I've been tasked with building an ASP.NET app that requires a user to initially login with a company assigned username password which we have stored in Active Directory using Forms authentication. When they first log in I'm supposed to bring them to a page where they create a personal username/password with their e-mail address as the username. I'm supposed to store this in SQL and next time they log in with the new un/pass look up the original un/pass and authenticate them using this.
Sounds like a great system but is this a feasible design?
Some of the challenges I'm anticipating are how will I run the authentication after I've looked up the company un/pass. Could I even use the ASP.NET login control? Would I have to use OnAuthenticate and create my own authentication procedure?
Also how would I get the company password from the login?
Thanks in advance for any ideas.
Sounds like a great system but is this a feasible design?
Some of the challenges I'm anticipating are how will I run the authentication after I've looked up the company un/pass. Could I even use the ASP.NET login control? Would I have to use OnAuthenticate and create my own authentication procedure?
Also how would I get the company password from the login?
Thanks in advance for any ideas.