Hi! I have a smart client application being deployed with a CickOnce webpage.
here's the current scenario.
1.User runs the application, and the application shows a login form.
2.User enters ID/Password in the login form, and the application sends that information to the server.
3.The server authenticates the user and sends configuration and data to the application.
Different users have different configuration and data for their application.
I was concerned that anyone can download the application from the webpage if they know the URL.
So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application.
I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again.
How can the webpage send the ID/Passoword to the application securely?