Share Login Info Between Windows Apps?

[theknight571]

I'm looking to develop a set of windows applications for our department and I want to limit their use to only authorized users.

I have written the first one and it includes authentication etc.

I started work on the second one and began to add the authentication to it as well, when it dawned on me that someone wanting to run both, would have to login twice, once with each app.

Is there a way to "share" authentication information between windows apps? So if I login to app 1, and then launch app 2, app 2 can see I'm logged in and not prompt for it?

Edit: I'm using Visual Studio/C#

 

[beginner99]

I would say depends on how secure this must be. As far as I can tell not very secure?

Then just take windows username (and domain) of the user and check it against your database (eg. which username has which privilege).

Then no login is required at all.

 

[velvetpants]

What if you just make a common launcher for all the apps?
You make that launcher a "singleton" process, so there can be only one instance of it.

Then user would open the launcher -> type in login info -> then click on whatever app she wants to run.
Then when she wants to start one of the other apps -> just go back to the launcher and start it -> launcher passes previously typed login info automagically.

 

[theknight571]

I would say depends on how secure this must be. As far as I can tell not very secure?

Then just take windows username (and domain) of the user and check it against your database (eg. which username has which privilege).

Then no login is required at all.

Hmmm... that would work, and probably be just as secure as the apps I'm replacing.

 

[theknight571]

What if you just make a common launcher for all the apps?
You make that launcher a "singleton" process, so there can be only one instance of it.

Then user would open the launcher -> type in login info -> then click on whatever app she wants to run.
Then when she wants to start one of the other apps -> just go back to the launcher and start it -> launcher passes previously typed login info automagically.

This would work too... although beginner99's suggestion would make the users happier since they wouldn't have to enter credentials at all. (other than to get into their machines)

 

[DaveSimmons]

With the singleton, you might offer a way for the apps to kill it, then before each app closes ask "log me out of <app-set-family-group> ?" (PostMessage (WM_CLOSE ) might be all you need)

If they say yes, then tell the singleton to kill itself. That way someone else walking up to the PC can't run the apps later in the day.

 

[Markbnj]

I would say depends on how secure this must be. As far as I can tell not very secure?

Then just take windows username (and domain) of the user and check it against your database (eg. which username has which privilege).

Then no login is required at all.

This. If your windows workstations are secure then you don't need an additional layer, imo. Usually when a native windows app requires authentication it is to present credentials to a remote server.

 

[purbeast0]

ever thought about combining both apps into 1 application, and letting certain users see different parts of the application based on what roles they have?

 

[theknight571]

ever thought about combining both apps into 1 application, and letting certain users see different parts of the application based on what roles they have?

I have.

I started this way, but it became unwieldy quickly. (probably due to my inexperience with Visual C# and Windows Apps... I've spent the last few years building Web apps)

Plus the only thing being shared between the apps, besides the authentication, was a data source. No other code was shared. I figured separate apps were just as good. They will all show up on the Start Menu as Department Tools -> Tool 1; Tool 2; etc. so they will still appear grouped together.

Maybe once I get the hang of this C#/Visual Studio I can combine them.

The last true Windows Application I wrote was 10+ years ago. Spent a few years away from programming and then got into Web development. A lot has changed since my last VB app was written.

 

[Leros]

What about having a remote sign on server? It has the added benefit of allowing you to easily manage credentials.

 

[gothamhunter]

Use AD/Windows login integration, or perhaps consider a password management app such as Citrix Single Sign On

 

[Saint Nick]

I was going to suggest maybe linking the app to LDAP. That way even if it is installed on an unauthorized user's machine, it won't launch. Authorized users can just launch the app with no worry.

 

[sao123]

Program it to authenticate to your active directory structure???!? Thus having single sign on credentials for all apps...