When you get FBA, 440 Login timeout using C#
// .....
request3.CookieContainer = cookies;
response = (HttpWebResponse)request3.GetResponse();

// According to the microsoft article Q234486, the cookies has to be set two times.
CookieCollection ck = cookies.GetCookies( new Uri( url ) );
foreach ( Cookie co in ck )
{
co.Path = "/";
cookies.Add( co );
}

For the 440. We just added more authentication requirements to our OWA so that it is at https and failure of the mail parser resulted. This helped a whole lot. I did change one thing, I changed the return type to CookieContainer so that I can set the webrequest.CookieContainer to the result directly.

hi all,
In the before C# Example,
i have using same code in the vb.net.i have got error from "operation has time out." while setting in to cookies.any one help me to find out what is the problem? and why is getting this error on runtime.?

Hi, if the exchange server 2007 is request by ssl how can I get the response by client javascript?

Hi vijay

you have to fetch cookies in equal interval so that to avoid that error

Hi All

I am getting a differnt error which is "The remote server returned an error: (407) Proxy Authentication Required". I tried to stream with the proxy by providing network Credentials. but nothing is working so far. Any help will be much appreciated.

Does this only work with IE??
I've tried with both Firefox & Safari and in each browser I get 'Access denied' errors (xss stuff)..
any ideas?

hi everybody,
I am using the c# code above. Can anybody please be kind enough to show the code to be used for accessing the mails in the inbox.

Dear i have tried your code with OWA 2007 and Iam getting this error 401 - unauthorized , any clue? , Please help me out

Hi,

I'm strugling to get this working, I'm trying to access FBA over SSL. My code works fine against a box using Negotiate authentication but now when using webdav & FBA, my raw http request looks as follows:

PROPFIND /exchange/owatest@nwtraders.msft/non_ipm_subtree/ HTTP/1.1
Host: exchange.nwtraders.msft
Cookie: sessionid=7a7c69df-0455-4g58-a96e-4e72388f4efa:000; cadata="1lsLZBvnfDk/Np9dfgFFtfgT91xl9UMjTsf7YxJ7IUufEVYQCm443d7qqxqvafmPKELKxT9yQFeG/2SFN0fTOAv6Q=="
Content-Length: 141
Expect: 100-continue

<?xml version="1.0"?><a:propfind xmlns:a="DAV:" xmlns:d="schemas.microsoft.com/exchange/"><a:prop><d:oof-state/></a:prop></a:propfind>

Any insight would be greatly appreciated. If someone has it working could they post a working HTTP request against SSL FBA WebDav so that I can try and work out what I'm missing?

Thanks,

Dave

Hi There,

I am trying to use the Javascript version of this script, but have so far not been successful, after a little investigation, it seems to be sailing because only one cookie is returned not 2.

Can you think of any reason this might be the case?

Many thanks

If anyone's interested in the solution to my problem, I wasn't sending the content-type header.

Cheers,

Dave

I've noticed 2 cookies are set even when entering the wrong password. Is there a different way for determining when the specified credentials were sent correctly?

After inspecting the Evolution source (http://projects.gnome.org/evolution/index.shtml), I found their Exchange connector checks for a <BASE> tag containing an href pointing to the user's mailbox.

<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1">
<TITLE>Microsoft Outlook Web Access</TITLE>
<BASE href="mail.nowhere.net/exchange/Nobody/">
</HEAD>

Pingback from keyongtech.com

Reading attachments from exchange server email | keyongtech

When I send the POST I get a "Internal Server Error" reply for one user. Is it necessary to encode the password in a special way?
There are " and § in this special password on my test-server.

@mpredosin
I am having the same problem i.e. it doesn't matter whether I provide correct credentials or not, the response still contains 2 cookies. I don't get any HTML content in the response (even if I give the correct credentials).
Any insight will be appreciated.
P.S: I am using trying to connect FBA enables Exchange 2003 using Qt/c++

The JavaScript line

41 arrHeader = xmlHTTP.getAllResponseHeaders().split("

looks wrong

Hey Henning (hoping you read this!), or anyone else,

I have been using your approach for WebDAV FBA successfully for a while. Now I have a customer for which it's not working. I *believe* they are using Exchange 2007. My code uses /exchweb/bin/auth/owaauth.dll, and I now see you have Updated this to:

Note: The url above is used with Exchange 2003. If want to authenticate against Exchange 2007 use this url:
1 POST owa/auth/owaauth.dll
The Exchange 2003 url is still there but it won't work.

