Help and Support

BUG: Proxy Authentication Through IAuthenticate May Fail on Secure URL

View products that this article applies to.
Article ID:329802
Last Review:November 15, 2007
Revision:6.4
This article was previously published under Q329802
On This Page
Important: The hotfix described in this article has been superseded by the 813951 Critical Update. For additional information about this update, click the following article number to view the article in the Microsoft Knowledge Base:
813951 (http://support.microsoft.com/kb/813951/EN-US/) You Cannot Access Your MSN E-mail Account or Authenticate with a Web Site in Various Programs

Back to the top

SYMPTOMS

In a Web browser control host, when you initially navigate to a secure URL through a proxy server that requires authentication, and if you provide the authentication credentials through the IAuthenticate interface, you may receive a "Page Not Found" error message. Important Note:
813951 (http://support.microsoft.com/kb/813951/EN-US/)
This hotfix contains a bug that is addressed in the following Microsoft Knowledge Base article: 813951 - BUG: Proxy Authentication Through IAuthenticate May Fail on Secure URL.

Back to the top

RESOLUTION

A supported hotfix is now available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains this hotfix.

To resolve this problem, submit a request to Microsoft Online Customer Services to obtain the hotfix. To submit an online request to obtain the hotfix, visit the following Microsoft Web site:
http://go.microsoft.com/?linkid=6294451 (http://go.microsoft.com/?linkid=6294451)
Note If additional issues occur or any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. To create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support (http://support.microsoft.com/contactus/?ws=support)


The English version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel. 
   Date        Time      Version        Size     File name
   ---------------------------------------------------------
   11-19-2002  23:22:38  6.0.2800.1139  483,328  Urlmon.dll

Back to the top

STATUS

Microsoft has confirmed that this is a bug in the Microsoft products that are listed at the beginning of this article.

Back to the top

MORE INFORMATION

The error occurs because the proxy credentials are not cached correctly when they go through a secure connection in this situation.

Back to the top

Steps to Reproduce the Behavior

1.Set up a proxy server.
2.Create a test account name, and then create a password that has permission to use the proxy server.
3.Create a Microsoft Foundation Classes (MFC) CHtmlView class application, and then implement the IAuthenticate and the IServiceProvider interfaces in a custom control site. The IServiceProvider interface permits the Web browser control to discover the IAuthenticate interface.

The following example code is specific to Microsoft Foundation Classes 7.0:

MyOleControlSite.h 
#include <afxocc.h>
#include <afxhtml.h>

class CHtmlControlSite : public COleControlSite
{
public:
	CHtmlControlSite(COleControlContainer* pParentWnd);
	~CHtmlControlSite();

	CHtmlView* GetView() const;

	BEGIN_INTERFACE_PART(DocHostUIHandler, IDocHostUIHandler)
		STDMETHOD(ShowContextMenu)(DWORD, LPPOINT, LPUNKNOWN, LPDISPATCH);
		STDMETHOD(GetHostInfo)(DOCHOSTUIINFO*);
		STDMETHOD(ShowUI)(DWORD, LPOLEINPLACEACTIVEOBJECT,
			LPOLECOMMANDTARGET, LPOLEINPLACEFRAME, LPOLEINPLACEUIWINDOW);
		STDMETHOD(HideUI)(void);
		STDMETHOD(UpdateUI)(void);
		STDMETHOD(EnableModeless)(BOOL);
		STDMETHOD(OnDocWindowActivate)(BOOL);
		STDMETHOD(OnFrameWindowActivate)(BOOL);
		STDMETHOD(ResizeBorder)(LPCRECT, LPOLEINPLACEUIWINDOW, BOOL);
		STDMETHOD(TranslateAccelerator)(LPMSG, const GUID*, DWORD);
		STDMETHOD(GetOptionKeyPath)(OLECHAR **, DWORD);
		STDMETHOD(GetDropTarget)(LPDROPTARGET, LPDROPTARGET*);
		STDMETHOD(GetExternal)(LPDISPATCH*);
		STDMETHOD(TranslateUrl)(DWORD, OLECHAR*, OLECHAR **);
		STDMETHOD(FilterDataObject)(LPDATAOBJECT , LPDATAOBJECT*);
	END_INTERFACE_PART(DocHostUIHandler)

