1

As per this article, I've extended the System.Windows.Forms.WebBrowser class to implement custom error-handling. Mostly, it works.

The problem comes when the browser gets a "401 Unauthorized" response. That kind of response causes the WebBrowser control to display the standard Username / Password dialog. The NavigateError event isn't fired until that dialog is cancelled.

So what can I do to capture the 401 response and handle it in my own custom way?

I assumed there would be something I could do, such as that which I do to capture the NavigateError event, and handle those my own way but I haven't seen anything.

Edit: Solution Found!
The important steps are:
1. The WebBrowser control must first be navigated to a non-secure page ("about:blank" is the typical URL used) in order to avoid KB 320153
2. The host for the WebBrowser control must implement IOleClientSite, IServiceProvider, and IAuthenticate.
3. IServiceProvider.QueryService must handle the IAuthenticate service request with the IAuthenticate implementation, all other service requests can be handled with the INET_E_DEFAULT_ACTION response.
4. IAuthenticate.Authenticate is your custom authentication handler.

Task
  • 3,668
  • 1
  • 21
  • 32

2 Answers2

4

implement IAuthenticate and IAuthenticateEx on your webbrowser host. Basically, your IOleClientSite implementation needs to responde IServiceProvider.QueryService, and return an IAuthenticate(Ex) interface (not the managed one, the native one returned from Marshal.GetComInterfaceForObject) when the service is IID_IAuthenticate. For unrecognized service requests, QueryService should return INET_E_DEFAULT_ACTION.

I don't think the WPF webbrowser has extension points for its IOleClientSite implementation. You can try host a Winform webbrowser class which has an overriden CreateWebBrowserSiteBase virtual method that provides the IAuthenticate(Ex) implementation, or write a webbrowser wrapper from the ground up.

This may not work in a Citrix session.

Sheng Jiang 蒋晟
  • 15,125
  • 2
  • 28
  • 46
  • That was pretty much exactly the information I was looking for, thanks! I've now got custom handling working for all of the authentication requests except the very first. Do you know of anything else I might be missing? – Task Nov 16 '11 at 19:48
  • can you add the response header from the server to the question?You can gather the response using fiddler while running IE or your webbrowser host . – Sheng Jiang 蒋晟 Nov 16 '11 at 20:53
  • 2
    Figured it out! Known bug in IE, there was a small reference to it in the article that explained everything. I've added some notes to the question to highlight the important steps for future visitors. You know, assuming someone else at some point wants to do the same kind of crazy thing that I have to do. 8 ) – Task Nov 17 '11 at 15:09
0

I found that to be able to navigate the site without the Authorization Header getting lost or removed I had to do the following otherwise for each new page the user was prompted again. This solution also does not require the user:password@site syntax to be enabled. 

    private bool _redirected = false;
    private const string BaseUrl = @"http://mySite";

    private void Navigate()
    {
        var helpUrl = BaseUrl;
        var authHeader = GetAuthHeader();

        _docWindow.Browser.Navigate(helpUrl, string.Empty, null, authHeader);           
        _docWindow.Browser.Navigating += Browser_Navigating;

    }

    private string GetAuthHeader()
    {
        byte[] authData = UnicodeEncoding.UTF8.GetBytes(_userName + ":" + _password);
        string authHeader = "Authorization: Basic " + Convert.ToBase64String(authData);
        return authHeader;
    }

    void Browser_Navigating(object sender, System.Windows.Navigation.NavigatingCancelEventArgs e)
    {            
        if (_redirected)
        {
            _redirected = false;
            return;
        }
        var newPage = BaseUrl + e.Uri.AbsolutePath;

        e.Cancel = true;
        _redirected = true;
        _docWindow.Browser.Navigate(newPage, string.Empty, null, GetAuthHeader());
    }
Darlene
  • 808
  • 5
  • 16