I have a VB6 application using a WebBrowser control to access a site.
I need to push the user's Windows Authentication credentials to the control so he won't get asked to enter his user and password when he accesses a web application in an intranet.
I have seen solutions in .NET like this post.
Send credentials to WebBrowser
Is there a way to achieve this with Visual Basic 6?
The VB6 WebBrowser control will exhibit the same behavior as IE--so if the URL is in the trusted sites or intranet zones it should automatically use your network credentials--no coding necessary.
If you want to programmatically add your URL to a zone, use the SetZoneMapping function.
Related
I followed the example of AuthExample that uses Custom Chrome Tabs with Azure AD B2C policies.
I do not find any resources on how to style the custom chrome tab (and respectively the Safari controller). The tab always shows the URL in the header and the standard colors which does not look very native.
I know I can style the page content itself within Azure portal.
Can anyone guide me to links or tutorials on how to style the browser view to adapt to my app design and at least not show the Microsoft URL when the user signs in/up. In my opinion the user shouldn't even notice he is redirected to a browser tab.
The beforementioned link suggests, that it is possible to at least hide the URL bar at local sign in / sign up. For third-party identity providers it isn't a problem to get redirected to another (identity provider owned) site.
It is not possible to remove the URL in the Xamarin control.
The ideal way to achieve full UI customization is to use the OAuth Resource Owner Password credential flow. This will allow you to build your own UI and not leverage a web view (aka Custom Chrome Tabs and Safari controller) for local account. Keep in mind that for 3rd party identity providers like Facebook and Google, there is no way around the web view and the URL in the header. This is by design and a key security requirement to prevent phishing.
At this time, this flow is not supported in Azure AD B2C. You can support this ask and stay up to date on its status by voting for it in the Azure AD B2C feedback forum: Add support for Resource Owner Password Credentials flow
In Internet Explorer, when I go to any site that is authenticated via Azure AD, the login page automatically chooses to log me in with my Windows Account. This functionality would typically be great, but I need to use different credentials (my clients).
How can tell IE to NOT automatically log me into Azure AD with my windows credentials?
When I use any different browser, the expected functionality exists and I am prompted to enter the login credentials I want. Also, the solution can not be "just use a different browser". Client uses IE for everything and won't allow users to install different browsers.
I am running Windows 10.
Thanks in advance
Opening IE InPrivate window should allow you to login with any user you need.
Use Ctrl+Shift+P or Settings Icon->Safety->InPrivate Browsing.
I have asp.net mvc3 application with forms authentication. But the our client request AD authentication as well. But the mvc3 app is hosted outside the clients network. What are the possible solutions for this.
Get permission to access the clients network from remote server.
Get an API to access the active directory data from webserver.
If we choose opt one how could we access active directory for authentication from outside the client network. I anybody have any idea or better options please let me know. Thanks in advance.
My guess is that the Microsoft security products can support this out of the box but I'm not sure how so I suggest that you direct your question to whoever supplies your client with their Microsoft product support.
If you'd rather build a solution so that you've got more control over how it works a quick search found an interesting approach at https://support.freshservice.com/support/solutions/articles/169196-setting-up-active-directory-single-sign-on-sso-for-remote-authentication where they created a simple ASP.Net web site that used AD authentication for sign-on. MVC 5 can build a WebApi site that does that just by creating a new project in Visual Studio with the right options.
That site wouldn't have to do anything except confirm that the credentials supplied were valid or not. Your application would ask the user to enter login / password details, then send a (properly secured) web request to the authentication site to determine whether they're valid. As long as you keep the communication between your server and the client web service tightly secured this should do what you need without much fuss. That approach removes the need for your server to communicate directly with the client's AD server.
I have a website that was hosted by IIS to intranet. I want access the username of the each user who is accessing the website in intranet by using single sign on method. How can I achieve it?
I am using asp.net and c# languages in my website.
Use HttpContext.Current.User.Identity. You can cast Identity as WindowsIdentity to retrieve some more user information.
I am working on a windows phone app. I am using the cordova framework. One of the functionalities of the app is to allow users make donations. I already have an hosted website for this so what I simply want to do is to allow the app users access this site using inappbrowser. The problem is that windows rejected the app with the following comments:
The user is prompted for payment information from within the app. Transactions must occur external to the app via a secure (HTTPS) website, or through a hosted control where the address bar is visible to verify the URL and HTTPS security.
So I need to know if there is a way I could make the address bar visible...Any other possible workaround to this problem will be really appreciated. Thanks