I agree there isn't a good alternative. IMHO, it's poor practice to allow an application to log in without requiring a user to log in as well.
The only good solution I saw, was an app that logged into a login server and submitted a user/pwd. The result set then "told" the app where to go for the real database. Hard part here was replicating login information.
Steve Jones