Autofill an Integrated Windows Authentication - c#

I'm making an application with C#, this application will automatically navigate to a SharePoint site and gather some information. I have basic User Rights to the site (Meaning I'm not at a Site Admin), the SP site uses Integrated Windows Authentication which looks like this,
How can I get the C# application to autofill the needed credentials when the WebBrowser control navigates to the site?
This is a very basic break-down,
- Application Opens
- 'Navigate' Button is clicked
- WebBrowser1 Control Navigates to the SP Site and autofills the supplied credentials (Within the code).

This is the code I'm using to complete this operation,
WebClient client = new WebClient();
CredentialCache cc = new CredentialCache();
cc.Add(new Uri("http://spSite"), "NTLM", new NetworkCredential(username, password, domain));
client.Credentials = cc;

Related

Passing Credential of windows authenticated users to web client

I'm developing an Intranet application using C# and MVC. I have windows authenticated enabled to authenticate my users. One of the requirement is to enable users to download files from a SharePoint server on the same domain. From my local machine it's no problem but when I publish it on a live server again on the same domain I get error 401 unauthorized My original code was
byte[] fileBytes = await client.DownloadDataTaskAsync(fileUri);
var response = new FileContentResult(fileBytes, "application/octet-stream");
return response;
Now after reading up I've come across CredentialCache so I've changed my code accordingly
CredentialCache cc = new CredentialCache();
cc.Add(
new Uri(fileUri),
"NTLM",
new NetworkCredential("username", "pass", "domain")
);
client.Credentials = cc;
I can't figure out how to get the password and pass it to NetworkCredential. So my question is how do I get and pass the password to NetworkCredential as I don't store it anywhere because the users are windows authenticated.

Sharepoint 2010 User Authentication (windows Credential) with Client Object Model

I am trying to login to a SharePoint website that uses Windows Integrated (NTLM) authentication. There are 2 ways to enter credentials for the SharePoint website, Windows Authentication and form authentication.
However, Form authentication is disable on this specific website and I can only use windows authentication. Is there a way for me to login to this site with different credential than what I used to login to my windows machine?
See error here: Form authentication denied
String site = "http://sharepoint/";
ClientContext context = new ClientContext(site);
context.AuthenticationMode = ClientAuthenticationMode.FormsAuthentication;
FormsAuthenticationLoginInfo formsAuthInfo = new FormsAuthenticationLoginInfo("MyUser", "MyPassword");
context.FormsAuthenticationLoginInfo = formsAuthInfo;
// The SharePoint web at the URL.
Web web = context.Web;
// We want to retrieve the web's properties.
context.Load(web);
// Execute the query to the server.
context.ExecuteQuery();
InitializeComponent();
I also tried to use:
context.Credentials = new NetworkCredential("user", "pass", site);
ClientContext context = new ClientContext(site);
context.Credentials = new NetworkCredential("user", "pass", site);
// The SharePoint web at the URL.
Web web = context.Web;
// We want to retrieve the web's properties.
context.Load(web);
// Execute the query to the server.
context.ExecuteQuery();
InitializeComponent();
I get the following 401 (unauthorized) error
Instead of changing the ClientContext object's AuthenticationMode property to FormsAuthentication, try setting the object's Credentials property to a valid Network Credential object.
ClientContext context = new ClientContext("http://sharepointsite/");
context.Credentials = new NetworkCredential("username","password","domain");
Don't know if it is late but, by default, the managed client object models authenticate users by using their Windows credentials (DefaultCredentials).
So you don't need to explicitly set the Credentials. Just Set following -
context.AuthenticationMode = ClientAuthenticationMode.Default;

WebClient Credentials SharePoint Intranet

I am working on a problem right now and it involves downloading multiple PDF files to our DMZ from our LAN SharePoint server.
What we are trying to accomplish is a "NewsFeed" type application. What it does is take list data from uploaded Content Types made in SharePoint, then post them to our external website hosted on the DMZ, with a link to the appropriate pdf file. We used the REST API that sharepoint has to accomplish the text layout fairly easily, but the problem we are now running into is copying the .pdf of the uploaded document from the SharePoint site, onto the DMZ, so we can store them in a cache, and the user can access them through an href.
Here is code that works, to access the SharePoint REST API.
// Create the connection to sharepoint. Credentials are managed within web.config
SharePointListsREST.SharePointDataContext dc = new SharePointListsREST.SharePointDataContext(new Uri(ConfigurationManager.AppSettings["spUrl"]));
CredentialCache cc = new CredentialCache();
cc.Add(new Uri(ConfigurationManager.AppSettings["spUrl"]), "NTLM", new NetworkCredential(ConfigurationManager.AppSettings["spUser"], ConfigurationManager.AppSettings["spPassword"], ConfigurationManager.AppSettings["spDomain"]));
dc.Credentials = cc;
This works perfectly, it is able to authenticate, grab the data and display it. For the PDF download functionality we have this.
private void GetPDF(string URL, string path)
{
if (System.IO.File.Exists(path))
System.IO.File.Delete(path);
WebClient wc = new WebClient();
CredentialCache cc = new CredentialCache();
cc.Add(new Uri(ConfigurationManager.AppSettings["spUrl"]), "NTML", new NetworkCredential(ConfigurationManager.AppSettings["spUser"], ConfigurationManager.AppSettings["spPassword"], ConfigurationManager.AppSettings["spDomain"]));
wc.Credentials = cc;
wc.DownloadFile(URL, path);
}
which does not work at all and throws a 401 Not Authorized error.However, if you go to try to access the pdf file by going to http://XX.XX.XX.XX/.../test.pdf you will be prompted for a username/password. Entering my windows based credentials will give me access to the pdf.
I have tried using wc.UseDefaultCredentials = true; but it does not work either. Does anyone have any ideas on how I can get this to work with the webclient?
Here is one of the error logs from IIS.
2012-07-11 00:56:12 XX.XX.XX.XX GET /Employee+Images/_t/sample.jpg - 80 - 192.168.200.12 - 401 2 5 0
Impersonating the user and running whole WebClient code inside impersonated block is an option when you use Windows auth on SharePoint site.
See this question How can I use Directory.CreateDirectory with a different user id? on impersonating a user.
Or you simply can run whole process as that special user with Runas - no code changes would be needed.

