web browser control + authentication

Question

I’m developing a windows phone 8 app that uses WebBrowser control.

When I navigate my WebBrowser control to an NTLM-authenticated web site, nothing happens. The only event is Navigating, the control stays white, and neither Navigated nor NavigationFailed event is triggered.

When I use the system-provided web browser application to navigate to the same web site, it displays me a popup asking for user name, password and domain.

How can I achieve similar behavior with WebBrowser control in my app?

Answer 1

I’ve only found workaround for basic HTTP authentication.

To detect such case, I issue a HEAD HTTP request before navigating the web browser.

If no exception happens, I navigate the web browser to that URI.

If an exception happens, I catch WebException, get the e.Response.Headers collection, and check for WWW-Authenticate value. If the value is non-empty, I conclude the server asks for authentication.

If the WWW-Authenticate value begins with “basic”, I ask user for credentials using my own popup control. Then I validate the credentials by issuing one more HEAD request, this time setting webClient.Credentials = new NetworkCredential( user, pass );

If they’re OK, I finally pass the credentials to the web browser control using the following method:

public static Uri addCredsToUri( Uri u, string user, string pass )
{
    UriBuilder uriSite = new UriBuilder( u );
    uriSite.UserName = user;
    uriSite.Password = pass;
    return uriSite.Uri;
}

If however WWW-Authenticate value begins with "negotiate", i.e. the server uses NTLM authentication, I don't know how to pass the credentials to the web browser. At least I detect this case, and show an appropriate error message to my end user telling him/her the NTLM authentication is not supported.