On 5/28/2008 4:15:18 PM David smulders wrote:

When you get FBA, 440 Login timeout using C#
// .....
            request3.CookieContainer = cookies;
            response = (HttpWebResponse)request3.GetResponse();

            // According to the microsoft article Q234486, the cookies has to be set two times.
            CookieCollection ck = cookies.GetCookies( new Uri( url ) );
            foreach ( Cookie co in ck )
            {
               co.Path = "/";
               cookies.Add( co );
            }

On 6/19/2008 8:04:27 PM Steven Cohen wrote:

For the 440.  We just added more authentication requirements to our OWA so that it is at https and failure of the mail parser resulted.  This helped a whole lot.  I did change one thing,  I changed the return type to CookieContainer so that I can set the webrequest.CookieContainer to the result directly.

On 6/20/2008 9:48:47 AM vijayr wrote:

hi all,
In the before C# Example,
i have using same code in the vb.net.i have got error from "operation has time out." while setting in to cookies.any one help me to find out what is the problem? and why is getting this error on runtime.?

On 6/24/2008 5:41:51 PM Liangyj wrote:

Hi, if the exchange server 2007 is request by ssl how can I get the response by client javascript?

On 8/5/2008 2:02:33 PM Arunkumar wrote:

Hi vijay

          you have to fetch cookies in equal interval so that to avoid that error

On 8/8/2008 1:50:44 AM Ricky wrote:

Hi All

I am getting a differnt error which is "The remote server returned an error: (407) Proxy Authentication Required". I tried to stream with the proxy by providing network Credentials. but nothing is working so far. Any help will be much appreciated.

On 8/31/2008 3:52:58 AM Justin wrote:

Does this only work with IE??
I've tried with both Firefox & Safari and in each browser I get 'Access denied' errors (xss stuff)..
any ideas?

On 10/7/2008 3:26:38 PM anand wrote:

hi everybody,
      I am using the c# code above. Can anybody please be kind enough to show the code to be used for accessing the mails in the inbox.

On 11/1/2008 7:27:31 AM fahad wrote:

Dear i have tried your code with OWA 2007 and Iam getting this error 401 - unauthorized , any clue? , Please help me out

On 12/16/2008 1:32:41 PM Dave Hope wrote:

Hi,

I'm strugling to get this working, I'm trying to access FBA over SSL. My code works fine against a box using Negotiate authentication but now when using webdav & FBA, my raw http request looks as follows:

PROPFIND /exchange/owatest@nwtraders.msft/non_ipm_subtree/ HTTP/1.1
Host: exchange.nwtraders.msft
Cookie: sessionid=7a7c69df-0455-4g58-a96e-4e72388f4efa:000; cadata="1lsLZBvnfDk/Np9dfgFFtfgT91xl9UMjTsf7YxJ7IUufEVYQCm443d7qqxqvafmPKELKxT9yQFeG/2SFN0fTOAv6Q=="
Content-Length: 141
Expect: 100-continue

<?xml version="1.0"?><a:propfind xmlns:a="DAV:" xmlns:d="schemas.microsoft.com/.../"><a:prop><d:oof-state/></a:prop></a:propfind>

Any insight would be greatly appreciated. If someone has it working could they post a working HTTP request against SSL FBA WebDav so that I can try and work out what I'm missing?

Thanks,

Dave

On 12/17/2008 6:00:47 PM Tim Welford wrote:

Hi There,

I am trying to use the Javascript version of this script, but have so far not been successful, after a little investigation, it seems to be sailing because only one cookie is returned not 2.

Can you think of any reason this might be the case?

Many thanks

On 12/29/2008 8:56:14 AM Dave Hope wrote:

If anyone's interested in the solution to my problem, I wasn't sending the content-type header.

Cheers,

Dave

On 1/7/2009 11:50:19 PM mpredosin wrote:

I've noticed 2 cookies are set even when entering the wrong password.  Is there a different way for determining when the specified credentials were sent correctly?

On 1/9/2009 6:06:45 PM mpredosin wrote:

After inspecting the Evolution source (http://projects.gnome.org/evolution/index.shtml), I found their Exchange connector checks for a <BASE> tag containing an href pointing to the user's mailbox.

<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1">
<TITLE>Microsoft Outlook Web Access</TITLE>
<BASE href="mail.nowhere.net/.../">
</HEAD>

On 2/6/2009 10:46:36 AM Christoph Bürger wrote:

When I send the POST I get a "Internal Server Error" reply for one user. Is it necessary to encode the password  in a special way?
There are " and § in this special password on my test-server.

