Following up from my previous post - Issue with Client side
impersonation - I guess what I need to discover first is:

Can a browser-based cient-side application impersonate a domain user?

If not, I'm a bit stuffed! So if anyone can give me a definitive
answer to that question, I'll at least know where I stand.

TIA,
Martin