Hi,

Technically you can do this but for security reasons it's not a very good idea to send in a users password from one application to another.

From a PRPC perspective and generic SnapStart usage this can be done by sending UserIdentifier and Password parameters. The Password parameter has to be base64 encoded and that is the problem, it's not encrypted but encoded.  The only time this would really be acceptable if the same PRPC user is being used all the time and you control security more with the PRPC user roles.

Better Approaches:

For single sign on you can implement it so the environment uses desktop level authentication. For example a SAML implementation where the IDP is configured for desktop level authentication would allow for login to PRPC with out prompting for credentials. The setup is more dependent on IDP setup then PRPC.  Same with J2EE Container level authentication and Kerberos authentication which is more environment setup than PRPC setup.

Another approach is a custom Authentication Service that uses a token is generated by the calling application and is encrypted. You then use the Authentication Service  login activity processing to decrypt the token and validate it. The token could contain the UserIdentifier, a date/time that can be used for token expiry and other information as needed.  This doesn't need to have a password.  You would need to have good working knowledge of custom authentication services for implementing this type of solution.

Hope this helps you get started. Not sure of your security requirements so please be careful ;)

--Chris