On 2/9/2009 1:03:54 PM maya wrote:

@mpredosin
I am having the same problem i.e. it doesn't matter whether I provide correct credentials or not, the response still contains 2 cookies. I don't get any HTML content in the response (even if I give the correct credentials).
Any insight will be appreciated.
P.S: I am using trying to connect FBA enables Exchange 2003 using Qt/c++

On 2/24/2009 6:57:30 AM Andrew Bruno wrote:

The JavaScript line

41     arrHeader = xmlHTTP.getAllResponseHeaders().split("

looks wrong

On 4/25/2009 11:51:45 AM JB wrote:

Hey Henning (hoping you read this!), or anyone else,

I have been using your approach for WebDAV FBA successfully for a while.  Now I have a customer for which it's not working.  I *believe* they are using Exchange 2007.  My code uses /exchweb/bin/auth/owaauth.dll, and I now see you have Updated this to:

Note: The url above is used with Exchange 2003. If want to authenticate against Exchange 2007 use this url:
    1 POST owa/auth/owaauth.dll
The Exchange 2003 url is still there but it won't work.

(They don't get any error, but their later requests fail with 401.  Just like "fahad"'s post above
>>Dear i have tried your code with OWA 2007 and Iam getting this error 401 - unauthorized , any clue? , Please help me out
I'm wondering if it still returns the 2 cookies (else I would error), but then they just don't work...)

Anyways, looks like I will need to update for Exchange 2007 whatever (which I cannot test...).  Now, I don't want to ask user what version of Exchange they're running (they probably won't know anyway!), so I need one solution which works for both 2007 & 2003.  Which is a problem, given that 2007 gives no error for the old Url, but then "doesn't work".

So, how would you code for both 2007 & 2003?  My best thought is:

* Try first with /owa/auth/owaauth.dll, for 2007.
* If that succeeds, fine.  If I get 404 Not Found (?), the URL isn't there, so it's 2003, so then try again with /exchweb/bin/auth/owaauth.dll.

Obviously, I need the right error codes to make sure I'm recognising just this situation --- I don't want to mix this issue up with, say, permission errors.  So I'd be relying on 404 to detect this correctly.

Is this right/best?

Thanks to all.

On 4/25/2009 12:20:49 PM JB wrote:

I have a second, unrelated, question.  Please do not let this question stop anyone answering the previous post above!

I would like to be able to test whether the WebDAV URL specified is correct for troubleshooting, all on its own, preferably *without* getting as far as the FBA/credentials logon or trying to access a mailbox etc., as that just complicates the issue.

Say they have specified:
  https://server/exchange
as their top-level Exchange virtual root.  (At this point, I don't even know, say, a mailbox to access.)  I can't find an HTTP request that will just tell me if this is there.

If I just contact https://server/exchange, I do get the 440 Login timeout if FBA is on (maybe I could just use that return code for my purpose?  but they may not have FBA on); then I get my cookies OK, but when I then issue some WebDAV command against https://server/exchange, I then just get 404 not found for that level, which looks a lot like what I'd expect if the Url was simply wrong, which it is not.

What exactly is the "minimum" HTTP request I can issue against top-level https://server/exchange --- preferebaly without credentials --- just to discover if it's the correct URL, please?

On 5/7/2009 9:37:44 AM JB wrote:

Well, to answer my own 2 posts above:

* With Henning's help, to support both Exchange 2007 & 2003, I do indeed first try /owa/auth/owaauth.dll (for 2007), and then retry on /exchweb/bin/auth/owaauth.dll (for 2003) if I get a "404".

* To test whether a top-level URL supports WebDAV at all, I send an HTTP "OPTIONS" request, and then examine the returned response Headers for something like a "DAV" Key (does require credentials, but no mailbox, could just check for "404" if don't have credentials)

Many thanks to Henning for his excellent work in this area.

On 5/7/2009 9:51:38 AM JB wrote:

(Sorry, in previous post read "404 or 440" in place of the *second* occurrence of "404" --- go figure!)

On 7/27/2009 11:08:41 AM John wrote:

Trying to get this working as a test with a windows form but get no cookies back. Login info works fine when directly using OWA. Any one kind enough to take a look at the code and point me in the right direction please?

Imports System.Xml
Imports System.Xml.Xsl
Imports MSXML2
Imports System.Net

Public Class Form1

    Private Function GetRequestObject(ByVal uri As String, ByVal method As String) As HttpWebRequest
        Dim webrequest As HttpWebRequest
        Dim _uri As Uri

        'Initiate a new WebRequest to the given URI
        _uri = New Uri(uri)
        webrequest = DirectCast(System.Net.WebRequest.Create(_uri), HttpWebRequest)

        webrequest.CookieContainer = New CookieContainer()
        webrequest.Method = method

        Return webrequest

    End Function

    Private Function customXertificateValidation(ByVal sender As Object, ByVal cert As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslerrors As System.Net.Security.SslPolicyErrors) As Boolean
        'For dev purposes
        Return True
    End Function

    Private Function DoFormbasedAuthentication(ByVal uri As String, ByVal credential As NetworkCredential) As CookieCollection
        Dim server As String
        Dim request As HttpWebRequest
        Dim response As HttpWebResponse
        Dim body() As Byte
        Dim stream As System.IO.Stream

