1

We have a Knowledge Base that we want to link from our desktop application for help.

I've tried to open this with the default web browser but we have .htaccess credentials setup so they are being prompted. I don't want them to have to type in a username and password since we are only setting up one for the application.

This causes them to be prompted everytime:

Dim url = "http://mysite.com/index.php?/category/40/0/10/"
Process.Start(url)

I cannot put the username and password in the url anymore since IE9 doesn't support it:

http://username:pass@url.com <-- not supported by newer browsers

I've tried to use the webbrowser control but it is using IE4 instead of anything current. This is causing it to display incorrectly.

Dim hdr = "Authorization: Basic " + Convert.ToBase64String(Encoding.ASCII.GetBytes("myuser" + ":" + "password")) + System.Environment.NewLine
WebBrowser1.Navigate(Url, Nothing, Nothing, hdr)

I've tried to make the registry setting to force IE9 but I wasn't able to get it to work. Besides, from what I've read, if they don't have IE9 it won't matter.

Any suggestions on how to get around this? I just want to simply open up a secure webpage from my application!

Thanks!

ErocM
  • 4,505
  • 24
  • 94
  • 161
  • so which is your problem, opening with credentials or the browser being used? for basic auth access, see [this question](http://stackoverflow.com/questions/6042829/how-can-i-open-a-url-in-web-browser-such-as-ie-and-pass-credentials) – eis Jun 04 '12 at 15:09
  • Shouldn't Process.Start("start http://www.site.com/a/b") launch the default browser? This had to work in Windows some time ago.. As for the credentials did you try the oldschool way user:password@www.site.com ? – Tisho Jun 04 '12 at 15:15
  • Both are problems. I cannot open it with default browser since it prompts for credentials and webbrowser control uses ie4 instead of the local browser. – ErocM Jun 04 '12 at 15:21
  • user:password@www.site.com - is not supported by IE9 (and soon to be most browsers) anymore – ErocM Jun 04 '12 at 15:21
  • Huh, they've killed the old user:password thing :) So forwarding to default browser app is almost impossible without explicitly specifying credentials. Another solution could be to create some pseudo-unique URL, like www.site.com/1234567890/xxx/yyy/zzz and to make this URL to not require authentication in web server ... The good thing here is that you can track your product by version - to add different unique keys per product version, that will access your docs site. – Tisho Jun 04 '12 at 15:52

1 Answers1

1

You can search to see how Basic Authentication works before any further coding. You can use HttpAnalyzer or any other tools for seeing how a browser sends username and passwords in the header of their request. They simply use Authentication part of the header. You have to build a new request or find a ready framework to do that for you.

A Basic Authentication usually is made from 2 request/responses. Browser doesn't know anything about authentication at first but the server will announce him with 401 reply code which means the browser should provide authentication. From now on, all the requests have a Authentication header encoded using Base64 containing username and password.

Kamran Amini
  • 1,062
  • 8
  • 14
  • This is HTTP protocol and all browsers should follow it to be a true HTTP browser. It is regardless of the client application who tries to connect. All clients which want to connect to a web server which uses Basic Authentication should follow this scenario. If you search you can find a very famous RFC document which describes HTTP in details. – Kamran Amini Jun 04 '12 at 15:53
  • This is a simple doc for python about Basic Auth. You can use its information not the python part :D [Basic Auth. in Python](http://www.voidspace.org.uk/python/articles/authentication.shtml) – Kamran Amini Jun 04 '12 at 15:57