none
Forcing basic authentication from desktop application RRS feed

  • Question


  • I have a C# desktop application that stores login data in a database, and uses that to automatically login to local devices that have an HTTP interface. I am using a WebBroswer control to show the web pages.

    The automated login works well for form based authentication, but I'm having trouble with basic auth. I have tried to ways.

    I have a helper class that passes formatted Uri and such to the browser window, which in turn passes it to the webBrowser control's Navigate method:

    try
            {
                Browser winViewer = new Browser(uri, null, null, header, deviceInfo);
                winViewer.Show();       
            }

    Here is the point inside the browser window where the navigation is done:

     //pass vars and navigate to interface
            try
            {
                wb.Navigate(url, targetFrame, postData, headers);
    
            }

    Here are the 2 ways I have tried to pass the login data to the home uri:

    This one causes a COM error at runtime, with HRESULT: 0x800C000E. It seems to be a security error: StackTrace: at MS.Win32.UnsafeNativeMethods.IWebBrowser2.Navigate2

    Uri uri = new Uri (String.Format(@"http://{0}:{1}@{2}", targetDevice.deviceLoginName, targetDevice.devicePassword, targetDevice.ipAddressString));

    The second way (and probably the correct way) I am using is to pass the encoded header directly to the browser after a 401 status code is returned. This is the method that is causing the Windows Security login popup.

    Uri uri = new Uri(String.Format("http://{0}", targetDevice.ipAddressString));
    string header = "Authorization: Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes(targetDevice .deviceLoginName +":" + targetDevice .devicePassword )) + System.Environment.NewLine;

    Can anyone tell me why the security window is popping up, and what process I can use to eliminate or hide it, so my login remains invisible?

    I think it has to do with IE security settings, but I don't know how to work around it.
    Thursday, December 19, 2013 2:53 PM

Answers