Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Authentication with OWA login does not work correct redirect

Posted on 2007-03-23
5
Medium Priority
?
864 Views
Last Modified: 2008-03-03
At my company we have an intranet website. Recently we enabled OWA with exchange so people have to logon onto the intranet website using the exchange form based login.

It is configured to go to a specific file after the login is done. The file is a webpage with a frame for a few webpages including the webmail.

When people login with a wrong password they still get the redirection to the index file of the intranet website. When they click on the webmail button they get an error saying that their credentials are wrong. I understand the last one, no rocket science.
But what I don't understand is that when somebody logs in with a wrong password that the user is forwarded to the index page of the intranet website. People should not get that page with incorrect credentials.

The url of the intranet site is this: https://intranet.esloo.nl/exchweb/bin/auth/owalogon.asp?url=https://intranet.esloo.nl/index2.php
Just click the "Aanmelden" you'll get into the intranet. Now click on "WEBMAIL" and the error appears as supposed to.

In my mind it can be solved in two ways:
1.  When people put in incorrect credentials they're returned to the login page with an error message stating their credentials are incorrect.
2. I check in the index page of the intranet website if they get a cookie or a session variable from the exchange server. If not the user is forwarded to the login page with an error like the one above.

I've been googling for a while now trying to find a solution for both ways but could not find anything.

Does anybody have an idea how to solve this problem.

Thanx in advance.
0
Comment
Question by:Sander Stad
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18780607
I think this is happening because you are chaning the location that the user goes after login.  If you leave that as the default Exchange location that is what powers the error situations such as invalid passwords etc, and dumps the user back at the OWA login page with the error message in red text.  I would try to use the cookie idea.
0
 
LVL 9

Author Comment

by:Sander Stad
ID: 18791000
And that's where the problem starts, you can't really change the files of OWA. Only the layout.
I really don't know how to create and destroy a cookie in conjunction with OWA.

Do you have an example.
0
 
LVL 10

Accepted Solution

by:
MATTHEW_L earned 500 total points
ID: 18796619
I have seen it done.  I will try to dig up some resources.  What should happen is you should build your own logon page that authenticates against AD.  Once the user is authenticated they would get a cookie allowing them SSO (Single Sign On) into other web applications for a period of time, before their session / cookie times out.  That way when they click on their email link it would just pop them right into email without having to authenticate again, and in a way bypassing the OWA login.  Like I said I have seen this used, it worked well, I will try to dig up some resources.  I myself am not a programmer / web developer so....
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question