Andy-H Posted December 21, 2011 Share Posted December 21, 2011 Just wondering if anyone knows if it's possible to create a session(logon) to a web interface using a windows session in C++ and if theres any resources anyone could recommend? Have full control over the website so can add stuff to the database etc. I know you can get the windows username, just can't think of a way to get that info to the browser and create a session based upon it? Obviously don't want to use GET variables or cookies or anything as that could be a massive security flaw lol Quote Link to comment Share on other sites More sharing options...
scootstah Posted December 21, 2011 Share Posted December 21, 2011 Well in Linux you can get stuff like Webmin, which is a server control interface (like cpanel) where the login is system users. So I'm sure it is possible in Windows too. Quote Link to comment Share on other sites More sharing options...
kicken Posted December 21, 2011 Share Posted December 21, 2011 If you have a windows active directory domain and want to use those logins for your site, you can use ldap to perform authentication against the domain. Not sure if it is possible without a domain. If you want users to be automatically logged into your site when they login on their machine you'd have to have some kind of software running on the machine (say a browser extension) that will provide whatever details are necessary. I'm not even sure how you'd accomplish it. It'd be far easier to just create a 'remember me' option and have your users check that. You'll have to clarify what it is you want to accomplish. Quote Link to comment Share on other sites More sharing options...
Andy-H Posted December 25, 2011 Author Share Posted December 25, 2011 Well so far I have created a C++ program that gets the username / domain and md5 hashes it with a salt, and a function that sends a http socket request and gets the output, so the plan is, have a script on the server (with the salt) and place the C++ exe in startup programs, then when a user logs in the exe wi,ll run, send the hash to the server and if it matches with any users ( md5(username@domain_salt) ) then the server will output a hash which wikll also be stored in the database, a call will then be made to another exe that will open a browser ( using system("run www.site.com/?key=hash"), I don't recall the exact command) and if the hash's match, and the IP is an internal IP address, the user will be logged onto the appropriate account Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.