Creating tasks in Exchange using WebDAV

Tim McCarthy — Wed, 09 Aug 2006 22:11:00 GMT

I saw this posting on farhan’s blog about trying to create tasks in Exchange via WebDAV.

Well, I have found the correct way to do it. My code is split into too many classes to show how to do it in C#, but I will show the XML that needs to be sent across the wire in the WebDAV request to Exchange:

I did not put in the other properties, but you can use this thread indexed from google groups as a guide.

How to programmatically authenticate to Exchange Server 2003 in .NET with forms-based authentication enabled

Tim McCarthy — Sat, 05 Aug 2006 21:41:00 GMT

I ran into this problem and found a few solutions to it, but none of them really worked or were not really well-designed, or very elegant, in my opinion. There was a good Microsoft Knowledge Base article on kbAlertz about this problem, which greatly helped me with my solution. Brad Covelle also posted a solution to this on his blog as well.

One thing that I found wrong when I was trying to use these solutions was that the URL that was posted to seemed wrong. So I went to our Exchange OWA login form and did a View Source on it. I noticed that it was posting to a different URL than what other examples showed, so I changed it to go to http(s):///CookieAuth.dll?logon. This worked me for me so I stuck to it. I actually put it into a constant, but it might not be a bad idea to put it into some type of configuration (app.config, web.config, database, etc.) as well.

What the solution must do is programmatically post to the Exchange 2003 OWA login form handler, grab the cookies issued, and then use those cookies in all subsequent WebDAV requests to Exchange. I have come up with a class that will grab the cookies, and also cache the cookies, if you would like to keep the class instance in memory and reuse it later for additional WebDAV requests.

Here is the class:

using System;
using System.Net;
using System.IO;
using System.Text;
using System.Collections.Generic;

namespace MIS.EN.WebDav
{
    /// 
    /// Helper class for using Exchange 2003 OWA forms-based authentication with WebDAV.  This class maintains a 
    /// cache of CookieContainer objects, so if the authentication has already been performed,
    /// then the class will grab the CookieContainer from its cache.
    /// 
    public class FormsBasedAuthentication
    {
        private Dictionary cookieContainerCache;

        public FormsBasedAuthentication()
        {
            this.cookieContainerCache = new Dictionary();
        }

        private static class Constants
        {
            static Constants() { }
            public const string AuthenticationUrl = "{0}://{1}/CookieAuth.dll?logon";
            public const string RequestContentType = "application/x-www-form-urlencoded";
            public const string RequestMethod = "POST";
            public const string PostData = "destination=Z2FexchangeZ2F&flags=0&username={0}\\{1}&password={2}&SubmitCreds=Log On&forcedownlevel=0&trusted=0";
            public const string HttpWebDavExceptionMessage = "There was an HTTP error trying to use forms-based authentication before the WebDAV request was sent.";
            public const string GenericWebDavExceptionMessage = "There was a general error trying to use forms-based authentication before the WebDAV request was sent.";
        }

        /// 
        /// Logs in to Exchange using forms-based authentication, and grabs the necessary cookies to be used 
        /// for a WebDAV request on an Exchange server configured to use OWA forms-based authentication
        /// 
        /// The host name of a URI.  This will typically be represented by something like this:  
        /// mail.contoso.com, with contoso being the name of a fictitious company.
        /// The scheme name of a URI.  This will always typically be https.
        /// The security account information that will be posted to the OWA login form.
        public CookieContainer GetOwaCookies(string host, string scheme, NetworkCredential credentials)
        {
            // This will hold the cookies from OWA
            CookieContainer owaCookies;

            // Build the cache key for the cookie container dictionary
            string cacheKey = scheme + host;

            // Check the cache first
            if (this.cookieContainerCache.ContainsKey(cacheKey))
            {
                owaCookies = this.cookieContainerCache[cacheKey];
            }
            else
            {
                try
                {
                    // Get a new cookie container to populate
                    owaCookies = new CookieContainer();

                    // Build the authentication URI
                    Uri serverUri = new Uri(string.Format(Constants.AuthenticationUrl, scheme, host));

                    // Create the request
                    HttpWebRequest request = WebRequest.Create(serverUri) as HttpWebRequest;

                    // Set the headers
                    request.CookieContainer = new CookieContainer();
                    request.ContentType = Constants.RequestContentType;
                    request.Method = Constants.RequestMethod;
                    request.KeepAlive = true;
                    request.AllowAutoRedirect = false;

                    // Prepare the body of the request with the OWA POST data
                    byte[] body = Encoding.UTF8.GetBytes(string.Format(Constants.PostData, credentials.Domain,
                        credentials.UserName, credentials.Password));

                    // Set the content length of the request
                    request.ContentLength = body.Length;

                    // Send the request to the server
                    using (Stream stream = request.GetRequestStream())
                    {
                        stream.Write(body, 0, body.Length);
                    }

                    // Get the response
                    using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
                    {
                        // Add the OWA cookies from the response to the cookie container
                        foreach (Cookie cookie in response.Cookies)
                        {
                            owaCookies.Add(new Cookie(cookie.Name, cookie.Value, cookie.Path, cookie.Domain));
                        }
                    }

                    // Add the cookie container to the cache
                    this.cookieContainerCache.Add(cacheKey, owaCookies);
                }
                catch (WebException e)
                {
                    // Re-throw the exception with a wrapper
                    throw new WebDavException(Constants.HttpWebDavExceptionMessage, e);
                }
                catch (Exception e)
                {
                    // Re-throw the exception with a wrapper
                    throw new WebDavException(Constants.GenericWebDavExceptionMessage, e);
                }
            }
            return owaCookies;
        }
    }
}

To use this class, you’ll also need this class (for the exceptions being thrown):

using System;
using System.Runtime.Serialization;

namespace MIS.EN.WebDav
{
    public class WebDavException : ApplicationException
    {
        /// 
        /// Default constructor
        /// 
        public WebDavException() : base()
        {
        }

        /// 
        /// Initializes with a specified error message.
        /// 
        /// A message that describes the error.
        public WebDavException(string message) : base(message)
        {
        }

        /// 
        /// Initializes with a specified error 
        /// message and a reference to the inner exception that is the cause of this exception.
        /// 
        /// The error message that explains the reason for the exception.
        /// 
        /// The exception that is the cause of the current exception. 
        /// If the innerException parameter is not a null reference, the current exception 
        /// is raised in a catch block that handles the inner exception.
        /// 
        public WebDavException(string message, Exception exception)
            : base(message, exception)
        {
        }

        /// 
        /// Initializes with serialized data.
        /// 
        /// The object that holds the serialized object data.
        /// The contextual information about the source or destination.
        /// 
        protected WebDavException(SerializationInfo info, StreamingContext context)
            : base(info, context)
        {
        }
    }
}

Exchange WebDAV

Creating tasks in Exchange using WebDAV

How to programmatically authenticate to Exchange Server 2003 in .NET with forms-based authentication enabled