Remotely access properties of default Web Browser in WCF

Question

1.00/5 (1 vote)

See more:

Hello guys:

I need for my WCF service to remotely open the default web browser on the consumer computer and monitor its browser events in order to capture the value of one of its properties (document.title in this case). I can already open Internet Explorer and navigate on it (using the Process.Start method), but I'm not liking this method since it doesn't give me the ability to monitor the browser's events.

How can I go about doing this?

Here's a little example showing what I'm doing to open Internet Explorer remotely from the WCF service:

C#

using System.Diagnostics;

public void OpenRemoteBrowser();
{
 Process InternetExplorer = new Process()
 InternetExplorer.StartInfo.FileName = "iexplore.exe";
 InternetExplorer.StartInfo.Arguments = "http://<whatever url>";
 InternetExplorer.Start();
}

Please help! I need to resolve this one ASAP :-S

Posted 10-Aug-15 8:52am

Bounze

Add a Solution

Comments

AnvilRanger 10-Aug-15 15:11pm

Your approach is wrong on many many levels. This is a very large security risk. While there are valid reasons for a server control a client like this I doubt your reason is one of them.

WCF cannot invoke a process on a remote machine like you are describing. It would work if the client and the server are the same machine, which I think is what you are seeing because your development PC is acting as both.

Bounze 11-Aug-15 9:06am

Thank you for your time in answering my question, Anvil! Please read below and thank you again for your time. I've replied to the one solution posted with more specific information.

Sergey Alexandrovich Kryukov 10-Aug-15 15:14pm

Bad idea, yes, on many levels. If you want to ask how to achieve something, better explain you ultimate goals, not trying to decide how to reach them yet.
—SA

Bounze 11-Aug-15 9:07am

Thank you for your time in answering my question, Sergey! Please read below and thank you again for your time. I've replied to the one solution posted with more specific information.

Bounze 10-Aug-15 21:18pm

Thank you very much for your input guys, very VERY glad to read your responses: Bad idea, so out the window it goes!

So in order to answer Sergey's statement, in the hopes that you guys can point me in the right direction...
My ultimate goal: To centralize all user authentication (specifically Social Network Authentication) processes in one Web Service, and not having different applications do their OAuth with these social networks (facebook, google, twitter, etc.) separately. That way, I can have all the OAuth flow for each service in a single solution (but with one Web Service/End Point each) and make it act as an intermediary between my apps and the social network oauth servers. My idea is that I can minimize coding by doing this because I don't have to program the oauth code each time I develop something new. My apps could all invoke this service which will take care of the flow and access a single database that manages these apps credentials with the social networks (app ids and secrets).

I think that explains it but let me know if I wasn't clear on something.

Thanks!!! :-)

Sergey Alexandrovich Kryukov 11-Aug-15 9:40am

I understand; thank you for the clarification. To me, it does not seem to be a simple problem. The problems I can see are all related to security concerns. If one site or Web service delegates authentication to another Web service, it can be spoofed, or communication between them can be eavesdropped. This is not the same as sending password cryptographic cash under HTTPS just between two parties... So, I don't know...
But first of all, I would throw out anything related to "opening a browser", "default browser", and so on. You need to assume that only the user controls the browsers...
—SA

Bounze 11-Aug-15 16:19pm

Whoa...there goes the spoof concept. Yep, you're absolutely right.

How about this?:

ASP.Net MVC Single Page project. Maybe I could take that project, which includes all the authentication code out of the box (with security features), and maybe play a little bit with the models/controller/views and see if I can simply add to the included database system a table to store my applications IDs and Secrets and orient that solution into one that can serve as a sort of "Redirect Site for Authentication Purposes". Now, NO SOCIAL NETWORK USERNAME/PASSWORD would be needed, just the thing that the out of the box project requires after social network authentication: an email address for the local account during the register phase.

I'm thinking that one of the problems I might face could be the fact that the DB included should maybe be exported outside...

I don't know, what about that idea? It would take me a lot of time to make it happen but I think I'm gonna explore in that direction.

Hey thanks again I really really appreciate your time.

2 solutions

Solution 2

Even with the further explanation your idea seems overly complicated to achieve very little benefit, but as also pointed out the security risk are just too high.

From your description it sounds like you want to store the users credentials for said social media site on your own system and then pass those to the social media site for authentication. If that is not your idea, I apologize in advance for saying this, but that is just plain bad. Just think the bad things that could happen in that scenario.

If you are looking for a central authorization system with several options, I would suggest you look at Thinktecture IdentityServer v3 product.

Posted 11-Aug-15 5:40am

AnvilRanger

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2015-08-10T09:17:00

Solution 1

Not possible. Code running on a web server can NOT launch an executable on a client machine, let alone "monitor" it for events.

Posted 10-Aug-15 9:17am

Dave Kreskowiak

Comments

Bounze 11-Aug-15 9:03am

Thank you very much for your time in answering my question, Dave!

Like you and the others have said: Bad idea on my part. Yet, my ultimate goal is to centralize all social network auth processes so that I don't have to code the same thing over and over when creating a new application. I was thinking about developing a Web Service that can do the job for my applications while maintaining a User and App credential database.

What brought me to the idea of sending a command to the remote computer to open the default browser, is the unfortunate fact that one of the first steps of authenticating users with a social network is to "navigate" them to the social network's login page and wait for a response from their server. This gave me the idea of simply handling that part on the consumer side and sending to the web service the result for parsing, evaluation and further action...Maybe I'm a little over my head.

So, what would you suggest as a correct approach to this issue and solution? what would you say would be a better idea for achieving the goal of centralizing all OAuth processes in only one place, so that no matter which of my apps want to authenticate they would go there instead of directly to the social network servers? Maybe try to implement this using ASP.NET, which includes Identity? What would you suggest?

Thank you!

Dave Kreskowiak 11-Aug-15 9:07am

Well, you can't do it using a WCF service. It may be possible if you wrote a proxy server though.

But even to start that the user has to open the browser and navigate to the site they want. Your proxy can take that information and send the credentials itself, returning the resulting page to the browser.

Serisouly, nobody does this. You're going to have a hard time finding any kind of examples of this.

Sergey Alexandrovich Kryukov 11-Aug-15 9:42am

Yes, of course, my 5, but this idea does not correctly represent the inquirer's goal, this is just a misconception.
Please see also his comment to my comment to the question.
—SA