c# WebBrowser returns unauthorized for different domain users
-
Hi. I'm using WebBrowser to display authenticated web page. I implemented the interfaces decribed in this post.
object obj = myBrowser.ActiveXInstance;
IOleObject oc = obj as IOleObject;
oc.SetClientSite(this as IOleClientSite);string authHeader = "WWW-Authenticate: Negotiate\r\n";
myBrowser.Navigate(_URL, "", null, authHeader);I'm using
Negotiateso I can use also SSO. The authenticate method is implemented like this:public int Authenticate(ref IntPtr phwnd, ref IntPtr pszUsername, ref IntPtr pszPassword)
{
pszUsername = Marshal.StringToCoTaskMemAuto("user");
pszPassword = Marshal.StringToCoTaskMemAuto("pass");
return S_OK;
}It works well. But the problem is when I want to authenticate the user with different domain. This doesn't work:
pszUsername = Marshal.StringToCoTaskMemAuto(@"domain\user");
pszUsername = Marshal.StringToCoTaskMemAuto("user@domain");I'm not able to display the page for users with different domains. It returns unauthorized. I don't know what changes to make so it's working.. Thank you.
-
Hi. I'm using WebBrowser to display authenticated web page. I implemented the interfaces decribed in this post.
object obj = myBrowser.ActiveXInstance;
IOleObject oc = obj as IOleObject;
oc.SetClientSite(this as IOleClientSite);string authHeader = "WWW-Authenticate: Negotiate\r\n";
myBrowser.Navigate(_URL, "", null, authHeader);I'm using
Negotiateso I can use also SSO. The authenticate method is implemented like this:public int Authenticate(ref IntPtr phwnd, ref IntPtr pszUsername, ref IntPtr pszPassword)
{
pszUsername = Marshal.StringToCoTaskMemAuto("user");
pszPassword = Marshal.StringToCoTaskMemAuto("pass");
return S_OK;
}It works well. But the problem is when I want to authenticate the user with different domain. This doesn't work:
pszUsername = Marshal.StringToCoTaskMemAuto(@"domain\user");
pszUsername = Marshal.StringToCoTaskMemAuto("user@domain");I'm not able to display the page for users with different domains. It returns unauthorized. I don't know what changes to make so it's working.. Thank you.
Forget about the code for a second; can you give us an example of which domain you would like to authenticate? See, if you're authenticating someone from, say, Microsoft, then their domain-server would have to trust[^] yours. The network-name might not always the same as the domain that is used on the internet.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
Forget about the code for a second; can you give us an example of which domain you would like to authenticate? See, if you're authenticating someone from, say, Microsoft, then their domain-server would have to trust[^] yours. The network-name might not always the same as the domain that is used on the internet.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
The app I'm connecting to, runs on our server. There is also web login to the server app. The users log in using domain with their username (domain\user1). I'm not very familiar with this technology but I will look up necessary facts, if you need more info.
-
The app I'm connecting to, runs on our server. There is also web login to the server app. The users log in using domain with their username (domain\user1). I'm not very familiar with this technology but I will look up necessary facts, if you need more info.
-
Yes, the user can log in using the form on webpage with the given credentials. In the web form the user selects the domain, put down the username and password. As I was told the domain and the username are then put together like this "domain\username" when the logging is being processed. That led me to conclusion that I should concatenate the domain and the username in the winforms app too. But I'm getting unauthorised. So I thought that there is something else I should set..
-
Yes, the user can log in using the form on webpage with the given credentials. In the web form the user selects the domain, put down the username and password. As I was told the domain and the username are then put together like this "domain\username" when the logging is being processed. That led me to conclusion that I should concatenate the domain and the username in the winforms app too. But I'm getting unauthorised. So I thought that there is something else I should set..
kubiiik wrote:
So I thought that there is something else I should set..
You should be able to sign in on your own website without modifications. The WebBrowser-control is "just" an instance of IE, nothing special. The thing that threw me off was the reference to "other domains". You wouldn't be able to authenticate people from the domain our company uses, simply because it is outside the network.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
kubiiik wrote:
So I thought that there is something else I should set..
You should be able to sign in on your own website without modifications. The WebBrowser-control is "just" an instance of IE, nothing special. The thing that threw me off was the reference to "other domains". You wouldn't be able to authenticate people from the domain our company uses, simply because it is outside the network.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
Eddy Vluggen wrote:
You should be able to sign in on your own website without modifications. The WebBrowser-control is "just" an instance of IE, nothing special.
Just to clarify, we do not display any login page in the webBrowser. If the user log in using regular browser, the log in page is displayed. But when using the C# winforms app, the log in is set in the app and used as string in the
Authenticatemethod.Eddy Vluggen wrote:
The thing that threw me off was the reference to "other domains". You wouldn't be able to authenticate people from the domain our company uses, simply because it is outside the network.
I don't understand the domain users much (I had to google more info about it), but I think that the domain controller should handle the users (according to http://www.howtogeek.com/194069/what-is-a-windows-domain-and-how-does-it-affect-my-pc/[^]).
-
Eddy Vluggen wrote:
You should be able to sign in on your own website without modifications. The WebBrowser-control is "just" an instance of IE, nothing special.
Just to clarify, we do not display any login page in the webBrowser. If the user log in using regular browser, the log in page is displayed. But when using the C# winforms app, the log in is set in the app and used as string in the
Authenticatemethod.Eddy Vluggen wrote:
The thing that threw me off was the reference to "other domains". You wouldn't be able to authenticate people from the domain our company uses, simply because it is outside the network.
I don't understand the domain users much (I had to google more info about it), but I think that the domain controller should handle the users (according to http://www.howtogeek.com/194069/what-is-a-windows-domain-and-how-does-it-affect-my-pc/[^]).
kubiiik wrote:
Just to clarify, we do not display any login page in the webBrowser. If the user log in using regular browser, the log in page is displayed. But when using the C# winforms app, the log in is set in the app and used as string in the
Authenticatemethod.Thanks for that clarification :) I was expecting windows-authentication, which would not require a special login.
kubiiik wrote:
I don't understand the domain users much (I had to google more info about it), but I think that the domain controller should handle the users
Yes, but you won't be able to verify anyone outside your own domain.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
kubiiik wrote:
Just to clarify, we do not display any login page in the webBrowser. If the user log in using regular browser, the log in page is displayed. But when using the C# winforms app, the log in is set in the app and used as string in the
Authenticatemethod.Thanks for that clarification :) I was expecting windows-authentication, which would not require a special login.
kubiiik wrote:
I don't understand the domain users much (I had to google more info about it), but I think that the domain controller should handle the users
Yes, but you won't be able to verify anyone outside your own domain.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)