System.Windows.Forms.WebBrowser sometimes does NTLM auth - why?

Question

I have a Windows Forms app targeting .NET 2.0. I'm attempting to add a single sign-on feature via the SAML 2.0 protocol, for which the most efficient apparent solution was an embedded web browser.

I've verified using a dummy app containing only a WebBrowser control that the NTLM exchange does take place. However, when I embed apparently the same control into the larger application, the browser doesn't respond to the initial HTTP 401 challenge and instead redirects to IE's "Navigation Canceled" page.

The Googles have not been forthcoming, and I'm puzzled at this behavior. Can anyone shed some light on what might be inhibiting the WebBrowser's credential negotiation?

score 3 · Accepted Answer · answered Dec 12 '11 at 04:56

I discovered the answer during a line-by-line comparison between the (working) test app and the (not working) full app.

The key to enabling NTLM negotiation for me was to set ScriptErrorsSuppressed to false. I had intended to hide Javascript error popups from our users, but suppressing those also suppresses credential negotiation. Go figure.

System.Windows.Forms.WebBrowser sometimes does NTLM auth - why?

1 Answers1