Hey all I am needing to know if it is possible to check a users typed in password against the AD to make sire it's the correct password?
Reason being is that once they log in I need to use their user name and password to do some web service calls because the API needs both in order to perform the task.
Taken that no one in my company let's another know their password since that would be against policy I would just like to have the user provide the password securely and have the AD take care of finding out if its correct or not without me or anyone else knowing what that password is. So just really looking for a TRUE or FALSE when its checking their typed in password AND be able to store the password (in AES encryption) for later use with the REST API.
Hopefully that above makes since. If not, please let me know and ill do my best to explain it better.
EXAMPLE
The IBM REST service I am calling it needs both the user name and password in order to execute the API command. As an example the command i would be using via HTTPservice would be:
--user <loginId>:<passwd> http://<host>:<port>/forms-basic/secure/data/dd34da19-15c4-4267-8f1e-9f12ece743d7/F_Form1?format=text/xml&sortBy=lastUpdated&order=DESC
Both the < loginId> and < passwd> are needed in order to execute that command using VB.net's WebRequest method.
VB.net example call code:
Dim request As WebRequest = WebRequest.Create(apiURL & appID & "/" & dataForm & "?format=text/xml&order=DESC")
Dim credentials As String = Convert.ToBase64String(Encoding.ASCII.GetBytes(Convert.ToString(userData_ID & Convert.ToString(":")) & userData_PW))
request.Method = "GET"
request.Headers("Authorization") = "Basic " + credentials