One-way trusts between RSA realms or between ADs is straight forward enough, but what happens when users want to authenticate using both RSA and AD in a one-way trust? Take 2 domains for example. Domain B trusts A, but A does not trust B. How would a user sign into domain B using credentials from domain A? Is that even possible with both Active Directory and RSA being required for each domain?