How to grab AD credentials from client machine in a web application?

Question

Is it possible to grab activedirectory credentials for the user on a client machine from within a web application?

To clarify, I am designing a web application which

Answer 1

No, of course not. Can you imagine the havoc that would result in random web apps being able to get your AD username and password?

Now, if you just want the username - that's in REMOTE_USER if you're using integated windows auth. And, windows auth will auto login the user to your site - assuming you share a domain (or trust).

Edit: IWA works in an intranet scenario, since IE - by default - includes intranet sites in the Intranet security zone. Also, a sysadmin can use GPO to set other trusted sites. Firefox also supports NTLM, as does Opera and Chrome. All in all, it's not a bad way to setup an intranet.

Note, though - that you don't get credentials. You negotiate a token with the client, which is what keeps IWA secure (and my above point relevant).