This project requires someone who is an expert
with Windows security APIs to provide a small
but working code sample. If you do not
have in-depth knowlege of the security APIs,
please do not bid on this project. The code
also should not involve exploiting any security
holes in Windows.
The finished deliverable is a well documented C or C++
code sample that shows how a trusted Windows
application (that I already have), running as, say,
Administrator, can switch and run as some other
user, say engineering\joe if it has no passwords.
Imagine this: you type in your user name and scan
your fingerprint and you're logged in! In this example,
my application will verify the fingerprint then run
my code as you. The user name might come from,
say, Active Directory, but we will not be accessing
network resources like file shares, only running
locally. We do not have the user's password, so
we cannot send it to Windows. This is the most
important part of this project!
The usual Windows call "LogonUser" will not work in
this case because, again, we do not know the password,
nor can we save it anywhere. However, the application
can run with privileges or whatever is necessary (install
DLLs, modify the registry, etc) or whatever it needs to
be considered trusted by the OS, and get the job done.
A code sample is fine for the deliverable, but it
must be working, documented, and it must work
with both Win2k Server and also Win2003. To
repeat: we do not want to exploit any Windows
security holes to do this.
To complete this, you may need to write a custom
authentication package - unless there are other
API methods already exposed to do this(?). Here is
a reference that I found for writing authentication
<[url removed, login to view]>
1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done.
2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables):
a) For web sites or other server-side deliverables intended to only ever exist in one place in the Buyer's environment--Deliverables must be installed by the Seller in ready-to-run condition in the Buyer's environment.
b) For all others including desktop software or software the buyer intends to distribute: A software installation package that will install the software in ready-to-run condition on the platform(s) specified in this bid request.
3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement).
Your clean and well documented code must work on
both Win2k Server and also Win Server 2003.