	DECLARE_INTERFACE_MAP()
};

class CMyOleControlSite : public CHtmlControlSite
{
public:
	CMyOleControlSite(COleControlContainer *pCnt = NULL):CHtmlControlSite(pCnt) {}

	BEGIN_INTERFACE_PART(Authenticate, IAuthenticate)

	STDMETHODIMP Authenticate( 
		HWND __RPC_FAR *phwnd,
		LPWSTR __RPC_FAR *pszUsername,
		LPWSTR __RPC_FAR *pszPassword);

	END_INTERFACE_PART(Authenticate)


	BEGIN_INTERFACE_PART(ServiceProvider, IServiceProvider)
		STDMETHODIMP QueryService(REFGUID guid, REFIID iid, LPVOID * ppv);
	END_INTERFACE_PART(ServiceProvider)  

	DECLARE_INTERFACE_MAP();
};
MyOleControlSite.cpp 
#include "stdafx.h"
#include "MyOleControlSite.h"

BEGIN_INTERFACE_MAP(CMyOleControlSite, CHtmlControlSite)
	INTERFACE_PART(CMyOleControlSite, IID_IAuthenticate, Authenticate)
	INTERFACE_PART(CMyOleControlSite, IID_IServiceProvider, ServiceProvider)
END_INTERFACE_MAP()

///////////////////////////////////////////////////////////////////////////// 
// CMyOleControlSite: IAthenticate::IUnknown methods

ULONG CMyOleControlSite::XAuthenticate::AddRef()
{
	METHOD_PROLOGUE(CMyOleControlSite, Authenticate)
	return pThis->ExternalAddRef();
}

ULONG CMyOleControlSite::XAuthenticate::Release()
{                            
	METHOD_PROLOGUE(CMyOleControlSite, Authenticate)
	return pThis->ExternalRelease();
}

HRESULT CMyOleControlSite::XAuthenticate::QueryInterface(REFIID riid, void **ppvObj)
{
	METHOD_PROLOGUE(CMyOleControlSite, Authenticate)
	HRESULT hr = (HRESULT)pThis->ExternalQueryInterface(&riid, ppvObj);
	return hr;
}


///////////////////////////////////////////////////////////////////////////// 
// CMyOleControlSite: Authenticate methods

STDMETHODIMP CMyOleControlSite::XAuthenticate::Authenticate( 
    HWND __RPC_FAR *phwnd,
    LPWSTR __RPC_FAR *pszUsername,
    LPWSTR __RPC_FAR *pszPassword)
{
	METHOD_PROLOGUE(CMyOleControlSite, Authenticate)

	// add code from next step

	return S_OK;
}

// 
// IServiceProvider
// 

ULONG CMyOleControlSite::XServiceProvider::AddRef()
{
	METHOD_PROLOGUE(CMyOleControlSite, ServiceProvider)
	return pThis->ExternalAddRef();
}

ULONG CMyOleControlSite::XServiceProvider::Release()
{                            
	METHOD_PROLOGUE(CMyOleControlSite, ServiceProvider)
	return pThis->ExternalRelease();
}

HRESULT CMyOleControlSite::XServiceProvider::QueryInterface(REFIID riid, void **ppvObj)
{
	METHOD_PROLOGUE(CMyOleControlSite, ServiceProvider)
	HRESULT hr = (HRESULT)pThis->ExternalQueryInterface(&riid, ppvObj);
	return hr;
}

