MailBee. NET Objects Tutorials

Windows integrated authentication

Using Windows Integrated Authentication (sort of NTLM secure authentication) allows you to log in the account on the mail server using the credentials of the currently logged Windows user. Thus, the application does not need to request this information from the human user.

The sample below connects to the POP3 server and attempts to log into the user account using Windows Integrated Authentication (the sample tries this method even if the server does not officially claim it supports this method of authentication):

C#

Pop3 pop = new Pop3();
pop.Connect("mail.domain.com");
pop.Login(null, null, AuthenticationMethods.SaslNtlm, AuthenticationOptions.TryUnsupportedMethods, null);
pop.Disconnect();

VB.NET

Dim pop As New Pop3() 
pop.Connect("mail.domain.com")
pop.Login(Nothing, Nothing, AuthenticationMethods.SaslNtlm, AuthenticationOptions.TryUnsupportedMethods, Nothing)
pop.Disconnect()

Please note, using Windows Integrated Authentication requires Native Code permission granted to .NET application. By default, web applications do not have such permission. You should either add MailBee.NET.dll into GAC (for instance, MailBee.NET Objects setup program does this) or you can set trust level to Full in web.config of your web application:

<system.web>
  <securityPolicy>
    <trustLevel name="Full"/>
  </securityPolicy>
</system.web>

Also, make sure machine.config allows overriding trust level in web.config. In machine.config, allowOverride must be true:

...
<location allowOverride="true">
  <system.web>
...

However, Windows Integrated Authentication cannot be used when IIS is configured to use "Anonymous access" during authentication. When "Anonymous access" is enabled, IIS uses Internet Guest User account instead of the account of the human user accessing the application.

In order to configure your IIS to use your Windows account rather than Internet Guest User account, follow the next steps:

1. open Internet Services Manager administrative tool

2. select the web site or virtual folder of your application and open Properties dialog

3. select Directory Security tab and then click Edit

4. clear Anonymous access checkbox and set Windows Integrated authentication one