Auto login on website

Question

I'm working on an application which consists of a Web Application and a Standalone Application. Both of the applications use the same database and require authentication and authorization.

Within the Standalone Application a web browser needs to be opened, going to a page within the Web Application. This page is for authorized users only.

Could anyone tell me if there is an easy way to automatically login within the Web Application via the Standalone Application? Besides using cookies or providing a token in the url. Thank you.

Answer 1

How do you handle authentication? If you are connecting straight to the database from your desktop application and the database holds the authorization information such as a SQL table of users and passwords then you could just do a query on the database and authorize from the application directly without having to go to the web page.

Answer 2

Store the login credentials (username and password) in the user's local filesystem. Not a recommended though, because therefore the user's password can be easily read by anyone who has access to the filesystem.

Answer 3

If your organization uses single sign on then you could just use that process. If not then you could pass an encrypted key as part of the URL parameter that has the validation info in it and validate that in your web application. In order to safeguard the key you may need to add random data to it each time so that the users cant just copy the key and go to the web page directly always. Other option I can think of is passing the userid as part of the URL and then doing query in the users table to re-validate the user in the web app. But that's sort of extra processing I guess you are trying to avoid here..