Windows authentication and login screens

Delphi XE6, MS-SQL 2008

ConnectionString:='Provider=SQLOLEDB.1;Password=xxxxxx;Persist Security 
Info=True;User ID=xxxxx;Initial Catalog=xxxxx;Data Source=xxxx;Use 
Procedure for Prepare=1;Auto Translate=True;Packet Size=4096;Use 
Encryption for Data=False;Tag with column collation when possible=False'

For years, all users of my applications were given a database login, 
rather than using Windows authentication. The username was almost always 
the same as their windows username, and the initial password was never 
changed. When the program started, it popped up a custom login screen, 
fed the username and password to the connection string, and opened the 
database.

Security needs were low, few people needed access, and so it worked 
well. Recently, some potential new users have asked that we use Windows 
authentication instead. Current users like the idea, as it is one less 
thing to remember. So, I change the connection string to the following:

ConnectionString:='Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist 
Security Info=False;User ID=xxxxx;Initial Catalog=xxxx;Data 
Source=xxxxx;Use Procedure for Prepare=1;Auto Translate=True;Packet 
Size=4096;Use Encryption for Data=False;Tag with column collation when 
possible=False'

Seems to work fine, but then I find out it is actually ignoring the 
username and password being passed into the connection string, and just 
pulling it straight from Windows. At least, this is my understanding 
from reading various websites and forums. I understand that it is 
supposed to work this way, and it makes sense. Users don't care, but IT 
is horrified. They hate the idea that anyone could walk up to someone 
else's computer and call up the application just by clicking on the 
shortcut. Yes, we have automatic screen lock after 30 minutes, and yes, 
the users know that they are responsible for leaving their computer 
unlocked. IT knows human nature, and doesn't want to take any chances. 
They require an additional login to all database systems as a security 
check.

So, to get to the point, IT says I either have to keep using the 
database logon, or figure out some way of forcing Windows authentication 
to use the supplied credentials. From everything I have read online so 
far, there is no way to make Windows authentication use supplied 
credentials, but I'd love to be proved wrong. Any suggestions on what I 
should try?

Thanks.
0
Jon
10/22/2014 7:01:01 PM
embarcadero.delphi.ado 597 articles. 1 followers. Follow

1 Replies
639 Views

Similar Articles

[PageSpeed] 51

You have to use your old methods.  Windows authentication is just that, 
whomever is logged into the PC, those credentials are used.

As for your IT department being draconian, I suggest that they should 
actually trust that the employees working for the company are just that, 
employees.  Why -not- trust them?

FYI, here is my .UDL file for a Windows Authentication logon to SQL Server:

[oledb]
; Everything after this line is an OLE DB initstring
Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security 
Info=False;Initial Catalog=ProParts;Data Source=FORTRESS

In my SQL Database, I trust Domain Users.

Works.

John


"Jon Purvis"  wrote in message news:698743@forums.embarcadero.com...

Delphi XE6, MS-SQL 2008

So, to get to the point, IT says I either have to keep using the
database logon, or figure out some way of forcing Windows authentication
to use the supplied credentials. From everything I have read online so
far, there is no way to make Windows authentication use supplied
credentials, but I'd love to be proved wrong. Any suggestions on what I
should try?

Thanks.
0
John
10/28/2014 11:49:01 AM
Reply:

Similar Artilces:

Client Login Screen Gone, Windows Login Screen default
Ok, Pretty Lame subject, but hopefully this will help to explain. Yes, I know about setting Client login as the default, and the *gina.dll settings, etc... My Problem just started last week and seems to be slowly spreading (virus??) It seems that this registry key: HKLM\SOFTWARE\Novell\NWGINA,"PassiveMode"=1 (Normally Set to 0 or gone and NWClient loads first...) but after restart, the key is set BACK to "1" which means that the nwclient login doesn't come up first, instead the windows client comes up first. I can do a delivered app to fix this, ...

