[thelist] FW: B2B Seamless login

Les Lytollis leslytollis at dimensions-corporatewear.co.uk
Fri Dec 3 04:30:32 CST 2004 

Thanks Ron, 

Response inline (hope that's not bad list etiquette)

>
>(B) I think what you're looking for is having a user log into
>a company 
>intranet with a name and password and then NOT have to enter 
>any userid 
>or password when they access your site from their favorites menu in 
>their browser.

Yes, that's what I meant

>
>What I think you *might* be able to do is have the client company put
>a desktop icon on their users machines ... that icon could run an app 
>to verify their internal NT authentication type stuff and match that 
>to a separate db table (located at the client company) that contained 
>a userid and password to allow _that_ employee to access your 
>service.  

Sounds more sensible than asking them to hand over their internal user
account details, 
the problem will be getting them to put a piece of our software on their
servers...

>After validation, this app should be able to launch a browser window
>and send you an encrypted, SSL, moo, baa, whatever 'get' request with 
>the login information to your service - which you could then validate 
>on your end. 

Ok, I like this - anyone have any examples on where / what to look for
to do this for a dotnet app?

><side question /> What do you do today about a company that lays off
>an employee that has authority to place orders with you on their 
>behalf?  

We tell the client that they are responsible for maintaining passwords,
etc 
They can contact us if the admin user needs resetting.

>What prevents that disgruntled now ex-employee from placing a
>few million dollars worth of orders with you after they stop off at 
>the pub on their way home that evening?  

There are limits on the allocations allowed and the customer service or
warehouse guys would (hopefully) query such a huge order before it went
out.

>Does your service agreement
>cover order cancellation and restocking fees for those situations?

er...good question! I have raised it with the pointy haired bosses ;)

LezL 



********************Confidentiality Notice & Disclaimer ***********************
This message, together with any attachments, is for the confidential and exclusive use of the addressee(s).
If you receive it in error, please delete the message and its attachments from your system immediately and notify us by return e-mail.
Do not disclose, copy, circulate or use any information contained in this e-mail.

(1) Whilst we have taken reasonable precautions to ensure that any attachment to this e-mail has been swept for viruses, we cannot accept liability for any damage sustained as a result of software viruses and would advise that you carry out your own virus checks before opening any attachment.
(2) The sender shall remain solely accountable for any statements, representations or opinions that are clearly his or her own and not made in the course of employment.
***********************************************************************************

More information about the thelist mailing list