We are unable to get Windows Integrated Authentication as Single Sign On in Windows Forms using EO.WebBrowser to work. We are using a combined scenario with IdentityServer4 and ADFS on Windows Server 2019 both are using OIDC to communicate with each other.
The authentication works in Firefox Developer Edition 82.0b5 and Google Chrome 86. We needed to initially provide credentials. But since then it works in both Browser, even after closing and restarting them. If I delete Chromes cache I need to provide credentials again but subsequent requests are automatically authenticated.
But using EO.WebBrowser (version 20.2.63) every time we start our application we get the login prompt. Once the required credentials are provided the authentication works. Every subsequent attempt works until the application was not closed. But in our application the user usually authenticates only once so we cannot profit of that circumstance. So unfortunately, every time our application is started the user gets the login prompt. In best case our users wouldn’t need to authenticate at all or only once. But our users shall not be required to enter their credentials each time the application is started.
We already tried to pass several Extra Chromium Arguments (see example code below) and passing Windows Identity into Engine.Start (see example code below). But it appears that EO.WebView is still unable to pass the required information for Windows Integrated Authentication to our ADFS so that we could get authenticated.
Is there any way to persist the information, after successful Authentication on our ADFS, so that it could be used beyond a stop of the Engine again on subsequent starts of our application?
Are we doing something wrong, why the required information cannot be transmitted? Or are we missing something?
Is there any documentation or samples about using EO.WebBrowser for Authentication via Kerberos/NTLM/Windows Integrated Authentication?
We searched through your forum, but while we found users that had the same or at least similar problems none of the provided feedback or solutions did work for our case.
Example Code:
Code: C#
Designer
....
this.loginBrowser = new EO.WinForm.WebControl();
this.loginView = new EO.WebBrowser.WebView();
this.loginBrowser.WebView = this.loginView;
....
....
var _engine = Engine.FromName(name, true);
_engine.Options.CachePath = Path.Combine(Environment.CurrentDirectory, "cache");
_engine.AllowRestart = true;
_engine.Start(WindowsIdentity.GetCurrentIdentity());
_engine.Options.ExtraCommandLineArgs = "--auth-server-whitelist=\"*.domain.local\" --auth-negotiate-delegate-whitelist=\"*.domain.local\"";
....
private void LoginForm_Load(object sender, EventArgs e)
{
loginView.Engine = _engine;
loginView.LoadUrlAndWait(LoginUrl);
}