Windows authentication avoid login screen
Hello,I use windows authentication located on intranet, but users has to fill out the login screen that pops up in order to log in..Isn't it possible to avoid this, they are logged on their windows accounts, and thats enough security check ..? Thx  csharks.dk - asp.net As long as you are on the network it should be fine... see http://msdn2.microsoft.com/en-us/library/ms998358.aspx Sounds like you are using Basic Authentication or you aren't on the network.  -DamienVisoft, Inc - Home | Blogs Latest Blog Post: ASP.NET 4.0 AJAX Preview 4 - Client Templates ...

Receiving Windows login screen after authenticating to Novell
Workstations are receiving a Windows login screen after authenticating to Novell. We are using Zdf 4.01 IR5. NW Client 4.9.2 with all the psp2 patches. NetIdentity 1.1 (installed from zfd, not the client). I have DLU, slp and ldap configured and working. Users can login to Novell with no problems. I just can't get the login information passed to Windows so they don't get the Windows login. Any suggestions? Thanks Have you checked the box in your DLU policy that says something like "Manage windows account"? or it may be something like "Use existing ...

Windows Authenticated Website
I have a website using Integrated windows authentication. I'm using the follow code called from a pop-up window to show word, excel, csv, text, and pdf files within the browser or by forcing a download using the content type header. The problem is that when I try to display excel files within the browser by using below code, I get a Windows Login Prompt even though the user has already logged in once already in the parent window that the popup was called from. In Windows XP (IE7) I hit cancel without logging in and the document displays just fine. In Vista, if I hit cancel the ...

Login with Windows Authentication and Membership and roles login
I am creating a website that will be accessed by both customers and employees.  I want the employees to login using their existing windows username and password.  But I want both to use the membership and roles database to get their pemissions for the website.  Is this possible?  If so can someone point me in the right direction? I was able to find a way of doing what I was looking to do.  Basically what I did was habe the user authenticate against active directory if the user meet the criteria then check for the user in then set the password to a gener...

Hide Windows Login Dialog with Windows Integrated Authentication
Hello,I have an intranet site with only Windows Integrated Authetication on.In my web.config  i allow only some roles to view some pages.My problem is: How can I avoid to show the windows login dialog if someone tries to access a page with the wrong role. The user should be automatically redirected to another page (like Unauthorized.aspx).How can I get this working?  I tried to search on the internet for a solution, but I could not find anything useful. Hi Olandese, Based on my exprience, it may not be able to hide the dialog. As we know, the Windows Authentication is done by t...

Windows Authentication Replace Remote User Login Popup With Page Login
 Hey,I have a corporate intranet and when the users are local we use single sign-on and they are automatically authenticated and they move on about their business. Sadly, when they browse the intranet remotely, most users don't uderstand that the login needs to be 'domain\ussername', not just username which of course submits mysite.com\username. Anyway, How can I replace that login popup with a page redirect to a login web page. All of my users are on one domain so I could assume that much for them. The end result is that when they logon from home, I want them to be redirect...

Login Problems
I'm having problems logging into a DNN setup that is using Windows Authentication between the IIS/SLQ servers. Whenever I try a login (host or admin or any user), I am simply re-directed to the public face of the home page; if I try an invalid login, I [correctly] get an Invalid Login response. So I'm wondering why my regular DNN login process isn't working :( ... Here's our setup: - Domain Controller, IIS & SQL servers are each on a separate box - IIS authenticates to the SQL server via windows authentication - Users to the portal [supposedly] go through the regular Lo...

Windows Vista Please Wait Screen Appears for 2 Minuites Before the Login Screen
Hello, I have just set up a new laptop with Vista and installed all of the new updates but when I restart the computer or turn it on the please wait screen comes up for about 2 minutes before showing the login screen. The PC I'm on now is lower spec and shows the login screen instantly. I have searched the internet and tried disabling start up programs to speed it up but to no avail does anyone have any idea what could be causing it to say Please wait for so long? The specs of the PC are: 2gb Ram 2ghz Dual Core Processor 250gb Harddrive Thanks in Advance Aaron Ka...

