Blog Archive

SharePoint-courses
Guillermo Bas

SharePoint Online Authentication WebBrowser Control issue with Active Directory Federation

2011-12-01 13:18:00 by Guillermo Bas

I'm developing a custom desktop solution in Windows Presentation Foundation (WPF) that has to access a SharePoint Online contents and do some things with them.

The first thing I had to "fight" with was the Authentication method that is by default a bit different from the On-Premise version (programmatically too). When I started to look for the right documentation about that topic I found quite fast this great article from the MSDN library "Remote Authentication in SharePoint Online Using Claims-Based Authentication" by Robert Bogue. After read the article and download the Sample Code, I told myself "Yeah! This going to be a piece of cake!".

The first thing I tried was just running the sample against my own server to check that everything is ok. I arrived the SharePoint Online Authentication window in the WebBrowser Control of the application:

SharePoint-Online-Auth-Window-1

Then I wrote my e-mail as I usually do when I access through any other browser. And here comes the difference between a standard SharePoint Online Authentication through Forms and a SharePoint Online federated with an Active Directory using ADFS 2.0 to access using Windows Authentication credentials. The password field comes disable and you have to click on "Sign in at mydomain.com" to reach your windows authentication emergent window.

SharePoint-Online-Auth-Window-2

And the result using the MSDN code sample as It comes is: "This program cannot display the webpage"

Error-SPO-Auth

Why!? Everything seems to work like a charm but not if you need your Windows Authentication appear there.

Debugging the sample code I found the issue that was because of a property of the WebBrowser Control that shows the authentication form. This control is created in the ClaimsWebAuth constructor. In the code below you can see that the ScriptErrorSuppressed property is set to true in the sample code:

this.webBrowser = new WebBrowser(); 
this.webBrowser.Navigated += new WebBrowserNavigatedEventHandler(ClaimsWebBrowser_Navigated); 
this.webBrowser.ScriptErrorsSuppressed = true; 
this.webBrowser.Dock = DockStyle.Fill;

That property prevents the WebBrowser Control to show any JavaScript error actively but unfortunately also prevents the Windows Authentication window to be shown when It's supposed to be.

So, assuming that the ScriptErrorsSuppressed property is set by default to "false" just removing or commenting that line we have everything done.

this.webBrowser = new WebBrowser();
this.webBrowser.Navigated += new WebBrowserNavigatedEventHandler(ClaimsWebBrowser_Navigated); 
this.webBrowser.Dock = DockStyle.Fill;

Resulting in that beautiful authentication window instead of the error I showed above

Win-Auth-On-SPO

I hope the code sample will be fixed soon since many people is using it as good while they only try with standard user and password login for SharePoint Online and some apps are including this bug by mistake…

In the meanwhile I fixed it and you can download the code sample fixed from this link Remote Authentication in SharePoint Online Using the Client Object Model FIXED

Comments

#re: sharepoint online authentication webbrowser control issue with active directory federation
Thursday, April 5, 2012 - 01:09 AM by Chandra
Guillermo, I tried using your code and ran into a 407 proxy authentication error in GetClaimParams. I then added code to set the default proxy and also the user agent (to fix a 403 error): HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(targetUrl); webRequest.UserAgent = @"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"; webRequest.AllowAutoRedirect = true; webRequest.PreAuthenticate = true; ICredentials credCache = CredentialCache.DefaultCredentials; webRequest.Credentials = credCache; webRequest.Proxy = WebRequest.DefaultWebProxy; webRequest.Proxy.Credentials = CredentialCache.DefaultNetworkCredentials; Now, I am getting a 405 Method not allowed error. Any idea what could be wrong?
#re: sharepoint online authentication webbrowser control issue with active directory federation
Thursday, April 5, 2012 - 05:46 PM by Guillermo Bas
Hi Chandra, Did you get this error while auth? Or did you get the error after auth using any other piece of code? I've only got this error when I tried to use this method Microsoft.SharePoint.Client.File.SaveBinaryDirect and I'm still wondering how can I upload big files to SharePoint Online. I've never had any auth issues with the code above, my tests are being done in a O365 E3 plan, are you using a different plan (maybe a P plan?).
#re: SharePoint Online Authentication WebBrowser Control issue with Active Directory Federation
Thursday, August 8, 2013 - 01:28 PM by Vanishree
Guillermo, I have gone through your code and it suits my requirement. I need to pass the user id and password implicitly for authentication without the login screen. How do I do it. Please help me.
#SharePoint Online Authentication WebBrowser Control issue with Active Directory Federation
Thursday, August 8, 2013 - 01:46 PM by Guillermo Bas
Hi Vanishree, If I understood in the right way what you need is to use the new class SharePointOnlineCredentials to do passive authentication through a user name and password from your code http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.client.sharepointonlinecredentials_members.aspx this is something new in last versions of SharePoint Online and it worked for me.
#SharePoint Online Authentication WebBrowser Control issue with Active Directory Federation
Thursday, August 8, 2013 - 04:43 PM by Vanishree
Could you please share the code which worked for you..I am new to Sharepoint, please guide me. Thanks
Leave a Comment
(*) Title:
(*) Name:
Your URL:
(*) Comments:
Follow us on: