Direct OWA Login

Introduction

There are times when we need to redirect a user from one application to web mail access or OWA (Office Web Access) by bypassing the login screen of the OWA. Let me share a script and technique to do so.

Using the code

Here is the JavaScript function:

function DirectLogin (vstrServer, vstrDomain, vstrUsername, vstrPassword) {
          
      //var url = "https://" + server + "/exchweb/bin/auth/owaauth.dll";
      var strUrl = "https://" + vstrServer + "/exchweb/bin/auth/owaauth.dll";
      var strExchange = {destination:'https://' + vstrServer + 
         '/exchange',flags:'0',forcedownlevel:'0', 
         trusted:'0',isutf8:'1',username:vstrDomain + 
         '\\' + vstrUsername,password:vstrPassword};
                
      var myForm = document.createElement("form");
      myForm.method="post" ;
      myForm.action = url ;

      for (var varElement in strExchange) {
      
        var myInput = document.createElement("input") ;
        myInput.setAttribute("name", varElement) ;
        myInput.setAttribute("value", strExchange[varElement]);
        myForm.appendChild(myInput) ;
      }
          
      document.body.appendChild(myForm) ;
      myForm.submit() ;
      document.body.removeChild(myForm) ;
}

Here is the HTML:

<body onload="javascript:DirectLogin(‘servername','domain','username','password');">

In the above code snippet, there is a JavaScript method that actually bypasses the OWA login screen. Please note that the input to the scripts are very important, and also the path of the owaauth.dll file on the server that is set in the DirectLogin method.