2
votes

Just to be clear before continuing: using PHP's built-in SOAP class is unfortunately not an option here (production server's PHP is not built with it, and won't be).


I'm trying to use EWS to allow me to authenticate users for a completely external server application. LDAP authentication has been disallowed. I have verified my EWS wsdl is correct via http://www.testexchangeconnectivity.com/, a Microsoft autodiscover tool. The contents of the WSDL can be found here: http://pastebin.org/214070

The server is using SSL, and is using the default authentication method for EWS of "NTLM".

I've tried various code examples around the web, unfortunately I'm not well-versed in XML, SOAP, or cURL (which is pretty much all of the technology being used here). The current iteration of my code is found below:

<?php

include_once('./lib/nusoap.php');

$username = '[email protected]';
$password = 'password';
$ews_url  = 'https://owa.example.com/EWS/Exchange.asmx';
$soapclient = new nusoap_client($service, true);
$soapclient->setCredentials($username, $password, 'ntlm');
$soapclient->setUseCurl(true);
$soapclient->useHTTPPersistentConnection();
$soapclient->setCurlOption(CURLOPT_USERPWD, $username.':'.$password);
$soapclient->soap_defencoding = 'UTF-8';

$params  = '<FindItem xmlns="http://schemas.microsoft.com/exchange/services/2006/messages"';
$params += ' xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types" Traversal="Shallow">';
$params += '    <ItemShape>';
$params += '        <t:BaseShape>IdOnly</t:BaseShape>';
$params += '        <t:AdditionalProperties>';
$params += '            <t:FieldURI FieldURI="message:From"/>';
$params += '            <t:FieldURI FieldURI="item:Subject"/>';
$params += '            <t:FieldURI FieldURI="message:IsRead"/>';
$params += '            <t:FieldURI FieldURI="item:DateTimeReceived"/>';
$params += '            <t:FieldURI FieldURI="calendar:Start"/>';
$params += '            <t:FieldURI FieldURI="calendar:End"/>';
$params += '            <t:FieldURI FieldURI="calendar:Location"/>';
$params += '            <t:FieldURI FieldURI="task:Status"/>';
$params += '            <t:FieldURI FieldURI="task:DueDate"/>';
$params += '        </t:AdditionalProperties>';
$params += '    </ItemShape>';
$params += '    <IndexedPageItemView Offset="0" MaxEntriesReturned="5" BasePoint="Beginning"/>';
$params += '    <ParentFolderIds>';
$params += '        <t:DistinguishedFolderId Id="inbox"/>';
$params += '    </ParentFolderIds>';
$params += '</FindItem>';

$operation = 'FindItem';
$namespace = '';
$soapAction = '';
$headers = false;
$result = $soapclient->call($operation, $params, $namespace, $soapAction, $headers);
echo '<pre>'; print_r($result); echo '</pre>';

if($soapclient->fault){
    echo 'FAULT: ';
    echo '<pre>'; print_r($result); echo '</pre>';
}else{
    $err = $soapclient->getError();
    if ($err) {
        echo '<p><b><u>Error</u>:</b><br />' . $err . '</p>';
    }else{
        echo 'Connection succeeded.';
    }
}
?>

The actual issue I am having is that NuSOAP is returning a generic error message of: "no operations defined in the WSDL document!". From the looks of the WSDL, this seems incorrect and makes me believe I'm missing something in code. If I remove the actual client call in the code ($soapclient->call(...)), the code prints out "Connection succeeded.", but it does this with or without the attempted NTLM authentication code.

I've also tried using the "php-ews" project on my development machine (even though the same code would not work on the production server) and was also unable to access anything without receiving an error.

If anyone has any experience with any of these technologies and might be able to point out some clarification (or possible errors) I would greatly appreciate it. If any further clarification is needed on my part, please let me know.

UPDATE 1: It seems one error in loading the WSDL is the NTLM Authentication. Using cURL alone (no NuSOAP) I was able to access the WSDL file and find out the server is redirecting to a different endpoint location (.../EWS/Services.wsdl).

