Office 365 SSO - Using smart links or IdP initiated authentication with Office 365

There is a good wiki page explaining how to set smart links. I followed the same, and was still getting error after redirecting to Office 365. After debugging, I figured out what was going wrong.

As per the wiki page, we need to remove QS parameter “bk”. However, I had to remove one more QS parameter “ct” similar to “bk”. I tried to access the service through the normal way at two different times and traced the requests and figured out what was different at both times. Both times, I found values for “bk” and “ct” to be different. So this means that we need to remove these from the smart link.

If you are programmatically trying to generate the URL, then you should be able to even set the value of the QS parameters dynamically. I think the value is total seconds since 1/1/1970. I haven’t tried out this myself yet. So please use this with caution. C# code snippet which could help in this situation is given below.

TimeSpan t = (DateTime.UtcNow - new DateTime(1970, 1, 1));
int timestamp = (int) t.TotalSeconds;
Console.WriteLine(timestamp);

Office 365 SSO Error - Your organization could not sign you into the service

While configuring SSO for Office 365, I ran into this issue of “Your organization could not sign you into the service”. I looked at the documentation provided here, however there were issues in those commands. However, the help provided there and some other blogs/forums helped me to resolve the problem.

Run the following command to see if the configuration matches between ‘ADFS Server’ and ‘Microsoft Office 365’.

> Get-MsolFederationProperty –DomainName YourDomain.com

Initially, I thought everything matches. However, with close inspection, I figured out some minor mismatches (even things like one string doesn’t end with a ‘/’). We need to get everything to match exactly the same to avoid the issue. As per the suggestion, I tried to run the following command to get this fixed.

> Update-MsolFederatedDomain -DomainName YourDomain.com –SupportMultipleDomain

Still, I found the ‘FederationServiceIdentifier’ to be different between ADFS Server and O365.

Then I updated the service identifier on ADFS Server, by going to through ‘AD FS 2.0 Management’ in administrative tools.

• Open ‘AD FS 2.0 Management’
• Right click and select ‘Edit Federation Service Properties’ from ‘Service’ node under ‘AD FS 2.0’
• Change the required properties to match what you need. :)

Customized Contrib SSL Jar file

You can find a custom version of the Contrib SSL jar file here.

Consuming Exchange Web Service from Java – Proxy Generation

Download the WSDL and supporting files from your exchange server. Replace https://www.outlook.com/ with your exchange server details.

• https://www.outlook.com/ews/Services.wsdl
• https://www.outlook.com/ews/messages.xsd
• https://www.outlook.com/ews/types.xsd

Add service definition to Services.wsdl file

<wsdl:service name="ExchangeServices">
    <wsdl:port name="ExchangeServicePort" binding="tns:ExchangeServiceBinding">
      <soap:address location="https://www.outlook.com/EWS/Exchange.asmx"/>
    </wsdl:port>
  </wsdl:service>
</wsdl:definitions>

Modify the import statement in types.xsd file as follows.

<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2009/01/xml.xsd" />

Now we are good to build the proxy files. Issue the following command to generate the ANT build file and java source files. Once you make further changes to the schema files and do not want to overwrite the build.xml file, you can use ‘--noBuildXML’ option for wsdl2java.

wsdl2java -u -uri Services.wsdl

When you build the files using, ANT, it gives compilation errors. I am not sure, why Axis fail to generate the files correctly. What I have done is to define the member variable for ‘localPathTracker’ in each of those files.

Consuming Exchange Web Service from Java – Setup Environment

• Install following
• JDK (1.5 or above)
• Apache Axis2 (I used Axis 1.4.1)
• Apache Ant
• Configure following environment variables
• JAVA_HOME
• AXIS2_HOME
• ANT_HOME
• Append following to PATH
• %JAVA_HOME%\bin;%AXIS2_HOME%\bin;%ANT_HOME%\bin
• Ensure that you can run the following commands from command line
• java
• wsdl2java
• ant

Consuming Exchange Web Service from Java

I had to get the Exchange Web Service (Exchange Version: 2010) APIs consumed from a Java program. Here is a set of preconditions, that I had, to start working on this.

• Need to use Apache Axis2 web service stack, version 1.4
• Consume mail and calendar APIs from Java

I did some research on any existing work for the same. I couldn’t find anything specific for Axis2. However, I found this great wiki page from imap2exchange project, which explains how to do it from Metro. In this blog series, I am trying to put together the sequence of actions I had to do to get the proxy code working from Axis2.

To get the email from user’s inbox, I had to do the following sequence.

1. Setup your development environment
2. Customize the WSDL & Schema to get Axis2 generate the proxy
3. Fix compilation issues of Axis2 generated proxy
4. Remove some namespace attaching in the request to avoid EWS complaining about the request format
5. Edit the schema to resolve bugs in Axis2, regenerate proxy code and fix compilation issues

Back to blogging

Title could be little confusing. When I say back to blogging, I wasn’t blogging so frequently earlier. So that is probably a partially correct sentence. What I want to say is, I am starting to blog again now. :)