Hello,
I'm trying to find out if the following is possible...
I'm writing a web service that will use http digest authentication to authenticate requests to the service. Since this service will be consumed by users that are part of my organization as well as those outside, I would like to have the authentication of the users first look to a database and if the account isn't found there try authenticating against AD. Now, all the examples of authenticating against AD I have seen so far require both a username and password. But with Digest Auth, the password is already assumed to be known by the server; for the case of internal users I don't know their password since it's not stored in my db. Is there an api to use the information sent in the http digest header to authenticate against the AD?
Thanks,
Daniel Perry