Unfortunately, I've tried using the NuSOAP library's cURL ability and setting the same options through NuSOAP, and I am still getting the same generic error message as if NuSOAP is just unable to see/view/access the WSDL file. I believe it may still be NTLM Authentication as the cURL version takes a few moments to return (NTLM it a multi-step handshake process), whereas the NuSOAP client code is immediately returning the error message.

1
I've created a topic at the NuSOAP "forum" on SourceForge hoping that perhaps snichols will see it and be able to assist. It contains a bit more information as well. It can be found at: sourceforge.net/projects/nusoap/forums/forum/193578/topic/…BrendonKoz
I've now started a topic at the Exchange Developer Forums as well to hopefully get some further insight. social.technet.microsoft.com/Forums/en-US/…BrendonKoz

1 Answers

2
votes

There's a few things you'll want to look at here.

  1. There's an error in your call to the actual soap_client. You defined the endpoint in a variable called $ews_url, but then called the constructor with $service.

  2. Why are you adding a string to a string in your $xml variable - perhaps in your haste you meant to concatenate instead? (operators: + vs .)

  3. Using the following Wiki information directed to working with EWS in Java, it seems that Microsoft has yet again blundered in their implementation of a common protocol. The modification of types.xsd in this Wiki actually causes a problem, so ignore that change, but downloading a local copy of Services.wsdl and modifying it to point to your own server seems to work properly. http://www.bedework.org/trac/bedework/wiki/ExchangeWSlink text

The following code should work, so long as you have downloaded a local copy of your types.xsd, messages.xsd, and Services.wsdl - and modified the Services.wsdl file to add the required information relevant to your server. Make sure the local copies of those files are in the same folder on your server.

<?php
    include_once('./lib/nusoap.php');

    $username = '[email protected]';
    $password = 'password';
    $endpoint = 'http://your.local.version/of/Services.wsdl';
    $wsdl = true;
    $soapclient = new nusoap_client($endpoint, $wsdl);

    $soapclient->setCredentials($username, $password, 'ntlm');

    $xml  = '<FindItem xmlns="http://schemas.microsoft.com/exchange/services/2006/messages"';
    $xml .= ' xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types" Traversal="Shallow">';
    $xml .= '   <ItemShape>';
    $xml .= '       <t:BaseShape>IdOnly</t:BaseShape>';
    $xml .= '       <t:AdditionalProperties>';
    $xml .= '           <t:FieldURI FieldURI="message:From"/>';
    $xml .= '           <t:FieldURI FieldURI="item:Subject"/>';
    $xml .= '           <t:FieldURI FieldURI="message:IsRead"/>';
    $xml .= '           <t:FieldURI FieldURI="item:DateTimeReceived"/>';
    $xml .= '           <t:FieldURI FieldURI="calendar:Start"/>';
    $xml .= '           <t:FieldURI FieldURI="calendar:End"/>';
    $xml .= '           <t:FieldURI FieldURI="calendar:Location"/>';
    $xml .= '           <t:FieldURI FieldURI="task:Status"/>';
    $xml .= '           <t:FieldURI FieldURI="task:DueDate"/>';
    $xml .= '       </t:AdditionalProperties>';
    $xml .= '   </ItemShape>';
    $xml .= '   <IndexedPageItemView Offset="0" MaxEntriesReturned="5" BasePoint="Beginning"/>';
    $xml .= '   <ParentFolderIds>';
    $xml .= '       <t:DistinguishedFolderId Id="inbox"/>';
    $xml .= '   </ParentFolderIds>';
    $xml .= '</FindItem>';

    $operation = 'FindItem';
    $result = $soapclient->call($operation, $xml);
    echo '<pre>'; print_r($result); echo '</pre>';
?>

The solution all seems to stem from having a local copy of the main SOAP reference files, and fixing the Services.wsdl file. If you had access to the Exchange server, you might be able to modify the Services.wsdl file and everything could have worked as expected without all of this hassle. I cannot verify this, unfortunately.