Microsoft KB Archive/891748

= How to authenticate the Inbox in Exchange Server 2003 with forms-based authentication enabled by using Visual Basic .NET =

Article ID: 891748

Article Last Modified on 6/29/2005

-

APPLIES TO


 * Microsoft .NET Framework 1.0
 * Microsoft .NET Framework 1.1
 * Microsoft Visual Basic .NET 2002 Standard Edition
 * Microsoft Visual Basic .NET 2003 Standard Edition

-





INTRODUCTION
This article describes how to authenticate the Inbox in Microsoft Exchange Server 2003 with forms-based authentication enabled by using Microsoft Visual Basic .NET.



MORE INFORMATION
To access the Inbox in Exchange Server 2003, you must set up WebDAV access to Exchange Server 2003 in your Web application. You must also authenticate the Inbox in Exchange Server 2003 to the Exchange Server 2003 server that is enabled with forms-based authentication. The following Visual Basic .NET code sample and Visual Basic .NET function accomplish both of these tasks.

WebDAV access
To set up WebDAV access to Exchange Server 2003 in your Web application, use the following Visual Basic .NET code sample as a reference. Dim strServerName as String = &quot;Server Name&quot;    ' TODO: Change to your environment Dim strDomain as String = &quot;Domain Name&quot;    ' TODO: Change to your environment Dim strUserID as String = &quot;Username&quot;       ' TODO: Change to your environment Dim strPassword as String = &quot;Password&quot;     ' TODO: Change to your environment

' Create our destination URL. Dim strURL As String = &quot;https://&quot; & strServerName & &quot;/exchange/&quot; & strUserName & &quot;/inbox/test.eml&quot; Dim strReusableCookies As String

' Create our Web request object. GETRequest = CType(WebRequest.Create(New System.Uri(strURL & strApptItem)), HttpWebRequest)

strReusableCookies = AuthenticateSecureOWA(strServerName, strDomain, strUserID, strPassword)

' Add the cookie set that is obtained after OWA authentication to our request header. PROPPATCHRequest.Headers.Add(&quot;Cookie&quot;, strReusableCookies) PROPPATCHRequest.ContentType = &quot;text/xml&quot; PROPPATCHRequest.KeepAlive = True PROPPATCHRequest.AllowAutoRedirect = False

' Specify the PROPPATCH method. PROPPATCHRequest.Method = &quot;GET&quot;

' Enter your WebDAV-related code here. Note In the Visual Basic .NET code sample that was just mentioned, the strReusableCookies string variable is the authentication cookie that is returned from the AuthenticateSecureOWA function call. If the authentication cookie times out, call the AuthenticateSecureOWA function again to receive a new authentication cookie.

Another way to work around this problem is to put the WebDAV request in a try/catch block. The try/catch block will catch the authentication cookie time-out error. When the authentication cookie time-out error occurs, you can re-authenticate the Inbox in Exchange Server 2003 to the Exchange Server 2003 server that is enabled with forms-based authentication.

Authentication function
To authenticate to Exchange Server 2003 with forms-based authentication enabled from your Web application, use the following Visual Basic .NET function: Imports System Imports System.Net Imports System.IO Imports System.Xml Imports System.Text.RegularExpressions

' Code to call the Authentication: Private CookieJar As CookieContainer Private strCookies As String

' Authenticate to OWA. Assign the returned cookies to a string. Dim strReusableCookies As String strReusableCookies = AuthenticateSecureOWA(strServerName, strDomain, strUserID, strPassword)

'Implementation of the Authentication to the Exchange Server 2003 server that is enabled with forms-based authentication

Private Function AuthenticateSecureOWA(ByVal strServerName As String, ByVal strDomain As String, ByVal strUserName As String, ByVal strPassword As String) As String Dim AuthURL As System.Uri

Try ' Construct our destination URI. AuthURL = New System.Uri(&quot;https://&quot; + strServerName + &quot;/exchweb/bin/auth/owaauth.dll&quot;) Catch ex As Exception. MsgBox(&quot;Error occurred while you are creating the URI for OWA authentication!&quot; + vbCrLf + vbCrLf + ex.Message) Return &quot;Error&quot; End Try

Dim WebReq As HttpWebRequest CookieJar = New CookieContainer

' Create our request object for the constructed URI. WebReq = CType(WebRequest.Create(AuthURL), HttpWebRequest) WebReq.CookieContainer = CookieJar

' Create our post data string that is required by OWA (owaauth.dll). Dim strPostFields As String = &quot;destination=https%3A%2F%2F&quot; & strServerName & &quot;%2Fexchange%2F&quot; + strUserName + &quot;%2F&username=&quot; + strDomain + &quot;%5C&quot; + strUserName + &quot;&password=&quot; + strPassword + &quot;&SubmitCreds=Log+On&forcedownlevel=0&trusted=0&quot;

WebReq.KeepAlive = True WebReq.AllowAutoRedirect = False WebReq.Method = &quot;POST&quot;

' Store the post data into a byte array. Dim PostData As Byte = System.Text.Encoding.ASCII.GetBytes(strPostFields)

' Set the content length. WebReq.ContentLength = PostData.Length

Dim tmpStream As Stream

Try ' Create a request stream. Write the post data to the stream. tmpStream = WebReq.GetRequestStream tmpStream.Write(PostData, 0, PostData.Length) tmpStream.Close Catch ex As Exception. MsgBox(&quot;Error occurred while trying OWA authentication!&quot; + vbCrLf + vbCrLf + ex.Message) Return &quot;Error&quot; End Try

' Get the response from the request. Dim WebResp As HttpWebResponse = WebReq.GetResponse

' Create a stream to capture the response data Dim tmpStreamRead As New StreamReader(WebResp.GetResponseStream)

' Write returned data to a string. Dim strResponseData As String = tmpStreamRead.ReadToEnd tmpStreamRead.Close

' Close the response object. WebResp.Close

' Get our returned cookie set. strCookies = CookieJar.GetCookieHeader(AuthURL).ToString

' Filter for our cadata and session ID cookies. Dim strCADataCookie As String = Regex.Replace(strCookies, &quot;(.*)cadata=&quot;&quot;(.*)&quot;&quot;(.*)&quot;, &quot;$2&quot;) Dim strSessionIDCookie As String = Regex.Replace(strCookies, &quot;(.*)sessionid=(.*)(,|;)(.*)&quot;, &quot;$2&quot;)

' Create and return the cookie set for performing subsequent Web requests. strCookies = &quot;sessionid=&quot; + strSessionIDCookie + &quot;; &quot; + &quot;cadata=&quot; + strCADataCookie Return strCookies End Function

