to know better, they don't know anything at all." Oscar Wilde
"If a nation values anything more than freedom, it will lose its freedom; and the irony of it is that if it is comfort or money that it values more, it will lose that too." W.Somerset Maugham