Using Session Based Authentication, are there other means of passing the Domino Server user credentials other than typing them into the username and password field?
We have customized the domcfg.nsf login form to pickup the credentials from a url (…nsf?OpenDatabase&User=Username&Pass=password), which then populates the username and password fields and submits the login form. Although this method is not very secure, it does work well, and is best suited for logging in a generic reader. The solution isn’t secure for other applications that send us an authenticated session id in the url from a global session manager. We need the ability to, after talking to the session manager server and verifying the session id’s authorization, to log that user into the Domino server without the user seeing the login page, or putting the credentials into a url, or even touching the domcfg.nsf database. Is there a programmatic way to authenticate with the Domino server and which then is valid across session based authentication?