Exchange 2000 Outlook Web Access Basic Authentication
Outlook Web Access (OWA) is a hypertext Transfer Protocol (HTTP) virtual server that enables users to access their Microsoft Exchange inbox using a Web browser. You install and configure OWA during the Microsoft Exchange Server 2000 installation process. By default, the Exchange Server setup process installs the OWA application to a virtual directory named "Exchange" in the default Web Site. For more information about OWA, see the Microsoft Exchange Server 2000 and Internet Information Services documentation.
You can use the authentication functionality of the Commerce Server 2002 AuthFilter to protect your OWA application. To accomplish this, you must install OWA and your Commerce Server Solution Site on the same Internet Information Services (IIS) Server. Because AuthFilter protects at the virtual root level, you must install your Commerce Server Solution Site one level above the Exchange 2000 OWA application. This allows AuthFilter to intercept requests for the Exchange OWA application, and therefore protects both the OWA application and the Commerce Server site.
The following instructions describe how to unpack your site to the virtual root level of the Default Web Site. By default, the quick unpack option of Site Packager installs a Commerce Site to a directory one level below the Default Web Site. Therefore, you must use the custom unpack option of Site Packager to unpack your Commerce Server site to the Default Web site level (one level above the OWA application). For more information about using the custom unpack option of Site Packager, see Unpacking a Site Using Custom Properties.
The following instructions specify the default settings except when a specific step is required to configure OWA for integration with Commerce Server.
- Click Start, point to Programs, point to Microsoft Commerce Server 2002, and then click Commerce Site Packager.
- In the Welcome to the Commerce Server Site Packager dialog box, select Unpack from a package file (.pup), and then click Next.
- In the Unpack dialog box, type the path and file name of the file you want to unpack, or click the Browse button.
If you clicked the Browse button, in the Open dialog box, navigate to the folder that contains the file you want to unpack, select the file, and then click Open.
- In the Unpack dialog box, select Custom unpack, and then click Next.
- In the Unpack Method dialog box, select Create a new site, and then click Next.
- In the Site Name dialog box, type the name for the new site or accept the default value, and then click Next.
- In the Select Resources dialog box, click Next.
- In the Global Resource Pointers dialog box, click Next.
- In the Database Connection Strings dialog box, click Next.
- In the Select Applications dialog box, click Next.
- In the Select IIS Computers, Web Sites and Paths dialog box, delete the text in the IIS path text box, and then click Next.
- To unpack the Commerce site to the virtual root directory level of the Default Web site, this text box must be empty.
- Two message boxes appear. Read the messages and then click Yes.
- If the Data Warehouse dialog box appears, click OK.
- In the Profiling System dialog box, click Next.
- In the second Profiling System dialog box, click Next.
- In the Commerce Server Site Packager dialog box, click OK.
- In the Unpacking is complete! dialog box, click Finish.
- Click Start, point to Programs, point to Microsoft Commerce Server 2002, and then click Commerce Server Manager.
- Expand Commerce Server Manager, expand Commerce Sites, and then expand the Commerce site that you want to configure.
- For example, by default, the name of the Retail solution site is Retail.
- Expand Applications, right-click the application you are configuring, and then click Properties.
- In the <sitename> Properties screen, on the General tab, do the following:
Use this To do this Set cookie path to application Clear this check box. Authentication filter From this drop-down list, select Windows Authentication. IIS application path Ensure that this text box contains a forward slash (/) only.
- Setting the IIS application path to a forward slash (/) configures AuthFilter for this application at the virtual root directory of the Default Web Site, which is one level higher than the virtual directory where the Exchange 2000 OWA application resides. By default, the Exchange 2000 OWA application installs in a virtual directory named "Exchange" in the Default Web Site.
- Click OK.
- Restart IIS. For information about restarting IIS, see Restarting IIS and Commerce Server Services.
- If you use the net stop iisadmin command to stop the IIS service, and have already installed Microsoft Exchange Server 2000, you must restart the SMTP, NNTP, and Exchange services independently of the net start ww3svc command. This is because the net stop iisadmin command stops these services when stopping IIS, but the net start ww3svc command does not restart them.
These services are listed in the following table:
Service To restart from the command line Microsoft Exchange Routing Engine Type net start RESvc. Microsoft Exchange POP3 Type net start POP3Svc. Microsoft Exchange IMAP4 Type net start IMAP4Svc. Microsoft Exchange Information Store Type net start MSExchangeIS. Microsoft Exchange MTA Stacks Type net start MSExchangeMTA. World Wide Web Publishing Service Type net start w3svc. Simple Mail Transport Protocol (SMTP) Type net start SMTPSVC. Network News Transport Protocol (NNTP) Type net start NntpSvc.
- To verify the setting for the virtual root of IIS site, in Commerce Server Manager, expand Internet Information Services, and then expand <server name>.
- Right-click Default Web Site, and then click Properties.
- On the Home Directory tab, verify that the IIS application path text box contains a forward slash (/) only.
- On the ISAPI Filters tab, ensure that CSAuthFilter is listed above the Microsoft Exchange Web Component ISAPI filter in the order list.
- Click OK.
- OWA for Exchange Server 2000 secures access to a site by using the IIS Basic Authentication method. As part of this authentication method, an IIS server variable, AUTH_USER, is populated with the user name. OWA uses AUTH_USER to determine which Exchange 2000 mailbox to open for the session.
- Because the IIS Basic Authentication method sends passwords over the network in clear text, it is recommended that you use a Secure Sockets Layer (SSL) connection between users and your login.asp page.
See AlsoCopyright © 2005 Microsoft Corporation.
All rights reserved.