Re: Use owa cookie for authentication

From: Mathias Erlandsson (MathiasErlandsson_at_discussions.microsoft.com)
Date: 01/18/05

• Next message: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Previous message: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• In reply to: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Next in thread: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Reply: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Messages sorted by: [ date ] [ thread ]

Date: Tue, 18 Jan 2005 02:23:01 -0800

Thanks for the reply.

I have managed to get theese cookies, but I'm not sure on how to use them.
The plugin is a c# asp .net application that needs to authenticate the user
against Active Directory. Don't I have to decode the cadata cookie to get the
username and password so I can authenticate against the domain?

/Mathias

"Lee Derbyshire [MVP]" wrote:

> "Mathias Erlandsson" <MathiasErlandsson@discussions.microsoft.com> wrote in
> message news:C0B6A529-77E6-40B7-9370-1DFF0E3882FB@microsoft.com...
> > I'm developing a plugin for owa that the user needs to authenticate
> > against.
> > There is no problem when I use NTLM in owa, but when I switch to Forms
> > based
> > authenticaion, my problem begins.
> >
> > How do I use the cookie owa creates to authenticate the user against my
> > applikation? Is this the right approach or should I design it another way?
> >
> > Thanks
> > Mathias Erlandsson
>
> WHen you use FBA, you should get an extra two response headers returned that
> you would not normally get. They are called 'sessionid' and 'cadata'. You
> need to get the values of these, and then set request headers named
> 'sessionid' and 'cadata' and assign the values to them when you make the
> request.
>
> Lee.
>
> --
> ___________________________________
>
> Outlook Web Access for PDA and WAP:
> www.leederbyshire.com
> ___________________________________
>
>
>

• Next message: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Previous message: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• In reply to: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Next in thread: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Reply: Lee Derbyshire [MVP]: "Re: Use owa cookie for authentication"
• Messages sorted by: [ date ] [ thread ]

Relevant Pages Re: saving session cookies? ... Google search, yes I did, I already have that plugin, but was looking for a way to mass save cookie information for later use by another program, without having to copy/paste each cookie. ... vulnerability management needs. ... Download FREE whitepaper on how a managed service can help you: ... (Pen-Test) Cookie Encryption and custom auth ... SSI. ... I was looking at the idea of one cookie shared across the ... the code would try and authenticate them and add the site to the list. ... roles cookie would then be created with a list of the users roles for that ... (microsoft.public.dotnet.framework.aspnet.security) Authentication Plugin ... Installed it on Windows 2003 Server Enterprise ... Enabled it using Windows Media Services ... The default Anonymous Plugin ... allows any user to authenticate but the custom plugin does not allow ... (microsoft.public.windowsmedia.server) Server Authentication Plugin woes ... I posted this message on .server as well. ... Windows Media plugin that would allow the server to authenticate the ... Enabled it using Windows Media Services ... The default Anonymous Plugin ... (microsoft.public.windowsmedia.sdk) Re: Linux/Windows Authentication? ... implementations I've seen used username/passwd to generate a cookie in ... the client's browser. ... > we would be looking for a transparent way to authenticate = them and to ... (Pen-Test)

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint