Menu

#88 nhs.net OWA login

closed
nobody
None
5
2023-09-18
2013-04-29
No

NHSmail uses Microsoft Office Outlook Web Access and is accessed at https://web.nhs.net/portal/

Unfortunately, the login page has an extra obstacle. This is an on-screen keyboard for the first three letters of password entry.

I would like to request extra coding to make DavMail compatible with nhs.net.

Thanks for writing this helpful connector.

Related

Feature Requests: #88

Discussion

1 2 > >> (Page 1 of 2)
  • Mickael Guessant

    Looks like this on screen keyboard is just dumb client side script: the password field still exists but is hidden, it just concats field values to build standard field:

    document.getElementById("password").value = pwd1.value + pwd2.value;

    => DavMail may work even with this stupid javascript form !

     
  • Arnold Raynor

    Arnold Raynor - 2013-05-12

    I believe that the answer is somewhere in this source code for the login page https://web.nhs.net/CookieAuth.dll?GetLogon?curl=Z2Fportal&reason=0&formdir=5

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title>NHSmail</title>
    <meta http-equiv="Content-Type" content="text/html; CHARSET=utf-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" />
    <meta content="NOINDEX, NOFOLLOW" name="Robots" />
    <script src="/CookieAuth.dll?GetPic?formdir=5&amp;image=flogon.js" type="text/javascript"></script>
    <link href="/CookieAuth.dll?GetPic?formdir=5&amp;image=login.css" rel="stylesheet" type="text/css" />

    <link rel="stylesheet" type="text/css" href="/CookieAuth.dll?GetPic?formdir=5&amp;image=keyboard.css" />
    <!--[if IE]>
    <link href="/CookieAuth.dll?GetPic?formdir=5&amp;image=loginIE.css" rel="stylesheet" type="text/css" />
    <![endif]-->

    <script type="text/javascript" src="/CookieAuth.dll?GetPic?formdir=5&amp;image=keyboard.js" charset="UTF-8"></script>
    <script type="text/javascript">
    <!--

    var a_fGzpEnbl = 1;
    var g_fFcs = 1;

    function window_onload()
    {
    //Make user that the login page does not load in a frame
    if (top.location != location) {
    //top.location.href = document.location.href;
    top.location.href = "/";
    }
    onld();
    setFocus();
    document.getElementById("logonForm").setAttribute("autocomplete","off");
    }
    function setFocus() {
    if (document.getElementById("partUsername") != null && document.getElementById("partUsername").value == "")
    document.getElementById("partUsername").focus();
    else if (document.getElementById("password1") != null && document.getElementById("password1").value == "")
    document.getElementById("password1").focus();
    else if (document.getElementById("password2") != null && document.getElementById("password2").value == "")
    document.getElementById("password2").focus();
    }
    -->
    </script>
    </head>
    <body style="background-color:#ffffff;" onload="return window_onload();">
    <noscript>
    <div id="dvErr">
    <table cellpadding="0" cellspacing="0">
    <tr>
    <td><img src="/CookieAuth.dll?GetPic?formdir=5&amp;image=lgnerror.gif" alt="" /></td>
    <td style="width:100%">To use Microsoft Outlook Web Access, script must be enabled on your browser. For information about how to enable script, consult the Help for your browser. If your browser does not support script, you can download <a href='http://www.microsoft.com/windows/ie/downloads/default.mspx'>Microsoft Internet Explorer</a>.</td>
    </tr>
    </table>
    </div>
    </noscript>
    <form action="/CookieAuth.dll?Logon" method="post" id="logonForm">
    <input type="hidden" id="curl" name="curl" value="Z2Fportal" />
    <input type="hidden" id="flags" name="flags" value="0" />
    <input type="hidden" id="forcedownlevel" name="forcedownlevel" value="0" />

    <input type="hidden" id="formdir" name="formdir" value="5" />
    <div id="wwwLogin">
    <br /> <br />
    <p><strong>This service is for authorised users only. Anyone attempting unauthorised access will be considered for appropriate legal action.</strong></p> <br />
    <div></div> <br />

    <h2>Log in</h2>
    <div id="login">
    <div id="loginSection">

    <label for="username">Username:</label>
    <input class="username" type="text" id="partUsername" name="partUsername" onfocus="keyboardObject.VKI_close();" /> <br />
    <label for="password1">Password:</label>
    <div class="boxRight">
    <input class="password1 keyboardInput" type="password" id="password1" maxlength="3" onfocus="g_fFcs=0" onkeypress="return false;" onkeyup="return false;"/>
    <input class="password2" type="password" id="password2" onfocus="keyboardObject.VKI_close();g_fFcs=0"/>
    </div>
    <br /><br />

    <input class="wwwButton" id="SubmitCreds" type="submit" onclick="return clkLgn()" value="Log in" name="SubmitCreds" />
    <br />
    <span class="checkboxFieldPosition"><input id="rdoPblc" type="radio" name="trusted" value="0" onclick="clkSec()" checked="checked" /></span>
    <label class="labelLinePosition" for="rdoPblc">This is a public or shared computer</label><br />

    <div id="trPubExp" style="display:none">Select this option if you are connecting from a public computer. Be sure to log off and close all browser windows to end your session. Read about the <a href= 'http://go.microsoft.com/fwlink/?LinkId=65796'>security risks</a> of using a public computer.</div><br />
    <span class="checkboxFieldPosition"><input id="rdoPrvt" type="radio" name="trusted" value="4" onclick="clkSec()" /></span>
    <label class="labelLinePosition" for="rdoPrvt">This is a private computer</label><br />

    <div id="trPrvtExp" style="display:none">Select this option if you are the only person using this computer. This option provides additional time of inactivity before automatically logging you off.</div><br />
    <div id="trPrvtWrn" style="display:none"><B>Warning:</B> By selecting this option you acknowledge that the computer complies with your organisation's security policy.</div><br />
    <span class="checkboxFieldPosition"><input id="chkBsc" name="chkBsc" type="checkbox" onclick="clkBsc()" /></span>
    <label class="labelLinePosition" for="chkBsc">Tick this box if you require high contrast settings or have a slow internet connection</label><br />
    </div>
    <br />
    <br />

    <div id="keyboardContainer"></div>
    </div>

    </div>

    <input id="username" type="hidden" name="username" value="@nhs.net" />
    <input id="password" type="hidden" name="password" />
    </form>
    </body>
    </html>

     
  • Mickael Guessant

    Did you try to connect with DavMail ?

     
    • Arnold Raynor

      Arnold Raynor - 2014-09-11

      Hi Mickael, I would like to use DavMail from the internet. Have you been able to make this work?

       
      • Arnold Raynor

        Arnold Raynor - 2014-09-19

        Apologies, this reply should have been to Padraig Looney.

         
  • Padraig Looney

    Padraig Looney - 2013-06-24

    I have just connected to the nhs.net using DavMail from within the N3 network. That online keyboard thing appears when you are outside that network. I used the address

    https://outlook.nhs.net/ews/exchange.asmx

    I have experience using Java and am happy to help on this.

     
    • Arnold Raynor

      Arnold Raynor - 2014-09-19

      Dear Padraig, have you been able to make DavMail work from the internet?

       
  • Arnold Raynor

    Arnold Raynor - 2014-01-26

    Hello, I have attempted using davmail on both https://outlook.nhs.net/ews/exchange.asmx and on https://web.nhs.net/portal/ from the external internet and have been unable to make it work. Are there any more suggestions on how davmail could be made to work on nhs.net e-mail?

     
  • Mickael Guessant

    Well, you could try to send me a WIRE DEBUG log file at mguessan@free.fr for further investigation

     
  • Mickael Guessant

    According to autodiscover response, EWS endpoint is at:
    https://outlook.nhs.net/EWS/exchange.asmx

     
  • Arnold Raynor

    Arnold Raynor - 2014-11-29

    Dear Mickael,

    Thank you very much. The address which you have found with EWS in capital letters works!

