Authenticating Microsoft Dynamics CRM with Code

Question

We have a scenario in which we are trying to open CRM in Winform WebBrowser control and every time we open it, it asks for authentication in pop up window. Also from that when we are trying to open a new form (which opens in IE) it asks for authentication again.

The catch here is that users are logged in into machines (Windows 7, IE 9) through local credentials and we can't use integrated authentication. We have captured user credentials in application ie we know user name and password, Is there a way through which we can pass the credentials to Webbrowser control and IE so that it does not ask user for credentials.

Appreciate You Help.

Thanks. Abhinav

Answer 1

If you log in from the browser and authenticate yourself, you will see the following cookies being stored:

Theoretically, retaining these cookies across requests should prevent crm from asking for authentication each time you open a new instance of the WebBrowser Control.

You can set Cookies for the control using the WebBrowser.Document.Cookie property.

To retrieve the cookie after authenticating the first time, you will need to use the following code:

[SecurityCritical]
public static string GetCookieInternal(Uri uri, bool throwIfNoCookie)
{
    uint pchCookieData = 0;

    string url = UriToString(uri);

    uint flag = (uint)NativeMethods.InternetFlags.INTERNET_COOKIE_HTTPONLY;

    //Gets the size of the string builder
    if (NativeMethods.InternetGetCookieEx(url, null, null, ref pchCookieData, flag, IntPtr.Zero))
    {
        pchCookieData++;

        StringBuilder cookieData = new StringBuilder((int)pchCookieData);

        //Read the cookie
        if (NativeMethods.InternetGetCookieEx(url, null, cookieData, ref pchCookieData, flag, IntPtr.Zero))
        {
            DemandWebPermission(uri);

            return cookieData.ToString();
        }
    }

    int lastErrorCode = Marshal.GetLastWin32Error();

    if (throwIfNoCookie || (lastErrorCode != (int)NativeMethods.ErrorFlags.ERROR_NO_MORE_ITEMS))
    {
        throw new Win32Exception(lastErrorCode);
    }

    return null;
}

private static void DemandWebPermission(Uri uri)
{
    string uriString = UriToString(uri);

    if (uri.IsFile)
    {
        string localPath = uri.LocalPath;

        new FileIOPermission(FileIOPermissionAccess.Read, localPath).Demand();
    }
    else
    {
        new WebPermission(NetworkAccess.Connect, uriString).Demand();
    }
}

private static string UriToString(Uri uri)
{
    if (uri == null)
    {
        throw new ArgumentNullException("uri");
    }

    UriComponents components = (uri.IsAbsoluteUri ? UriComponents.AbsoluteUri : UriComponents.SerializationInfoString);

    return new StringBuilder(uri.GetComponents(components, UriFormat.SafeUnescaped), 2083).ToString();
}



internal sealed class NativeMethods
{
#region enums

    public enum ErrorFlags
    {
        ERROR_INSUFFICIENT_BUFFER = 122,
        ERROR_INVALID_PARAMETER = 87,
        ERROR_NO_MORE_ITEMS = 259
    }

    public enum InternetFlags
    {
        INTERNET_COOKIE_HTTPONLY = 8192, //Requires IE 8 or higher
        INTERNET_COOKIE_THIRD_PARTY = 131072,
        INTERNET_FLAG_RESTRICTED_ZONE = 16
    }

#endregion

#region DLL Imports

    [SuppressUnmanagedCodeSecurity, SecurityCritical, DllImport("wininet.dll", EntryPoint = "InternetGetCookieExW", CharSet = CharSet.Unicode, SetLastError = true, ExactSpelling = true)]internal static extern bool InternetGetCookieEx([In] string Url, [In] string cookieName, [Out] StringBuilder cookieData, [In, Out] ref uint pchCookieData, uint flags, IntPtr reserved); 

#endregion
}

I usually refrain from posting code I haven't tried out myself but I don't have access to an On-Prem environment at the moment. I would love to know if this works so let me know if you try it out.