Hello,
I am building an asp.net application that uses windows authentication to authenticate users and need to access logged-in user’s mailbox on behalf of the user by using EWS.
One option is to use the procedure explained in the following article to configure impersonation for a service account, so the asp.net application can impersonate all users:
Configuring Exchange Impersonation (Exchange Web Services): http://msdn.microsoft.com/en-us/library/bb204095(EXCHG.80).aspx
The problem is that granting the services accounts to access all mailboxes is a big security concern in our organization.
Is there any other option that let my asp.net application code work on logged-in user’s mailbox? I am asking because I know OWA web application can access users’ mailbox in single sign on scenarios and I wonder how my application do the same thing.
Thank you,