success finally–custom STS to office 365 for thick clients


The right panel of next graphic shows 2 last lines induced by the code on the left. The first has a 401 response from office asking that the client authenticate, given its request to list the mailbox contents of a particular (as yet unauthenticated) user. The second passes the basic credentials of the user to the microsoft online environment, which duly allows the mailbox transaction to proceed, having authenticated the user. The response value of the latter shows the mailbox values (of the now authenticated user).

image

When we look at our time-stamped STS logs, we can see what happened behind the scenes:

image

with the result sent back to the requesting microsoft online service being

image

Note that 5 and 6 in the trace are our accessing the website, to view the traces. Note their ping on mex and fed, after the initial RSTR is request and delivered. One sees the design of the control plane, wanting the signed metadata (fed) to CONTINUE to support the choice of mex address registered for the domain, no doubt.

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in office365. Bookmark the permalink.