STDMETHODIMP CMyOleControlSite::XServiceProvider::QueryService(REFGUID sid, REFIID iid, LPVOID * ppv)
{
 	METHOD_PROLOGUE(CMyOleControlSite, ServiceProvider)

	if (sid == IID_IAuthenticate || iid == IID_IAuthenticate) {
		return (HRESULT)pThis->ExternalQueryInterface(&iid, ppv);
    } else {
		*ppv = NULL;
	}
		
	return E_NOINTERFACE;
}
ProxyTestView.h 
class CProxyTestView : public CHtmlView
{
...
	BOOL CreateControlSite(COleControlContainer* pContainer, 
		COleControlSite** ppSite, UINT nID, REFCLSID clsid);
ProxyTestView.cpp 
BOOL CProxyTestView::CreateControlSite(COleControlContainer* pContainer, 
	COleControlSite** ppSite, UINT nID, REFCLSID clsid)
{
	ASSERT(ppSite != NULL);
	*ppSite = new CMyOleControlSite(pContainer);
	return TRUE;
}
4.In the implementation of the IAuthenticate interface, provide a user name and a password, as shown in the following example:
STDMETHODIMP CMyOleControlSite::XAuthenticate::Authenticate( 
    HWND __RPC_FAR *phwnd,
    LPWSTR __RPC_FAR *pszUsername,
    LPWSTR __RPC_FAR *pszPassword)
{
	METHOD_PROLOGUE(CMyOleControlSite, Authenticate)

	CString strUsername = "Altoid/LocalAltoid";
	CString strPassword = "Test123";
	
	WCHAR *wszDlgUser = (WCHAR *) CoTaskMemAlloc(255 * sizeof(WCHAR));
	WCHAR *wszDlgPassword = (WCHAR *) CoTaskMemAlloc(255 * sizeof(WCHAR));
	MultiByteToWideChar(GetACP(), 0, (const char*)strUsername, -1, wszDlgUser, 255);
	MultiByteToWideChar(GetACP(), 0, (const char*)strPassword, -1, wszDlgPassword, 255);
	*pszUsername = wszDlgUser;
	*pszPassword = wszDlgPassword;
	*phwnd = NULL;

	return S_OK;
}
5.In the OnInitialUpdate function, move to the "about:blank" page:
void CProxyTestView::OnInitialUpdate()
{
	CHtmlView::OnInitialUpdate();
	Navigate2(_T("about:blank"),NULL,NULL);
}
6.Add a menu item, and then add a handler to move to a secure URL, as shown in the following example:
void CProxyTestView::OnActionTest()
{
	Navigate2(_T("https://www.etrade.com"),NULL,NULL);
}
7.Build and then test the project. You see that the page cannot be found. If you modify the page so that it moves to a non-secure URL, or if you visit the secure URL after you visit the non-secure URL, the move succeeds.

Back to the top

REFERENCES

For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
320153 (http://support.microsoft.com/kb/320153/EN-US/) BUG: Implementation of IAuthenticate to Bypass the Username or Password Dialog
For more information about the COleControlSite class, visit the following Microsoft Developer Network Web site:
http://msdn2.microsoft.com/en-us/library/w9b4e0zd(vs.71).aspx (http://msdn2.microsoft.com/en-us/library/w9b4e0zd(vs.71).aspx)
For more information about the IAuthenticate interface, visit the following Microsoft Developer Network Web site:
http://msdn2.microsoft.com/library/ms775080.aspx (http://msdn2.microsoft.com/library/ms775080.aspx)
For more information about developing Web-based solutions for Microsoft Internet Explorer, visit the following Microsoft Web sites:
http://msdn2.microsoft.com/en-us/ie/default.aspx (http://msdn2.microsoft.com/en-us/ie/default.aspx)

http://support.microsoft.com/iep (http://support.microsoft.com/iep)

Back to the top

APPLIES TO
Microsoft Internet Explorer 6.0 Service Pack 1

Back to the top

Keywords: 
kbhotfixserver kbqfe kbqfe kbie600sp2fix kbbug kbfix kbie600presp2fix kbsecurity KB329802

Back to the top

Article Translations

 

Related Support Centers

Other Support Options

  • Contact Microsoft
    Phone Numbers, Support Options and Pricing, Online Help, and more.
  • Customer Service
    For non-technical assistance with product purchases, subscriptions, online services, events, training courses, corporate sales, piracy issues, and more.
  • Newsgroups
    Pose a question to other users. Discussion groups and Forums about specific Microsoft products, technologies, and services.