Passing authentication

Hi,

We use Orbeon Forms (Tomcat) currently, however it is a standalone system and the forms are filled in without any authentication of the user. They are just given the public URL of the /new form and then it is filled in a submitted. The /edit and /summary is locked to authorised access only.

We have another platform (.NET) which our users login to in order to do tasks which are related to the forms. What we would like to do is have the user login to our .NET platform and authenticate. Once they are inside they would go to a specific project and browse the related files and links. One of these links would be to the Orbeon Forms server. Ideally we would like to use the .NET credentials to then authenticate them on the Orbeon system so that when they follow the link it knows who they are in Orbeon and puts the user into the form data when saved. This would mean that we can then have a user edit an existing form or edit a draft.

We don't want to have a login form for the forms system separately, it should only be accessed via the .NET platform.

I've read through the documentation but I can't seem to piece everything together to achieve what we are trying to do.

1. Do I setup a tomcat group called something like 'sql_users' in the tomcat-users.xml and then in the web.xml
2. Where do I set the 'sql-users' group to be related to the .NET SQL DB user table.
3. Is there something with tokens I should be doing?

Thank you in advance for any guidance that can be offered.

Eusebio

CONTENTS DELETED