(They don't get any error, but their later requests fail with 401. Just like "fahad"'s post above
>>Dear i have tried your code with OWA 2007 and Iam getting this error 401 - unauthorized , any clue? , Please help me out
I'm wondering if it still returns the 2 cookies (else I would error), but then they just don't work...)

Anyways, looks like I will need to update for Exchange 2007 whatever (which I cannot test...). Now, I don't want to ask user what version of Exchange they're running (they probably won't know anyway!), so I need one solution which works for both 2007 & 2003. Which is a problem, given that 2007 gives no error for the old Url, but then "doesn't work".

So, how would you code for both 2007 & 2003? My best thought is:

* Try first with /owa/auth/owaauth.dll, for 2007.
* If that succeeds, fine. If I get 404 Not Found (?), the URL isn't there, so it's 2003, so then try again with /exchweb/bin/auth/owaauth.dll.

Obviously, I need the right error codes to make sure I'm recognising just this situation --- I don't want to mix this issue up with, say, permission errors. So I'd be relying on 404 to detect this correctly.

Is this right/best?

Thanks to all.

I have a second, unrelated, question. Please do not let this question stop anyone answering the previous post above!

I would like to be able to test whether the WebDAV URL specified is correct for troubleshooting, all on its own, preferably *without* getting as far as the FBA/credentials logon or trying to access a mailbox etc., as that just complicates the issue.

Say they have specified:
https://server/exchange
as their top-level Exchange virtual root. (At this point, I don't even know, say, a mailbox to access.) I can't find an HTTP request that will just tell me if this is there.

If I just contact https://server/exchange, I do get the 440 Login timeout if FBA is on (maybe I could just use that return code for my purpose? but they may not have FBA on); then I get my cookies OK, but when I then issue some WebDAV command against https://server/exchange, I then just get 404 not found for that level, which looks a lot like what I'd expect if the Url was simply wrong, which it is not.

What exactly is the "minimum" HTTP request I can issue against top-level https://server/exchange --- preferebaly without credentials --- just to discover if it's the correct URL, please?

Well, to answer my own 2 posts above:

* With Henning's help, to support both Exchange 2007 & 2003, I do indeed first try /owa/auth/owaauth.dll (for 2007), and then retry on /exchweb/bin/auth/owaauth.dll (for 2003) if I get a "404".

* To test whether a top-level URL supports WebDAV at all, I send an HTTP "OPTIONS" request, and then examine the returned response Headers for something like a "DAV" Key (does require credentials, but no mailbox, could just check for "404" if don't have credentials)

Many thanks to Henning for his excellent work in this area.

(Sorry, in previous post read "404 or 440" in place of the *second* occurrence of "404" --- go figure!)

Trying to get this working as a test with a windows form but get no cookies back. Login info works fine when directly using OWA. Any one kind enough to take a look at the code and point me in the right direction please?

Imports System.Xml
Imports System.Xml.Xsl
Imports MSXML2
Imports System.Net

Public Class Form1

Private Function GetRequestObject(ByVal uri As String, ByVal method As String) As HttpWebRequest
Dim webrequest As HttpWebRequest
Dim _uri As Uri

'Initiate a new WebRequest to the given URI
_uri = New Uri(uri)
webrequest = DirectCast(System.Net.WebRequest.Create(_uri), HttpWebRequest)

webrequest.CookieContainer = New CookieContainer()
webrequest.Method = method

Return webrequest

End Function

Private Function customXertificateValidation(ByVal sender As Object, ByVal cert As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslerrors As System.Net.Security.SslPolicyErrors) As Boolean
'For dev purposes
Return True
End Function

Private Function DoFormbasedAuthentication(ByVal uri As String, ByVal credential As NetworkCredential) As CookieCollection
Dim server As String
Dim request As HttpWebRequest
Dim response As HttpWebResponse
Dim body() As Byte
Dim stream As System.IO.Stream

