Re: WebDAV and windows authentication?

Ok, so I have now tried to get it working with Winhttp (5.1) but I
still have the same problem.

I use the function below to set authentication scheme to use:
BOOL WinHttpSetCredentials(
HINTERNET hRequest,
DWORD AuthTargets,
DWORD AuthScheme,
LPCWSTR pwszUserName,
LPCWSTR pwszPassword,
LPVOID pAuthParams
);

When I explicitly specify the username/password in the call to
SetCredentials (..) I can access the exchange store, but not when I try
without, like this:
WinHttpSetCredentials( hRequest, WINHTTP_AUTH_TARGET_SERVER,
WINHTTP_AUTH_SCHEME_NEGOTIATE, NULL, NULL, NULL );

In my MSDN I read this "When using the NTLM or Negotiate authentication
schemes, the username and password can be set to NULL to specify the
use of the default credentials of the calling thread, if this behavior
is permitted under the automatic logon policy." And also about passing
the username to SetCredentials (..) "If this is set to NULL, default
credentials for this session context are used."

BUT I now noticed in MSDN2 on the web that both these lines have been
removed! It says nothing about this anymore... Is this not supported
anymore, was it wrongly put there in the first place?

I'm getting tired of this :-(

Is there any http API that supports integrated authentication, that I
can use to access the exchange store and that is suitable for an
application running as a service? It seems XMLHttp, WinInet and Winhttp
are not. :-(


Kind regards,
- Jellobiaffra


Henning Krause [MVP - Exchange] skrev:

Hello,

does the IXMLHttpRequest interface even support integrated authentication?
The documentation states: "bstrUser [in, optional]: Name of the user for
authentication. If this parameter is Null ("") or missing and the site
requires authentication, the component displays a logon window."

And the remarks section of the interface states: "Note IXMLHTTPRequest
does not support secure website access. To access a secure website, use the
WinINet API."

So I guess you'll have to use WinInet and parse the response with a
IXMLDomDocument. But be aware, that some exchange properties are not
returned as wellformed xml (they have a local name starting with "0x", which
is not allowed by xml).

Best regards,
Henning Krause

"Jellobiaffra" <greken80@xxxxxxxxxxx> wrote in message
news:1168414048.311184.74520@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Henning, thank you for your response.

I have previously set up the correct access rights (receive as/send as)
for the account. As I said, when I log in using the account/pwd in the
code, it works fine, but this is not my prefered method.

To clarify, previously the same application used ExOLEDB to access the
exchange store, but we are changing to WebDAV so that it won't have to
be installed directly on the server. The app was run as a service on
the exchange server by an account with correct access rights, and could
then access the exchange store without having to log in (no need to
provide account/pwd in the code).

I am not familiar with the concept of integrated security and hence
don't know if it is active. Could you help me out?

Thanks again!


Henning Krause [MVP - Exchange] skrev:

Hello,

if you want to access random mailboxes, you need access to those mailbox
(See http://www.infinitec.de/articles/exchange/grantmailboxaccess.aspx).

For the Windows Authentication: Do you have enabled Integrated Security
on
the Exchange virtual root?

Best regards,
Henning Krause

"Jellobiaffra" <greken80@xxxxxxxxxxx> wrote in message
news:1168351880.162897.277240@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,

I am attempting an application that should access the exchange store
via WebDAV. The application should be able to access a random users
mailbox/calendar/contacts etc using an account that has access rights
to these. The app is written in C++ and uses XMLHttp for communication
with the exchange server.

When I specify the account details (uid/pwd) in XMLHttp.open (..)
everything works fine, but I would like to use windows authentication
instead. The application should be started as a service by an account
that has correct access rights. Can I use windows authentication to
access the exchange store and thus not have to specify uid/pwd when I
open a session to the server?

I have tried but it wont work, I get HTTP 401, access denied as
response from the server. Can this be done? Do I have to do something
special in the code for it to work?


Thanks for any help.



.

Relevant Pages

  • Re: WebDAV and windows authentication?
    ... : Name of the user for authentication. ... exchange store, but we are changing to WebDAV so that it won't have to ... be installed directly on the server. ... the exchange server by an account with correct access rights, ...
    (microsoft.public.exchange.development)
  • Re: WebDAV and windows authentication?
    ... working with integrated authentication. ... SetCredentials I can access the exchange store, ... It seems XMLHttp, WinInet and Winhttp ... the exchange server by an account with correct access rights, ...
    (microsoft.public.exchange.development)
  • Re: WebDAV and windows authentication?
    ... SetCredentials I can access the exchange store, ... In my MSDN I read this "When using the NTLM or Negotiate authentication ... be installed directly on the server. ... the exchange server by an account with correct access rights, ...
    (microsoft.public.exchange.development)
  • Re: WebDAV and windows authentication?
    ... Have you checked that the virtual directory in IIS is configured to accept integrated authentication. ... SetCredentials I can access the exchange store, ... > the exchange server by an account with correct access rights, ...
    (microsoft.public.exchange.development)
  • Re: WebDAV and windows authentication?
    ... exchange store, but we are changing to WebDAV so that it won't have to ... be installed directly on the server. ... the exchange server by an account with correct access rights, ... For the Windows Authentication: Do you have enabled Integrated Security ...
    (microsoft.public.exchange.development)