我们有一个奇怪的问题,我们有单点登录,我们正在尝试从Exchange ews webservice获取未读的电子邮件数,问题是它总是得到所有用户的实际数量,这实际上是服务器用户。
'it should now get for current user who requested the page
'but its always for server user where sharepoint is installed
Public Sub GetUnreadEmailCount()
Dim errormsg As String = String.Empty
Dim UnreadCount As Integer = 0
Dim esb As New ExchangeServiceBinding
Try
esb.RequestServerVersionValue = New RequestServerVersion
esb.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1
esb.UseDefaultCredentials = True
esb.Url = Domain + "/EWS/Exchange.asmx"
ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf CertificateValidationCallBack)
Dim biArray(1) As BaseFolderIdType
Dim dfFolder As New DistinguishedFolderIdType
dfFolder.Id = DistinguishedFolderIdNameType.inbox
biArray(0) = dfFolder
Dim geGetFolder As New GetFolderType
geGetFolder.FolderIds = biArray
geGetFolder.FolderShape = New FolderResponseShapeType
geGetFolder.FolderShape.BaseShape = DefaultShapeNamesType.AllProperties
Dim gfResponse As GetFolderResponseType = esb.GetFolder(geGetFolder)
Dim rmta As ResponseMessageType() = gfResponse.ResponseMessages.Items
Dim rmt As FolderInfoResponseMessageType = DirectCast(rmta(0), FolderInfoResponseMessageType)
If rmt.ResponseClass = ResponseClassType.Success Then
Dim folder As FolderType = DirectCast(rmt.Folders(0), FolderType)
UnreadCount = folder.UnreadCount
End If
Label1.Text = vbCrLf + "Unread email count : " + UnreadCount.ToString
' Return UnreadCount
Catch ex As Exception
If Not ex.Message Is Nothing Then errormsg = ex.Message
Try
If Not ex.InnerException.Message Is Nothing Then errormsg = errormsg + " : " + ex.InnerException.Message
Catch e As Exception
End Try
Finally
If esb IsNot Nothing Then esb.Dispose() : esb = Nothing
If Not errormsg = String.Empty Then
Label1.Text = vbCrLf + "Error : " + errormsg
End If
End Try
End Sub
答案 0 :(得分:1)
我们实际上遇到了同样的问题,尽管我们没有使用单点登录。所以我不确定这正是你所经历的。
问题是,计算机A 上的用户无法将凭据提供给计算机B (SharePoint?),然后计算机B 将这些凭据发送到计算机C
它被称为“双跳”问题并且是一个安全功能,但我并没有真正涉及它的技术方面。我们的解决方案是使用Kerberos。
我希望这可以帮助您,如果没有,它可以帮助您排除这个特定问题:)
答案 1 :(得分:0)
您的服务器端代码作为AppPool的身份运行,这是您的sharepoint服务帐户。我假设“服务器用户”的意思是'
esb.UseDefaultCredentials = true;
将使用上下文的信用。我不确定EWS服务中可用的内容,因此如果您可以使用更高权限的帐户并根据进入的用户获取,即HttpContext.Current.User.Identity作为参数那么这可能是最好的方式。
您可以通过javascript直接向EWS服务进行身份验证,完全跳过服务器端代码,然后编写消耗&根据需要显示服务器内容。
您需要找到一种方法来直接授权用户使用EWS服务。双跳是NTLM的问题,因为您的NTLM票证仅对第一跳有效。 Kerberos修复了这个问题,但您仍需要模拟。