>Yes, I agree, It would be a security issue. I guess I was spoiled by the Novell operating system where you can pass it a Userid/password pair and it would report back whether or not it was a legal match. Yes, this does mean that I could Find a users password, but I guess Novell thought this was ok since We were developers of applications running on their servers.

Tim,

as all things in life there isn't a white or black answer. I've worked some years for a very big insurance company. All the application where on IBM mainframes with terminals as Clients (or PCs with terminal emulation). We had only one login screen, the first one. After that you could start each application on the mainframes (if you had the right authorisation) without having to retype the user name or password (it was done in the background by the application login process). Very simmilar to what you were looking for.

Why this example ? Because it has following drawback: if the user leaves his terminal alone everyone could start each application under this "wrong" user id and password.
This company has decided to take this risk, that was a very surprising decision for me because they were extremly conservative, not to say paranoic about securitiy issues.