Is it possible to use Impersonation in EWS without using the Managed API?
I read through this page, and it doesn't seem to help.
I want to be able to create events on user's calendars by sending SOAP requests, rather than using the managed API.
Sure using Impersonation just involves setting the Impersonation SOAP header eg
<soap:Header>
<t:ExchangeImpersonation>
<t:ConnectingSID>
<t:PrimarySmtpAddress>alisa#contoso.com</t: PrimarySmtpAddress>
</t:ConnectingSID>
</t:ExchangeImpersonation>
</soap:Header>
I would suggest https://msdn.microsoft.com/en-us/library/office/dn722378(v=exchg.150).aspx is a better reference
cheers
Glen
Related
There is need to send from my SP to IdP SAML AthnRequest over HTTP-POST and HTTP-Redirect is not allowed.
Good package is aacotroneo/laravel-saml2 but it does not support HTTP-POST.
simplesamlphp/simplesamlphp is popular but it is a mess to use.
What library to use for proper SAML integration in Laravel that supports HTTP-POST requests to IdP?
With some effort you should be able to modify https://github.com/aacotroneo/laravel-saml2 to send AuthNRequest using HTTP-POST.
Instead use directly the login method of php-saml that you can find here
https://github.com/onelogin/php-saml/blob/master/lib/Saml2/Auth.php#L428
you can execute the code described there and do a POST instead of a GET, if you need to support signature, you will need to embed it.
The alternatives is https://github.com/KnightSwarm/laravel-saml
https://packalyst.com/packages/package/aherstein/laravel-saml2-post is the library that has been forked from aacotroneo/laravel-saml2 and modified to send POST requests.
I am working on a webapi core and have few methods within it. This is a restful web api.
I don't want a situation where people will grab my uri and start using it. I want only
authenticated users to have access to the webapi. I am new to this. I am using the webapi core.
A xamarin.forms app will be using this webapi.
I will appreciate some directions on how I can secure this.
I would suggest you below approach
User DB - either Identity or custom store
Authorize your web api controller
Use JWT for generating JSON web token and validating them.
Provide access if only JWT validates. Excellent support in ASP.NET Core API
Provide Login (token generator API endpoint), pass JWT for further API calls as Authorization header
I think this REST Security Cheat Sheet can be useful
https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/REST_Security_Cheat_Sheet.md
Im writing a application for outlook, front-end Angular, backend Web API.
I'm successfully getting access-token using adal in front-end, sessionStorage is:
adal.access.token.keyxxxxx6b-xxxx-xxxx-xxxx-376xxxx9c09:"Access-token"
adal.error:""
adal.error.description:""
adal.expiration.key:"0"
adal.expiration.keyxxxxx6b-xxxx-xxxx-xxxx-376xxxx9c09:"1482073764"
adal.idtoken:"access-token"
adal.login.error:""
adal.login.request:"http://localhost:8080/"
adal.nonce.idtoken:"xxxxx6b-xxxx-xxxx-xxxx-376xxxx9c09"
adal.session.state:"86xxxxxd-xxxx-480b-xxxx-34923xxxx918"
adal.state.login:"9axxxxxx-xxxx-xxxx-xxxx-360xxxxxx94"
adal.token.keys:"xxxxx6b-xxxx-xxxx-xxxx-376xxxx9c09|"
adal.token.renew.statusxxxxx6b-xxxx-xxxx-xxxx-376xxxx9c09:"Completed"
Now i'm sending access-token to backend, and i want to get messages from outlook API, but how can i do it.
Searched for outlook REST api, and tested using POSTMAN, but not working.(401 error)
Get https://outlook.office.com/api/v2.0/me/messages
Authorization: Bearer access-token
Accept: application/json
Any suggestions on how to do this?
Thanks in advance.
It looks like you are trying to complete the on-behalf-of flow.
This is where a front-end API gets an access token to a middle tier service, which subsequently gets an access token to a back-end API. Let's assume that the token from the front-end to the middle tier has user context. You are able to get a token from the middle tier, to the back-end using the same user context, by requesting a new access token using the original access token.
Here are more details on the flow: Find the section titled Delegated User Identity with OAuth 2.0 On-Behalf-Of Draft Specification
Here is a code sample integrating this flow:
https://github.com/Azure-Samples/active-directory-dotnet-webapi-onbehalfof
Just to note, in this specific case, that the 401 error implies that you do not have the correct permissions for calling and accessing the API you want. Can you make sure you have selected the right permissions for the resource you want to access, for the client that you are accessing it with?
I hope this is what you are looking for!
I am trying to authenticate SOAP service via node.js (node-soap/ws.js) modules. I also tried using ajax call. But I did not find any success.
Any help regarding this would be appreciated.
I'm experiencing the popular Security Sandbox violation...
I use Google Maps Flex API and now i want to access the Google Geocoding API . For this , i use the HTTPService :
<s:HTTPService id="geo_req" url="http://maps.googleapis.com/maps/api/geocode/xml?address={i_address}" result="geo_req_resultHandler(event)" />
But i got Sandbox Security violation . So i've created crossdomain.xml as :
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
I use WAMP server and can access the file by typing http://localhost/crossdomain.xml ...
Still i can't access the url.
How can i get rid of this ?
You need to put the CrossDomain.xml file on the domain you're sending the request to.
why don't you use the existing class ClientGeoCoder to geocode your address, instead of making an HTTP request to the Google site?
Do you successfully run the example on this link: http://code.google.com/p/gmaps-samples-flash/source/browse/trunk/samplecode/GeocodingSimple.mxml ?