HttpWebRequest 401 with NTLM Authenticiation

I am having difficulties authenticating a HttpWebRequest to a webserver. The response I am receiving is simply a 401. I've made sure I set the credentials correctly on the C# side, and IIS is correctly set to allow NTLM authentication. I don't know if this matters, but he computer is not on the same domain as the the web server.
I am sure the user/pass is correct but are there any other authorization settings needed to configure on the user?
If I enable Basic authentication, and disable Windows Authentication, the request works perfectly (with the correct C# code changes of course).
What am I missing?
webRequest.UseDefaultCredentials = false;
webRequest.PreAuthenticate = true;
var c = new NetworkCredential("User", "password", "domain");
CredentialCache credentialCache = new CredentialCache();
credentialCache.Add(new Uri(Url), "NTLM", c);
webRequest.Credentials = credentialCache;
Heres a snapshot of my settings in IIS.
Failed Request Tracing:
With the help of a colleague, we were able to determine something was wrong in the way Windows was dealing with the authentication. Looks like a setting in the Local Security was wrong. Changing Local Policies > Security Options > Network access: Sharing and security model for local accounts from Guest only - local users authenticate as Guest to Classic fixed the problem.
What is the value of the credential cache lines,
CredentialCache credentialCache = new CredentialCache();
credentialCache.Add(new Uri(Url), "NTLM", c);
why not simply set
webRequest.Credentials = c;
401.2 likely means that either that web server you are connecting to is not enabled to use NTLM (which it seems to be according to your screenshot), or that there is a proxy between your client and the web server

Building a CredentialCache for HttpWebRequest.Credentials when redirects are uknown

I recently asked a question concerning NetworkCredential and HttpWebRequest.Credentials when a server returns redirects. I determined that building a CredentialCache of NetworkCredential instances works for my scenario. Now I have a temporary method that builds a CredentialCache with all of the domain names hard coded in. It worked, which is great.
CredentialCache cache = new CredentialCache();
cache.Add(new Uri("http://example.com"), "Negotiate", loginCredentials);
cache.Add(new Uri("http://redirected.example.com"), "Negotiate", loginCredentials);
request.Credentials = cache;
Now, I need to make this more flexible. The whole idea of the redirects is for load balancing on the server. The client won't know exactly where it'll get redirected to until the call to HttpWebRequest.GetResponse(). What is the preferred method to building the CredentialCache to include each redirected server as they are encountered? Also, what is the rational behind making this so difficult? Why can't a single NetworkCredentials instance satisfy HttpWebRequest.Credentials for each redirect? Does it introduce security vulnerabilities to reuse credentials across redirects?
Thanks.
I used the code and got 401 error (SharePoint 2010 OOB Web Services). Then checked in some other site and tried "NTLM" instead of "Negotiate" in the below line. It's working fine now.
Not Working:
cache.Add(new Uri(myProxy.Url), "Negotiate", new NetworkCredential("UserName", "Password", "Domain"))
Working:
cache.Add(new Uri(myProxy.Url), "NTLM", new NetworkCredential("UserName", "Password", "Domain"))
Nate,
I see you are using "negotiate", so why don't you use
CredentialCache.DefaultNetworkCredentials or CredentialCache.DefaultCredentials
for all the redirects?
From MSDN:
The credentials returned by the
DefaultNetworkCredentials property is
applicable only for NTLM, negotiate,
and Kerberos-based authentication.
The credentials returned by
DefaultNetworkCredentials represents
the authentication credentials for the
current security context in which the
application is running. For a
client-side application, these are
usually the Windows credentials (user
name, password, and domain) of the
user running the application. For
ASP.NET applications, the default
network credentials are the user
credentials of the logged-in user, or
the user being impersonated.

Categories

Resources