Solved

Authentication with OWA login does not work correct redirect

Posted on 2007-03-23
5
844 Views
Last Modified: 2008-03-03
At my company we have an intranet website. Recently we enabled OWA with exchange so people have to logon onto the intranet website using the exchange form based login.

It is configured to go to a specific file after the login is done. The file is a webpage with a frame for a few webpages including the webmail.

When people login with a wrong password they still get the redirection to the index file of the intranet website. When they click on the webmail button they get an error saying that their credentials are wrong. I understand the last one, no rocket science.
But what I don't understand is that when somebody logs in with a wrong password that the user is forwarded to the index page of the intranet website. People should not get that page with incorrect credentials.

The url of the intranet site is this: https://intranet.esloo.nl/exchweb/bin/auth/owalogon.asp?url=https://intranet.esloo.nl/index2.php
Just click the "Aanmelden" you'll get into the intranet. Now click on "WEBMAIL" and the error appears as supposed to.

In my mind it can be solved in two ways:
1.  When people put in incorrect credentials they're returned to the login page with an error message stating their credentials are incorrect.
2. I check in the index page of the intranet website if they get a cookie or a session variable from the exchange server. If not the user is forwarded to the login page with an error like the one above.

I've been googling for a while now trying to find a solution for both ways but could not find anything.

Does anybody have an idea how to solve this problem.

Thanx in advance.
0
Comment
Question by:Sander Stad
  • 2
5 Comments
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18780607
I think this is happening because you are chaning the location that the user goes after login.  If you leave that as the default Exchange location that is what powers the error situations such as invalid passwords etc, and dumps the user back at the OWA login page with the error message in red text.  I would try to use the cookie idea.
0
 
LVL 9

Author Comment

by:Sander Stad
ID: 18791000
And that's where the problem starts, you can't really change the files of OWA. Only the layout.
I really don't know how to create and destroy a cookie in conjunction with OWA.

Do you have an example.
0
 
LVL 10

Accepted Solution

by:
MATTHEW_L earned 125 total points
ID: 18796619
I have seen it done.  I will try to dig up some resources.  What should happen is you should build your own logon page that authenticates against AD.  Once the user is authenticated they would get a cookie allowing them SSO (Single Sign On) into other web applications for a period of time, before their session / cookie times out.  That way when they click on their email link it would just pop them right into email without having to authenticate again, and in a way bypassing the OWA login.  Like I said I have seen this used, it worked well, I will try to dig up some resources.  I myself am not a programmer / web developer so....
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Resolve DNS query failed errors for Exchange
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now