    For reference and to help others, I am attaching screenshots of the DavMail and SeaMonkey configuration screens needed to set this up. For security, the user should use encryption on their hard drive. A user can become locked out of the server with this setup, and fixing this requires a password reset from within the internal network. I will try and find out how to avoid lock-outs.

    The EWS endpoint address was not obvious and this leads to a question: Could DavMail automatically search for and use the autodiscover response if the user supplies only the address for the outlook web login page?

    This is an extremely useful piece of software and I am very grateful that IMAP is now accessible again on this server. IMAP was previously available and despite reassurances that it would be maintained, it has been broken since 2009. DavMail repairs the fault which has been present for many years.

    Best regards,

    Arnold

     
  • Mickael Guessant

    DavMail already tries to autodiscover URL in case the user specified URL is wrong, however this does not always work.

    I intend to make Discover a full connection mode to automatically determine target Exchange server according to user name

     
  • Mickael Guessant

    • status: open --> closed
    • Group: --> Next Release (example)
     
  • Mickael Guessant

    Closing request: EWS endpoint is working as expected

     
  • Arnold Raynor

    Arnold Raynor - 2020-09-27

    This is an update to help others in using davmail on NHS.scot, which has replaced NHS.net for some users in 2020.

    • Check you have an E1 licence not an F3 (standard) licence.
    • Install Java from Oracle so that interactive logins can work with the embedded browser.
    • On the main tab the Exchange Protocol is O365Interactive and the URL is https://outlook.office365.com/EWS/Exchange.asmx
    • On the Encryption tab the ClientId is d3590ed6-52b3-4102-aeff-aad2292ab01c and RedirectUri is urn:ietf:wg:oauth:2.0:oob
    • Look out for and follow the instructions which appear in the pop-up browser.

    Screenshots are attached.

     
  • James P

    James P - 2020-10-14

    Hi Arnold,
    Was delighted to see your post above about the change to nhs.scot
    I followed oyur very clear instructions here and it still fails for me :(
    I never do get the blank page with the authentication code? I get a failure warnig about the system gettying a "GET" rather than a "POST" command?
    Have I done something obvious wrong?
    Is it to do with your first comment, i.e. the licence E1 or F3? what is this? How do I check.
    Apologies for my apparent stupidity but, I am very keen to get this working in Thunderbird/Davmail.
    Thanks for any specific help you feel able to offer.

    Kind regards,

    JAmes

     
    • Arnold Raynor

      Arnold Raynor - 2021-02-20

      Hi James,

      I don't know how to interpret the warnings about "GET" and "POST" commands.

      I googled "office 365 check licence". In short, the link seems to be https://portal.office.com/account/?ref=MeControl#subscriptions. If the licence is F3 then I don't think davmail will work.

       
      • James P

        James P - 2021-02-27

        Hi again Arnold,
        After my reported success with this I have just received E.Mail intimating that we will be changing to an F3 licence soon so, I guess from your comments above, this will put paid to Davmails connection?

        It was good while it lasted .

        All the best,
        James

        On Sat, 20 Feb 2021, at 06:42, Arnold Raynor wrote:

        Hi James,

        I don't know how to interpret the warnings about "GET" and "POST" commands.

        I googled "office 365 check licence". In short, the link seems to be https://portal.office.com/account/?ref=MeControl#subscriptions. If the licence is F3 then I don't think davmail will work.

        [feature-requests:#88] https://sourceforge.net/p/davmail/feature-requests/88/ nhs.net OWA login

        Status: closed
        Group: Next Release (example)
        Created: Mon Apr 29, 2013 04:07 PM UTC by Arnold Raynor
        Last Updated: Wed Oct 14, 2020 11:36 AM UTC
        Owner: nobody

        NHSmail uses Microsoft Office Outlook Web Access and is accessed at https://web.nhs.net/portal/

        Unfortunately, the login page has an extra obstacle. This is an on-screen keyboard for the first three letters of password entry.

        I would like to request extra coding to make DavMail compatible with nhs.net.

        Thanks for writing this helpful connector.

        Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/davmail/feature-requests/88/

        To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

        --
        Please note - This email and any attachment it may contain is for the
        individual to which it was originally addressed. If you are not the
        original intended recipient, you are notified that any disclosure,
        copying, alteration, distribution, publication or the taking of action
        in reliance on the contents is prohibited and may be an offence.

        Jkp@bronyaur.co.uk Personal
        jkpirie@gmail.com Business

         

        Related

        Feature Requests: #88

  • James P

    James P - 2021-02-22

    Hello Arnold,
    Well, against all odds, I have managed to get this to work. Initially I suspected it was something to do with my java version but still not convinced this was it. Howvere, I replaced my java with the recommended Zulu version and tried again. This time I got a digital token back through an error window in Opera browser. The other browsers don't even offer this much interaction. I copy the login token from this error window and paste it into the DAVmail interactive login dialogue that pops up when I try and log in to nhs.scot.
    Sadly though this also fails with another, new, error message in the logs.
    So, like a good little Linux user, I check the log files and find that it is complaining that my login name does not match the name on record at the server??
    Odd I thought so, on digging deeper it seems that we (Scottish Ambulance staff anyway!) have two login Identities. One is our email address which is the standard format of user.name@nhs.scot and the other has an extra piece after the @ so it becomes user.name@sas.nhs.scot
    I replaced my login name with the latter and was immediately logged in and all is working as it did with the previous nhs.net login.
    I am happy about this but wonder if the information I have uncovered here may be of use to others in my position? If so, where does one put info like this?
    The link I am using in davmail is:
    https://outlook.office365.com/EWS/Exchange.asmx
    with a Client ID of:
    d3590ed6-52b3-4102-aeff-aad2292ab01c
    and a Redirecturi of:
    urn:ietf:wg:oauth:2.0:oob

    All of which I got from your thread above I think?

    Anyway, I have it working in Linux and Windows 10 so all is, for now, well with the world :)

    Thanks for your response.

    James

     
    • Arnold Raynor

      Arnold Raynor - 2021-09-18

      Yes, my login user name also has the format of firstname.lastname@institution.nhs.scot. The e-mail address does not have the institution.

       
  • Roland

    Roland - 2021-03-11

    Hello,

    i would just want to ask for confirmation regarding the F3 License. We have the same license, and before MFA activation, davmail worked like a charm (thanks @mguessan!).

    Now, from James above, i understand that he got davmail working with an F3 license, is that correct?

    I have entered the ClientI D as above, the log says,
    ...
    2021-03-11 17:04:20,218 DEBUG [ImapConnection-57622] davmail.exchange.auth.O365Token - Authenticated user e-Roland...@x.eu from stored token
    ...
    but then
    ...
    2021-03-11 17:04:20,342 ERROR [ImapConnection-57622] davmail.exchange.ews.EWSMethod - Error while parsing soap response: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
    ...

    Before setting the Client ID and URI redirect i got always the password request over and over.
    Now with Cliend ID set, it just is 'Login failed'. (after MFA popup complained about 'Are you sure this is an authenticated app?')

    Any clue?
    Thanks in advance.

     

    Last edit: Roland 2021-03-11
    • James P

      James P - 2021-03-11

      Hi Roland,

      Sorry to have misled you somehow but I didn't get this to work on an F3 licence. What I managed was to get it working one, what turned out to have been, an E1 licence. Then, just after I got that to work, we were all sorted out on to different licence levels and I suspect I was issued an F3 which stopped Davmail dead in it's tracks. We lowley peole can now only access mail via the truly awful webmail interface.

      I have now accepted defeat in this unless anyone at Davmail can think of a way around the problem?

      Sorry to be the bearer of bad news.

      Regards,

      James

      "Roland A. Burger" rburger@users.sourceforge.net – 11 March 2021 16:23

      Hello,

      i would just want to ask for confirmation regarding the F3 License. We have the same license, and before MFA activation, davmail worked like a charm (thanks @mguessan!).

      Now, from James above, i understand that he got davmail working with an F3 license, is that correct?

