Your description is the actual way I would like to implement the application.  Also, according to ASP.net documenation the most secure "application login" is to use a domain account and...