Sharepoint is not getting the current NetworkCredential user from the active directory
We have a strange problem: we have one single and we are trying to get an unread email account from Exchange ews webservice, the problem is that it always gets the same account for the whole user, which is actually the server user.
'it should now get for current user who requested the page 'but its always for server user where sharepoint is installed Public Sub GetUnreadEmailCount() Dim errormsg As String = String.Empty Dim UnreadCount As Integer = 0 Dim esb As New ExchangeServiceBinding Try esb.RequestServerVersionValue = New RequestServerVersion esb.RequestServerVersionValue.Version = ExchangeVersionType.Exchange2007_SP1 esb.UseDefaultCredentials = True esb.Url = Domain + "/EWS/Exchange.asmx" ServicePointManager.ServerCertificateValidationCallback = New RemoteCertificateValidationCallback(AddressOf CertificateValidationCallBack) Dim biArray(1) As BaseFolderIdType Dim dfFolder As New DistinguishedFolderIdType dfFolder.Id = DistinguishedFolderIdNameType.inbox biArray(0) = dfFolder Dim geGetFolder As New GetFolderType geGetFolder.FolderIds = biArray geGetFolder.FolderShape = New FolderResponseShapeType geGetFolder.FolderShape.BaseShape = DefaultShapeNamesType.AllProperties Dim gfResponse As GetFolderResponseType = esb.GetFolder(geGetFolder) Dim rmta As ResponseMessageType() = gfResponse.ResponseMessages.Items Dim rmt As FolderInfoResponseMessageType = DirectCast(rmta(0), FolderInfoResponseMessageType) If rmt.ResponseClass = ResponseClassType.Success Then Dim folder As FolderType = DirectCast(rmt.Folders(0), FolderType) UnreadCount = folder.UnreadCount End If Label1.Text = vbCrLf + "Unread email count : " + UnreadCount.ToString ' Return UnreadCount Catch ex As Exception If Not ex.Message Is Nothing Then errormsg = ex.Message Try If Not ex.InnerException.Message Is Nothing Then errormsg = errormsg + " : " + ex.InnerException.Message Catch e As Exception End Try Finally If esb IsNot Nothing Then esb.Dispose() : esb = Nothing If Not errormsg = String.Empty Then Label1.Text = vbCrLf + "Error : " + errormsg End If End Try End Sub
source to share
We had the same problem, although we didn't use one sign. So I'm not sure if this is exactly what you are experiencing.
The problem is that you cannot have User Machine A provide their credentials to Machine B (SharePoint?) And then Machine B send those credentials to Machine C
It is referred to as a "double hop" problem and is a safety feature, however I am not getting into the technical side. Our solution was to use Kerberos.
Hope it helps you, if not, it helps you eliminate this problem :)
source to share
Your server side code works like the AppPool ID, which is your sharepoint service account. I am assuming you mean "server user".
esb.UseDefaultCredentials = true;
will use the creds of the context. I'm not sure what is available in EWS, so if you can use a higher privileged account and rely on user login, i.e. HttpContext.Current.User.Identity as a parameter, then this might be the best way.
You will need to find a way to directly connect the user to the EWS. Double-hop is a problem with NTLM since your NTLM ticket is only valid for the first hop. Kerberos fixes this, but you still need to impersonate it.
source to share