Login screen Windows
One day the xp workstation work fine , normal Novell Login screen but the otherday we get a Windows Login sreen. Tried everything, reinstalling client, agent and-so-on but only get Novell Login back screen after systemrec. Does this help? http://support.novell.com/cgi-bin/search/searchtid.cgi?/10086499.htm Regards Rolf Lidvall Swedish Radio (Ltd) NSC SysOp Thanks for your reply Nick "Rolf Lidvall" <rolf.lidvall@sr.se> schreef in bericht news:RSC9d.4336$Bo1.2171@prv-forum2.provo.novell.com... > Does this help? > http://support.novell.com...

Windows Authentication and Login
I am using the windows auth., but everytime I put in my login info it fails. Im doing this: domain\username And then my password. All of the info is legit but it still wont let me login. What could be wrong? Thanks, Tom ...

Login with windows authentication
I have a page where I am receiving a user name and password. The users will be using their windows user name and password. What do I need to do during the login button click event handeler for this to work? In the web.config I have the authentication mode set to windows, and and <identity impersonate="true"/>. Thanks, Dave This article on CodeProject shows you how to mix forms authentication with windows authentication: http://www.codeproject.com/aspnet/ExtFrmsAuth.aspDarrell Norton, MVPDarrell Norton's BlogPlease mark this post as answered if it helped you!...

windows login screen
XP SP2 pc's. 4.9x and 4.83SP3 clients. Q: How do I remove the windows-level login at boot so Novell-level login is only login user has to login to. Looked under Advanced Settings/Logins, Properties...not finding. On 6/8/2005 clearblue@ask.com wrote: > Q: How do I remove the windows-level login at boot so Novell-level > login is only login user has to login to. You can't remove the Windows login. Windows2000/XP requires local authentication. However, you can implement AutoAdminLogon to the workstation and force authentication for Novell. Check out http://support....

Windows Authentication Login
Hello folks. First I would like to just say that this is a fantastic forum (i troll here daily for great info). However, for the last several days, the search feature does not seem to work. Hence the reason for the following:  I am trying to setup a website that uses authentication from the Acitve Directory (win2000 Advanced Server).  I used the sample from http://msdn2.microsoft.com/en-us/library/ms998360.aspx and I am running into an error after I attemtp to log in. Configuration Error Description: An error occurred during the processing of a configuration file required...

Web resources about - Windows authentication and login screens - embarcadero.delphi.ado

Authentication - Wikipedia, the free encyclopedia
Authentication (from Greek : αὐθεντικός authentikos , "real, genuine," from αὐθέντης authentes , "author") is the act of confirming the truth ...

New Tools to Optimize App Authentication
At f8, we announced a redesigned Auth Dialog and a new authentication flow to give developers more control over people’s first experience with ...

Facebook Tells Some Developers They Have 48 Hours to Fix Authentication Data Leaks
... sent an email to what it calls a “very small percentage of the developer community” informing them their apps are suspected of leaking authentication ...

Lockdown - A better two-factor authentication experience on the App Store on iTunes
Get Lockdown - A better two-factor authentication experience on the App Store. See screenshots and ratings, and read customer reviews.


Sony Authentication Power Outlet Recognizes Users and Devices #DigInfo - YouTube
Sony Authentication Power Outlet Recognizes Users and Devices DigInfo TV - http://diginfo.tv 9/3/2012 NFC & Smart WORLD 2012 Sony Authentication ...

SafeNet brings Cloud-based authentication service to A/NZ
SafeNet has released its new Cloud-based authentication service, billed as Authentication-as-a-Service, in A/NZ.

Online account security: lazy authentication is still the norm
Even in the high-tech world of 2016, crims will be able to side-step your account security by making a phone call and saying they're you.

Digital authentication to become Google's next big focus
Streamlining the website login process a top priority, according to the company’s Australian business and consumer services manager Dan Metcalf. ...

ATO boosts service access via app and voice authentication
The ATO has announced it will extend its voice authentication system to its mobile app

Resources last updated: 1/21/2016 1:11:24 AM