Re: WebDAV and windows authentication?

PS:
I checked the IIS and it accepts integrated windows authentication.
I do not use a proxy to access the server, it's on the the same
domain...


/Jellobiaffra

On 25 Jan, 16:46, "Jellobiaffra" <greke...@xxxxxxxxxxx> wrote:
Hello Henning,

I haven't actually tried using WinInet, but in msdn:http://msdn2.microsoft.com/en-us/library/aa385331.aspx
it says that it should not be used from a service, they instead refer
to WinHttp, which I can't get
working with integrated authentication.

I have now reverted to using XMLHttp temporarily, just to get forward
with development...

Regards,
- Jellobiaffra

On 16 Jan, 22:27, "Henning Krause [MVP - Exchange]"

<newsgroups_rem...@xxxxxxxxxxxxxxxxx> wrote:
Hello,

AFAIK, the .NET HttpWebRequest uses WinInet internally, so it should be
possible.

Have you checked that the virtual directory in IIS is configured to accept
integrated authentication.

And are you working over a proxy to access your server?

Best regards,
Henning Krause

"Jellobiaffra" <greke...@xxxxxxxxxxx> wrote in messagenews:1168530900.646522.18650@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Ok, so I have now tried to get it working with Winhttp (5.1) but I
still have the same problem.

I use the function below to set authentication scheme to use:
BOOL WinHttpSetCredentials(
HINTERNET hRequest,
DWORD AuthTargets,
DWORD AuthScheme,
LPCWSTR pwszUserName,
LPCWSTR pwszPassword,
LPVOID pAuthParams
);

When I explicitly specify the username/password in the call to
SetCredentials (..) I can access the exchange store, but not when I try
without, like this:
WinHttpSetCredentials( hRequest, WINHTTP_AUTH_TARGET_SERVER,
WINHTTP_AUTH_SCHEME_NEGOTIATE, NULL, NULL, NULL );

In my MSDN I read this "When using the NTLM or Negotiate authentication
schemes, the username and password can be set to NULL to specify the
use of the default credentials of the calling thread, if this behavior
is permitted under the automatic logon policy." And also about passing
the username to SetCredentials (..) "If this is set to NULL, default
credentials for this session context are used."

BUT I now noticed in MSDN2 on the web that both these lines have been
removed! It says nothing about this anymore... Is this not supported
anymore, was it wrongly put there in the first place?

I'm getting tired of this :-(

Is there any http API that supports integrated authentication, that I
can use to access the exchange store and that is suitable for an
application running as a service? It seems XMLHttp, WinInet and Winhttp
are not. :-(

Kind regards,
- Jellobiaffra

Henning Krause [MVP - Exchange] skrev:

Hello,

does the IXMLHttpRequest interface even support integrated
authentication?
The documentation states: "bstrUser [in, optional]: Name of the user for
authentication. If this parameter is Null ("") or missing and the site
requires authentication, the component displays a logon window."

And the remarks section of the interface states: "Note IXMLHTTPRequest
does not support secure website access. To access a secure website, use
the
WinINet API."

So I guess you'll have to use WinInet and parse the response with a
IXMLDomDocument. But be aware, that some exchange properties are not
returned as wellformed xml (they have a local name starting with "0x",
which
is not allowed by xml).

Best regards,
Henning Krause

"Jellobiaffra" <greke...@xxxxxxxxxxx> wrote in message
news:1168414048.311184.74520@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Henning, thank you for your response.

I have previously set up the correct access rights (receive as/send as)
for the account. As I said, when I log in using the account/pwd in the
code, it works fine, but this is not my prefered method.

To clarify, previously the same application used ExOLEDB to access the
exchange store, but we are changing to WebDAV so that it won't have to
be installed directly on the server. The app was run as a service on
the exchange server by an account with correct access rights, and could
then access the exchange store without having to log in (no need to
provide account/pwd in the code).

I am not familiar with the concept of integrated security and hence
don't know if it is active. Could you help me out?

Thanks again!

Henning Krause [MVP - Exchange] skrev:

Hello,

if you want to access random mailboxes, you need access to those
mailbox
(See
http://www.infinitec.de/articles/exchange/grantmailboxaccess.aspx).

For the Windows Authentication: Do you have enabled Integrated
Security
on
the Exchange virtual root?

Best regards,
Henning Krause

"Jellobiaffra" <greke...@xxxxxxxxxxx> wrote in message
news:1168351880.162897.277240@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,

I am attempting an application that should access the exchange store
via WebDAV. The application should be able to access a random users
mailbox/calendar/contacts etc using an account that has access
rights
to these. The app is written in C++ and uses XMLHttp for
communication
with the exchange server.

When I specify the account details (uid/pwd) in XMLHttp.open (..)
everything works fine, but I would like to use windows
authentication
instead. The application should be started as a service by an
account
that has correct access rights. Can I use windows authentication to
access the exchange store and thus not have to specify uid/pwd when
I
open a session to the server?

I have tried but it wont work, I get HTTP 401, access denied as
response from the server. Can this be done? Do I have to do
something
special in the code for it to work?

Thanks for any help.

.

Relevant Pages

  • Re: Need help configuring Wireless Connection profile
    ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless ... Vaillancourt,4155,1,4154,Use Windows authentication for all ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ...
    (microsoft.public.windowsxp.general)
  • Re: WebDAV and windows authentication?
    ... exchange store, but we are changing to WebDAV so that it won't have to ... be installed directly on the server. ... the exchange server by an account with correct access rights, ... For the Windows Authentication: Do you have enabled Integrated Security ...
    (microsoft.public.exchange.development)
  • Re: WebDAV and windows authentication?
    ... : Name of the user for authentication. ... exchange store, but we are changing to WebDAV so that it won't have to ... be installed directly on the server. ... the exchange server by an account with correct access rights, ...
    (microsoft.public.exchange.development)
  • Re: IIS 5.0 Windows Authenticion/NT Challenge Response
    ... And so IIS returned 400, which says absolutely nothing about your question ... concerning authentication ... "Windows Authentication" works but not Basic or Anonymous. ... to auto-login to the web server, ...
    (microsoft.public.inetserver.iis.security)
  • Re: IIS security problem
    ... from Webserver to AD server. ... Solution is to use Basic Authentication because the Access Token is created ... > I do not want this popup, and I set Integrated Windows Authentication ...
    (microsoft.public.inetserver.iis.security)