      I have entered the ClientI D as above, the log says,
      ...
      2021-03-11 17:04:20,218 DEBUG [ImapConnection-57622] davmail.exchange.auth.O365Token - Authenticated user e-Roland.Burger@x from stored token
      ...
      but then
      ...
      2021-03-11 17:04:20,342 ERROR [ImapConnection-57622] davmail.exchange.ews.EWSMethod - Error while parsing soap response: com.ctc.wstx.exc.WstxEOFException: Unexpected EOF in prolog
      ...

      Before setting the Client ID and URI redirect i got always the password request over and over.
      Now with Cliend ID set, it just is 'Login failed'. (after MFA popup complained about 'Are you sure this is an authenticated app?')

      Any clue?
      Thanks in advance.

      [feature-requests:#88] nhs.net OWA login

      Status: closed
      Group: Next Release (example)
      Created: Mon Apr 29, 2013 04:07 PM UTC by Arnold Raynor
      Last Updated: Mon Feb 22, 2021 12:44 PM UTC
      Owner: nobody

      NHSmail uses Microsoft Office Outlook Web Access and is accessed at https://web.nhs.net/portal/

      Unfortunately, the login page has an extra obstacle. This is an on-screen keyboard for the first three letters of password entry.

      I would like to request extra coding to make DavMail compatible with nhs.net.

      Thanks for writing this helpful connector.

      Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/davmail/feature-requests/88/

      To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

       

      Related

      Feature Requests: #88

  • Roland

    Roland - 2021-03-12

    Thanks James for your kind feedback.

    As it worked before with our Office F3 license when there was no MFA/2FA authentication via sms activated, that is the culprit it seems.

    Cheers, Roland

     
    • James P

      James P - 2021-03-12

      Ahh, well wouldn't you know it! And that is exactly why we want to use davmail in the first place. We have a very dodgy mobile signal at our place and all work from home :/

      Such is life.

      Thanks for your input.

      James

      On Fri, 12 Mar 2021, at 05:51, Roland wrote:

      Thanks James for your kind feedback.

      As it worked before with our Office F3 license https://365tips.be/en/microsoft-365-f3/ when there was no MFA/2FA authentication via sms activated, that is the culprit it seems.

      Cheers, Roland

      [feature-requests:#88] https://sourceforge.net/p/davmail/feature-requests/88/ nhs.net OWA login

      Status: closed
      Group: Next Release (example)
      Created: Mon Apr 29, 2013 04:07 PM UTC by Arnold Raynor
      Last Updated: Thu Mar 11, 2021 04:22 PM UTC
      Owner: nobody

      NHSmail uses Microsoft Office Outlook Web Access and is accessed at https://web.nhs.net/portal/

      Unfortunately, the login page has an extra obstacle. This is an on-screen keyboard for the first three letters of password entry.

      I would like to request extra coding to make DavMail compatible with nhs.net.

      Thanks for writing this helpful connector.

      Sent from sourceforge.net because you indicated interest in https://sourceforge.net/p/davmail/feature-requests/88/

      To unsubscribe from further messages, please visit https://sourceforge.net/auth/subscriptions/

      --
      Please note - This email and any attachment it may contain is for the
      individual to which it was originally addressed. If you are not the
      original intended recipient, you are notified that any disclosure,
      copying, alteration, distribution, publication or the taking of action
      in reliance on the contents is prohibited and may be an offence.

      Jkp@bronyaur.co.uk Personal
      jkpirie@gmail.com Business

       

      Related

      Feature Requests: #88

  • Roland

    Roland - 2021-03-12

    Thanks James for your kind feedback.

    I would just not want to give up yet.

    Am thinking about the fact that this worked fine with davmail and the Office F3 license until short time ago. Before MFA/2FA was activated.

    Not much has changed, as there is only a further popup windows for inserting the code received via sms to secure the login/password procedure with an additional step.

    The rest i suspect should be the same mechanism.

    So want to investigate further.

    Thanks,
    Roland

     
1 2 > >> (Page 1 of 2)

Log in to post a comment.