I need to use impersonation to create events on multiple user's calendars at the same time.
Is it possible to send a single request with multiple SOAP envelopes with the event details, or do I need to send separate requests for each event that needs to be created?
If your using Impersonation then then answer is no because impersonation is set at the envelope level you need multiple request. EWS allows batching but these requests are batched within one envelope and hence one security context. If you used a Service Account that had been granted access to all the mailboxes you where trying to access then it would be possible.
Cheers
Glen
Related
I have an application that I have to integrate with the outlook via Graph API. I need to retrieve the conversations which I am getting using the Graph Mail API. But the graph API is not able to return the object of the email in the form of threads(like that of a conversation thread between two email ids). Also, there is no field in the object that can specify to which thread a particular email belongs so that I can group them in my app.
Is there any way I can achieve the same.
Honestly, I think there is some severe lack of documentation on this everyday use case.
The solution it seems is to filter your messages by the conversationId.
See this answer: https://stackoverflow.com/a/63570384/2591194.
I am using a streaming subscription (EWS Managed API) to subscribe to events on one mailbox. Now, instead of doing this directly, I want to subscribe and take action on incoming mails on these mailboxes through impersonation.
How to achieve it?
What I have Tried:
I did setup multiple streaming subscriptions using service.ImpersonatedUserId() but when i get a event(i get events successfully for the 2 mailboxes i have subscribed to) and try to take some action for e.g EmailMessage.Bind(Item Id) or Folder.Bind(), the code stucks! I dont get any error message. I even tried TraceEnabled= true, I found nothing!
I did see this MSFT link but didn't find an answer.
I need help with for e.g moving the mail to another folder for multiple mailboxes through EWS subscriptions.
The default concurrent connection limit in .net is 2 by default https://learn.microsoft.com/en-us/dotnet/api/system.net.servicepointmanager.defaultconnectionlimit?view=netframework-4.7.2 because Streaming notifications require a concurrent connection to work this is a common issue.So all you should need to do is set the connection limit higher eg
System.Net.ServicePointManager.DefaultConnectionLimit = 100;
I have a custom application with its own database and a connection to exchange through EWS. Part of this application is a meeting tool which allows users to import exchange meetings and auto invite the other users which also use my application. As part of this tool I need to keep my meetings up to date with exchange, basically maintaining a centralized meeting storage. I can't simply store the user's exchange credentials due to security concerns and I also cannot customize the EWS server in any significant way (ie I cannot add Delegate Access).
The problem is that I am currently simply forcing all users to login to EWS whenever the go to view a meeting's details and it will query EWS to get the details using that user's EWS credentials and access their copy of the meeting. The problem is that there is no guarantee that any user has the same meeting details as any other user. As is partially explained here. Is there any way I can force the EWS FindItem call to only use the meeting's public (master) properties? i.e. Whatever version of the meeting the organizer has sent out/updated. I just need all users to return the same details when they query for the same meeting.
One solution I've considered is adding a 'bot' user whenever a meeting is imported into my application, and then just always using that bot's version of the meeting. However, I would really prefer to do something more 'under the hood' that doesn't require this extraneous user.
Is there any way I can force the EWS FindItem call to only use the meeting's public (master) properties
No FindItem will only every return you information about what is in the Folder your trying to access. You might want to consider using GetUserAvailiblity to check the organiser https://msdn.microsoft.com/en-us/library/aa494212(v=exchg.80).aspx would be the closest. I would say to make your application work correctly is you need an Service account that has been given at least read access to every users calendar, you can then make a call to get the organiser version of the Appointment which will also contain the user responses. If your using Office365 then the new REST Api does facilitate this in a more secure way eg demon apps https://blogs.msdn.microsoft.com/exchangedev/2015/01/21/building-daemon-or-service-apps-with-office-365-mail-calendar-and-contacts-apis-oauth2-client-credential-flow/
I'm trying to figure out how Websockets works. I read some articles, tutorials, etc and I have a pretty basic understanding of how it works, but there is one element that I can't understand how to implement.
My idea is the following : One user will load a "customer" page containing all informations of that customer + a discussion thread. If an other user load that same page, they will be able to discuss in real time and if one user update the data of the customer, the second one will see the update.
The thing that is bugging me, is how can I allow users to access a customer data, but by checking that they can access it (for example, users can access the customer of their group, not all customers)
How can I be sure that the current user will access a customer he has the right (in the websocket)?
Thank you for your help!
Think of the websocket connection itself as a separate thing. A socket used by a client can subscribe to many different events.
What you're describing is topics. When the websocket connection is established, you send a message using whatever socket framework you're using to subscribe to a topic. For example, it could be a topic called customer-123. (A analogy for a topic, is a chat room)
Your application logic (server side) will verify that the currently logged in user has permission to access customer 123, and if so, permits them to join this topic. If you don't do this, it would be trivial for users to listen to any messages relating to any data.
Whenever a user updates any data that is relevant to customer 123, a message is posted to that topic. And thus, any user who is in that topic will receive the message.
An socket might subscribe to many many topics for each customer they open in your app. And topics can be combined and managed in groups depending on how you want to send messages.
In a typical large app, it's common to have a websocket subscribe to topics like user-123, team-456 by default so the server can send messages to them individually or to the entire team to which they are a member of.
For example, if a user updates customer-123, I might send a full data object to the customer-123 topic, and if customer 123 belongs to team-456, I would also send a small notification object like 'User 789 has updated customer 123' to the entire team (which is what powers Facebooks feed like system).
As your app grows, you'll use services like notification hubs to manage the fact that there could be thousands of topics each with thousands of subscribers.
The best thing to do is share a session ID and set up authentication token policies between your web application and your socket session. You could set up your own policy middleware to check the session ID.
You aren't really clear about how you're trying to accomplish this. If you're using express/socket.io, you can use this module: https://www.npmjs.com/package/express-socket.io-session
Hope this helps!
Like any other production application, you need authentication (who is allowed to use the app) and authorization (what functionality can a authenticated user perform). Authorization (ie, access control - ACL) is probably more precisely what you are looking for. Your app has to consult an authorization subsystem to see if the current user has access permission to edit/view another user's information.
This is not a trivial concern for many applications; security and privacy are important aspects of any web-based (distributed) application.
Currently I'm developing consoles in my webapp displaying user's running *nix application log (game servers) and I just want to make sure that one user can't access other user console by guessing topic name.
I'm using random generated string of 16 chars 0-9, A-Z, a-z, changing on every refresh of page, valid for 30min for each topic name.
Every user of webapp in crossbar config have access to subscribe any topic.
I wanted to set for each user to only subscribe to his/hers console topic but I think that dynamic config for crossbar is not yet implemented.
Is this implementation is enough for privacy of users or it's possible for subscriber to list other subscibers and my work with unique topic names is pointless?
It is indeed possible for subscribers to list other subscribers - via subscription meta-procedures.
Regarding your topic structure - you're doing something like
com.myapp.userlog.user34KUIK567878
com.myapp.userlog.userAHH78738J899
and want to prevent users from being able to subscribe to any channel but their own?
For this you can use a dynamic authorizer - see http://crossbar.io/docs/Authorization/
The dynamic authorizer is called on each subscription (& publish, call, register) request and can then accept or reject this request. It has access to the session data so that you can identify the user.