APEX

DISCLAIMER: Yes, I do know that it's Horribly Insecure (tm). I don't care.

The problem is: I have an internal lan with very stupid clients that need to access my tiny APEX app slapped on the internal server. These people can click a desktop icon, but forcing them to have Yet Another Password is out of question. If I do that they will 1. write that password on paper and slap the paper on the monitor for everyone to observe (and defeat the purpose of that password) and 2. forget passwords all the time and bug me every day. Anyway all their accounts are on the Citrix server and they already get authenticated by that system when they see their desktop (and of couse they have no access to neighbor's desktops).

So I need an icon on their desktop to click and plunge into my app. The icon part is simple: I can create a .url file and write there something like this:

[InternetShortcut]
URL=http://192.168.1.1/apex/f?p=12345:123

But how to add username and password to this URL, so they see page 123 as authenticated users? No, no, I can't make that app public because it's a tiny forum-like thingy where they write messages signed by their account name, so I need usernames. And no, I can't assume IP address == user because there are a lot of users on every Citrix server.