        Try
            'Get the server portion of the request uri and append the authentication dll from Exchange
            '2003
            server = uri.Substring(0, uri.IndexOf("/", 8)) + "/exchweb/bin/auth/owaauth.dll"
            '2007
            'server = uri.Substring(0, uri.IndexOf("/", 8)) + "/owa/auth/owaauth.dll"

            request = GetRequestObject(server, "POST")
            request.CookieContainer = New CookieContainer
            request.ContentType = "application/x-www-form-urlencoded"
            ServicePointManager.ServerCertificateValidationCallback = New System.Net.Security.RemoteCertificateValidationCallback(AddressOf customXertificateValidation)


            'Prepare the body of the request
            body = System.Text.Encoding.UTF8.GetBytes(String.Format("destination={0}&username={1}\\{2}&password={3}", uri, credential.Domain, credential.UserName, credential.Password))
            request.ContentLength = body.Length

            'Send the request to the server
            stream = request.GetRequestStream
            stream.Write(body, 0, body.Length)
            stream.Close()

            'Get the response
            response = DirectCast(request.GetResponse(), HttpWebResponse)

            'Check if the login was successful
            If (response.Cookies.Count < 2) Then
                Throw New System.Security.Authentication.AuthenticationException("Failed to login to OWA. Be sure your domain and password are correct.")
            End If

            Return response.Cookies

        Catch ex As System.Security.Authentication.AuthenticationException
            Throw
        Catch ex As Exception
            Throw New Exception("Failed to login to OWA. The following error occured: " + ex.Message, ex)
        End Try
    End Function



    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim oXmlHttp As New MSXML2.ServerXMLHTTP40
        Dim xmlDOMParams As New System.Xml.XmlDataDocument
        Dim xmlDOMParamsAttachement As New MSXML2.DOMDocument40
        Dim xmlNdLstDonation, xmlNdLstDonation1 As XmlNodeList

        Dim myCred As New System.Net.NetworkCredential
        With myCred
            .Domain = "myDomain"
            .UserName = "myUserName"
            .Password = "myPassword"
        End With
        Dim myCookies As CookieCollection = DoFormbasedAuthentication("https://myServer/exchange/myUserName", myCred)
        Dim strCookies As String = ""
        For Each C As Cookie In myCookies
            strCookies = C.ToString + "; "
        Next


        Dim ConnectingURL As String = "https://myServer/exchange/myUserName/inbox"
        Dim UserName As String = "myDomain\myUserName"
        Dim PWD As String = "myPassword"

        With oXmlHttp
            .setTimeouts(30000, 30000, 30000, 30000)
            .setOption(SERVERXMLHTTP_OPTION.SXH_OPTION_IGNORE_SERVER_SSL_CERT_ERROR_FLAGS, 13056)
            .open("PROPFIND", ConnectingURL, True, UserName, PWD)
            .setRequestHeader("Depth", "1")
            .setRequestHeader("Content-type", "xml")
            .setRequestHeader("Cookies", "Necessary according to Q234486")
            .setRequestHeader("Cookies", strCookies)

            .send()
            .waitForResponse(30)

            Debug.Write(.responseBody)
            Debug.Write(.responseXML)
            Dim Str As String = oXmlHttp.responseText
            'Load the read mails into XML document
            xmlDOMParams.LoadXml(Str)
            'Get the list of text descriptions of all the mails
            xmlNdLstDonation = xmlDOMParams.GetElementsByTagName("e:textdescription")
            'Get the List of Subjects of all the mails
            xmlNdLstDonation1 = xmlDOMParams.GetElementsByTagName("a:href")
        End With

    End Sub
End Class

On 9/1/2009 3:48:59 PM MN wrote:

I am trying to connect exchange 2007 using FBA. Using guidelines given by Henning to use owa/auth/owaauth.dll i post the request to OWA and get tow cookies. I set those cookies in further request as
sessionid=6b69c387-05e2-4e29-9590-75a4425deace; cdata=2so3eMz1NltnEdYZzAxK1dwemdnp9LzSUAUoMDxhAAjBIS0TM5U2/hd35KUKGutRGT70KCNHMkf6ylFShBa7zbw==;

When i perform some search request on Exchange server using request path as
http://server:80/owa/test1@mymailserver.com/
I get The server does not support this functionality.

When i perform search operation using request path
http://server:80/exchange/test1@portmail.com/
I get (Access Denied) Resource requires authorization or authorization was denied.


Note: I have not enabled ssl on the Exchange server and trying FBA with http only.

Am i doing some mistake here, I will really appriciate any help on this.

On 9/2/2009 2:04:09 PM MN wrote:

Hi My issue is resolved, we were doing some basic mistake while enabeling FBA on exchange 2007. We did enabled FBA on IIS but we did not enabled FAB on /exchange directory under webdav which was causing failure. Thanks Henning for writing these articals which provides valuable guidelines.

On 1/19/2009 12:10:30 AM keyongtech.com wrote:

Pingback from keyongtech.com

Reading attachments from exchange server email | keyongtech

On 9/7/2011 2:15:30 PM programmersgoodies.com wrote:

Pingback from programmersgoodies.com

C# cant read emails with webdav and fba - Programmers Goodies