Re: Use owa cookie for authentication

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Mathias Erlandsson (MathiasErlandsson_at_discussions.microsoft.com)
Date: 01/18/05 

Date: Tue, 18 Jan 2005 03:27:04 -0800

I'm not quite sure yet on how to do this.

I will try to explain how my program works.
The user loggs into owa as usual and gets his mailbox. What I have done is
to insert an iframe into the left side of owa(I modified vw_navbar.js to do
this) that calls my application. When the application runs in the iframe, it
doesn't have a valid authentication, so I have to get it from the cookies
that owa has created.

The application must connect to the user in Acitve Directory and read som
properties and then connect to the Exchangeserver and read som more
properties.

The problem is that I have to get my application authenticated so I get the
right permissions. How can I use a cookie to authenticate my application?

/Mathias

"Lee Derbyshire [MVP]" wrote:

> "Mathias Erlandsson" <MathiasErlandsson@discussions.microsoft.com> wrote in
> message news:6E21BCB7-EA41-44A7-9146-2ED0E7309918@microsoft.com...
> > Thanks for the reply.
> >
> > I have managed to get theese cookies, but I'm not sure on how to use them.
> > The plugin is a c# asp .net application that needs to authenticate the
> > user
> > against Active Directory. Don't I have to decode the cadata cookie to get
> > the
> > username and password so I can authenticate against the domain?
> >
> > /Mathias
>
> I don't know about C# (I only use VBScript), but I assume you have a
> component that makes your requests for you. You should have supplied a
> username and password in your first POST to owaauth.dll. The sessionid and
> cadata that were returned now 'go with' that username and password for the
> entire session, so you continue to assign the existing creds to the
> component, and then add the sessionid and cadata request headers (no, you
> don't have to do any decoding) to get subsequent requests into /Exchange .
>
> Lee.
>
> --
> ___________________________________
>
> Outlook Web Access for PDA and WAP:
> www.leederbyshire.com
> ___________________________________
>
>
>
>

Relevant Pages

  • Re: How do I change current user/password/domain?
    ... One part of the portal brings up a group calendar in Exchange 2003 (OWA). ... application to authenticate the user against Exchange/AD so that the OWA ... I have been able to set a WebRequest with the proper credentials and get a ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: OWA Site Folder Contents
    ... Users can now authenticate on the OWA page through ... I have modified the login script in the bin to allow straight login with out ... Now OWA works fine with forms-based turned on or off. ... I can think of is that this is a rebuild of the only Exchange server in the ...
    (microsoft.public.exchange.admin)
  • Re: Use owa cookie for authentication
    ... > I'm developing a plugin for owa that the user needs to authenticate ... > There is no problem when I use NTLM in owa, but when I switch to Forms ... > How do I use the cookie owa creates to authenticate the user against my ... > Mathias Erlandsson ...
    (microsoft.public.exchange.development)
  • Re: WEbDAV and X-MS-ENUMATTS - 404 not found problem
    ... cookies you just received wont be sent to owa - so the user would still need ... I do get 2 cookies back. ... >> dll using your credentials then when doing your subsequent method do this ... >> Dim request As HttpWebRequest = CType, ...
    (microsoft.public.exchange.development)
  • Re: Webdav and Form based Authentication
    ... From the very meagre documentation on the subject I can find ... I need to do a POST to the owaauth.dll, which returns two cookies. ... contain characters I am not allowed to use. ... OWA For WAP: ...
    (microsoft.public.exchange2000.development)