hi there, I have these requirement that has been placed on my plate for the intranet website that has already been developed using Cocoon-2.0.4 on Win2000 IIS server running inside Tomcat-4.1.18 servlet container.The network uses Win2000 Active Directory Setup.Everything worked fine till now(..unless something else shows up!!). Currently i am using the LDAP transformer for authentication based on the login form information entered and from which i get the roles he/she has been assigned and show the user the role-based view of the website.The login screen uses XSP and i am using the Sunshine Authentication block for handling various pipelines.
The security requirement that has been raised is: Any domain user who wants to use the intranet doesn't need to go through the login page on the intranet website,since the logged on user is already a valid user on the domain.So the logon screen doesn't help much - Well its fine with these requirement because i can make the IIS server to restrict usage based on Windows Integerated Authentication.When i say the 'logged-onn' i mean the network login. But the the next phase is where i am getting stuck at,which is getting the network logon user details based on which i have to generate the customized view to restrict access to specific resources on the website. its because the request object doesn't give me the network details of the user like the logon-name.If i could even get that,i can go ahead with finding the rest of the information like his group access rights. Has anybody come across such issues?Is there any better way to go about the whole authentication that i have described here.Any kind of help would be highly appreciated and thanks for your time. regards, Gautam --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]