The active directory and security information is available to system apps by default. There are scripts you can create and run to do a RSOP or a resultant set of policy showing who has access to what. This should be able to be incorporated within your app.
When the user swipes his card and authenticates at login those credentials are saved to a token on the machine.
Let me know if I am not barking up the right trail buddy!