Hi,
I have a webbrowser control that navigates to sharepoint port.
How can i send credentials to webbrowser control, so i can navigate to the site with custom credentials?
No, because i am connecting to sharepoint and i don't want to add a custom page to sharepoint.
Gaby
2010-03-15 09:15:23
A:
If you cannot send querystring you will have to fake data with post so that the site thinks that you come from their sign in page. This means that you will have to check their login form to check out names of their fields, then you can sign in like below. Please note that you their login form has action member.php and action=login (action is a hidden field which must be used aswell). The field for username is called username and the field for password is called password. This must be taken in account in order for their page to retrieve the data correctly
string postData = "username=Kurresmack&password=pw&action=login&url=/";
webBrowser1.Navigate("www.sweclockers.com/forum/member.php", "", System.Text.Encoding.UTF8.GetBytes(postData), "Content-Type: application/x-www-form-urlencoded\r\n");
if you authenticate using windows try this:
#region imports
[DllImport("advapi32.dll", SetLastError = true)]
private static extern bool LogonUser(string
lpszUsername, string lpszDomain, string lpszPassword,
int dwLogonType, int dwLogonProvider, ref
IntPtr phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto,
SetLastError = true)]
private static extern bool CloseHandle(IntPtr handle
);
[DllImport("advapi32.dll", CharSet = CharSet.Auto,
SetLastError = true)]
public extern static bool DuplicateToken(IntPtr
existingTokenHandle,
int SECURITY_IMPERSONATION_LEVEL, ref IntPtr
duplicateTokenHandle);
#endregion
#region logon consts
// logon types
const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_LOGON_NETWORK = 3;
const int LOGON32_LOGON_NEW_CREDENTIALS = 9;
// logon providers
const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_PROVIDER_WINNT50 = 3;
const int LOGON32_PROVIDER_WINNT40 = 2;
const int LOGON32_PROVIDER_WINNT35 = 1;
#endregion
And then for "signing in" use this:
IntPtr token = IntPtr.Zero;
bool isSuccess = LogonUser("username", "domain", "password",
LOGON32_LOGON_NEW_CREDENTIALS,
LOGON32_PROVIDER_DEFAULT, ref token);
using (WindowsImpersonationContext person = new WindowsIdentity(token).Impersonate())
{
//do your thing
person.Undo();
}
Oskar Kjellin
2010-03-15 09:15:22
Thanks Kurresmack for your concern, I've tried your new method, and in the "do something" part I've added MessageBox.Show(System.Windows.Forms.SystemInformation.UserName) to make sure that the new credentials takes effect, i see that the new credentials takes effect but the webbrowser site is still opening with the logged in user credentials.
Gaby
2010-03-17 08:40:39
perhaps not do the "using" thing and impersonate before the webbrowser is instantiated and undo upon exit?
Oskar Kjellin
2010-03-17 09:51:05
Hmm, might be because the web browser control goes into an own instance which is boxed (at least I think it is)
Oskar Kjellin
2010-03-17 11:17:45
+1
A:
It depends on the authentication method used by the server. For form authentication you just need to simulate a form post. But most likely the site is using integrated Windows authentication and you need to implement IAuthenticate(Ex) Or impersonate via LogonUser.
Sheng Jiang 蒋晟
2010-03-15 20:08:53
Hi, the site is using integrated windows authentication and i had implemented IAuthenticate in my form http://izlooite.blogspot.com/2009/06/bypass-integrated-authentication-using.html, but the problem is that this solution woks only if IE is configured to prompt for username and password, in others cases (automatic login...) it doesn't work.
Gaby
2010-03-19 08:21:35