Try
'Get the server portion of the request uri and append the authentication dll from Exchange
'2003
server = uri.Substring(0, uri.IndexOf("/", 8)) + "/exchweb/bin/auth/owaauth.dll"
'2007
'server = uri.Substring(0, uri.IndexOf("/", 8)) + "/owa/auth/owaauth.dll"

request = GetRequestObject(server, "POST")
request.CookieContainer = New CookieContainer
request.ContentType = "application/x-www-form-urlencoded"
ServicePointManager.ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation)


'Prepare the body of the request
body = System.Text.Encoding.UTF8.GetBytes(String.Format("destination={0}&username={1}\\{2}&password={3}", uri, credential.Domain, credential.UserName, credential.Password))
request.ContentLength = body.Length

'Send the request to the server
stream = request.GetRequestStream
stream.Write(body, 0, body.Length)
stream.Close()

'Get the response
response = DirectCast(request.GetResponse(), HttpWebResponse)

'Check if the login was successful
If (response.Cookies.Count < 2) Then
Throw New System.Security.Authentication.AuthenticationException("Failed to login to OWA. Be sure your domain and password are correct.")
End If

Return response.Cookies

Catch ex As System.Security.Authentication.AuthenticationException
Throw
Catch ex As Exception
Throw New Exception("Failed to login to OWA. The following error occured: " + ex.Message, ex)
End Try
End Function



Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Dim oXmlHttp As New MSXML2.ServerXMLHTTP40
Dim xmlDOMParams As New System.Xml.XmlDataDocument
Dim xmlDOMParamsAttachement As New MSXML2.DOMDocument40
Dim xmlNdLstDonation, xmlNdLstDonation1 As XmlNodeList

Dim myCred As New System.Net.NetworkCredential
With myCred
.Domain = "myDomain"
.UserName = "myUserName"
.Password = "myPassword"
End With
Dim myCookies As CookieCollection = DoFormbasedAuthentication("https://myServer/exchange/myUserName", myCred)
Dim strCookies As String = ""
For Each C As Cookie In myCookies
strCookies = C.ToString + "; "
Next


Dim ConnectingURL As String = "https://myServer/exchange/myUserName/inbox"
Dim UserName As String = "myDomain\myUserName"
Dim PWD As String = "myPassword"

With oXmlHttp
.setTimeouts(30000, 30000, 30000, 30000)
.setOption(SERVERXMLHTTP_OPTION.SXH_OPTION_IGNORE_SERVER_SSL_CERT_ERROR_FLAGS, 13056)
.open("PROPFIND", ConnectingURL, True, UserName, PWD)
.setRequestHeader("Depth", "1")
.setRequestHeader("Content-type", "xml")
.setRequestHeader("Cookies", "Necessary according to Q234486")
.setRequestHeader("Cookies", strCookies)

.send()
.waitForResponse(30)

Debug.Write(.responseBody)
Debug.Write(.responseXML)
Dim Str As String = oXmlHttp.responseText
'Load the read mails into XML document
xmlDOMParams.LoadXml(Str)
'Get the list of text descriptions of all the mails
xmlNdLstDonation = xmlDOMParams.GetElementsByTagName("e:textdescription")
'Get the List of Subjects of all the mails
xmlNdLstDonation1 = xmlDOMParams.GetElementsByTagName("a:href")
End With

End Sub
End Class

I am trying to connect exchange 2007 using FBA. Using guidelines given by Henning to use owa/auth/owaauth.dll i post the request to OWA and get tow cookies. I set those cookies in further request as
sessionid=6b69c387-05e2-4e29-9590-75a4425deace; cdata=2so3eMz1NltnEdYZzAxK1dwemdnp9LzSUAUoMDxhAAjBIS0TM5U2/hd35KUKGutRGT70KCNHMkf6ylFShBa7zbw==;

When i perform some search request on Exchange server using request path as
http://server:80/owa/test1@mymailserver.com/
I get The server does not support this functionality.

When i perform search operation using request path
http://server:80/exchange/test1@portmail.com/
I get (Access Denied) Resource requires authorization or authorization was denied.


Note: I have not enabled ssl on the Exchange server and trying FBA with http only.

Am i doing some mistake here, I will really appriciate any help on this.

Hi My issue is resolved, we were doing some basic mistake while enabeling FBA on exchange 2007. We did enabled FBA on IIS but we did not enabled FAB on /exchange directory under webdav which was causing failure. Thanks Henning for writing these articals which provides valuable guidelines.