The delegation of authentication is often a requirement when a network service is distributed across several servers, such as when the organization uses Web-based application services with front-end and back-end servers. In this environment, a client connects to the front-end servers and the user's credentials may need to be passed to back-end servers to ensure that the user only gets access to information to which she has been granted access.
Delegated Authentication Essentials
In Windows 2000, this functionality is provided using Kerberos authentication, either using proxy tickets or using forwarded tickets:
With proxy tickets, ...