WebDAV Notifications Evaluation Criteria
Topic Last Modified: 2008-04-16
Exchange WebDAV notifications are a mechanism used to perform event-based processing in a Web-based document storage environment. WebDAV Notifications allow a client application to perform actions based on changes in the state of data stored on the server, including creating, updating, and moving documents, and processing new e-mail messages. Exchange WebDAV notifications help client applications display up-to-date information or inform the end user of document updates by another user.
Caveats
WebDAV notifications sent from the server to the subscribing client use UDP packets (HTPU), sent on the port specified in the subscription. Depending on your network configuration, notifications generated for subscriptions with HTTP URLs across the Internet might be blocked by the Internet firewall.
Functional Criteria
| Criteria | WebDAV Notifications |
|---|---|
Application Domain |
WebDAV notifications are typically used in remote client applications that already use WebDAV to communicate with the Exchange server. Typical applications include Web-based messaging clients and collaboration applications that use Exchange public folders. |
Major Objects |
WebDAV notifications do not present any objects. |
Data access model |
WebDAV returns information in text and XML streams that contain the item data, properties, and error information. Additional information is available in the method response headers. |
Threading Models |
Application threading depends entirely on the client, and does not affect WebDAV. WebDAV is an extension of HTTP, so no connection state information is retained between transactions. However, items status is retained in the Exchange server, for example in response to a WebDAV resource lock command. |
Application Architectures |
Applications that use WebDAV are typically Web-based, thin-client applications. However, traditional Windows GUI applications can be developed that use WebDAV to communicate with the Exchange server. In addition, WebDAV is frequently used as the communication mechanism between an application middle-tier and the Exchange server. |
Remote Usage |
WebDAV is often ideal for remotely accessing Exchange. Because it communicates by using the same ports that HTTP and HTTPS use, corporate firewalls and routers often do not require special configuration. |
Transactions |
WebDAV Notifications do not support transactions. |
Management Capabilities |
WebDAV virtual servers can be managed manually and programmatically by using the Exchange administration console, CDOEXM, and WMI. WebDAV Notifications are a feature of WebDAV. |
Availability |
WebDAV notifications are available starting with Microsoft Exchange 2000 Server Service Pack 2 (SP2). Future versions of Exchange might not include, or provide access to, this technology. |
Development Criteria
| Criteria | WebDAV Notifications |
|---|---|
Languages and Tools |
Because WebDAV is a protocol, any programming tool and language that correctly sends and receives HTTP requests and responses, such as the MSXML HTTPRequest object, can be used to create applications that access Exchange by using WebDAV. |
Managed Implementation |
WebDAV is not a managed IIS extension. However, client applications that use WebDAV can use managed code as appropriate. Managed applications typically use the System.Net.HttpWebRequest object from the .NET Framework. |
Scriptable |
WebDAV can be used in scripts, using the MSXML HTTPRequest object. |
Test/Debug Tools |
No special debugging tools are needed to debug applications that use WebDAV Notifications. For particularly difficult protocol-interaction issues, a network monitoring utility may prove helpful, but is typically not required. |
Expert Availability |
Finding developers who have created networked applications, or who have experience using networking protocols, should not be very difficult. For developers who have that type of experience, using WebDAV to access Exchange data should not pose significant problems. |
Available Information |
Exchange WebDAV notifications are documented in the . Use the documentation appropriate to the version of Exchange you are developing with. To access the Exchange 2000 Server SDK and the Exchange Server 2003 SDKs, see the Exchange Server Developer Center. |
Developer / Deployment Licensing |
Refer to your Exchange and MSDN subscription licensing agreements to determine whether additional licenses are required for the Exchange servers that store the data accessed by your WebDAV applications. |
Security Criteria
| Criteria | WebDAV Notifications |
|---|---|
Design-Time Permissions |
No special developer permissions are required for using WebDAV notifications with an Exchange server. The Exchange server must be configured to allow WebDAV access, and the developer must have permissions to access the data the application will use. |
Setup Permissions |
Because applications that use WebDAV run on either the client or middle tier, typically no special Exchange server permissions are needed for setup. If the Setup program makes changes in the Exchange store, for example to create the notification, the user running Setup must have the necessary permissions to make those changes. |
Run-Time Permissions |
The run-time permissions needed by applications that use WebDAV notification depend entirely upon the authentication/authorization methods used between the client and the WebDAV virtual server. When the application tier that uses WebDAV to access the Exchange server is a small number of computers, often the virtual server is configured to allow connections from only those middle-tier computers. Because WebDAV notifications use UDP to contact the client, WebDAV notifications should only be used within an intranet, or via a secured PPTP tunnel. |
Built-in Security Features |
WebDAV virtual servers by default use Basic or NTLM authentication, and anonymous access is disabled. Because WebDAV transmits data in plaintext across the network, it is also recommended that Exchange WebDAV virtual servers that transmit sensitive data use SSL/TLS. |
Security Monitoring Features |
WebDAV virtual servers use the IIS security monitoring features. |
Deployment Criteria
| Criteria | WebDAV Notifications |
|---|---|
Server Platform Requirements |
The Exchange server that manages the store on which your application data is located must have a WebDAV virtual server if the client application accesses it directly. Alternatively, WebDAV configured on Exchange front-end servers can be used to receive notifications from all the stores in the domain on which the user has permissions. |
Client Platform Requirements |
WebDAV notifications use UDP packets to notify the client that the Exchange store detected a subscribed event. The subscription command specifies the UDP port on which Exchange will contact the client computer. The client application must have a UDP listener running on the port specified on the subscription, so that the events will be received. Note that normal firewall configuration blocks UDP packets, so WebDAV notifications typically only work within an intranet, or over a PPTP tunnel. |
Deployment Methods |
Client applications that use WebDAV notifications are deployed based on their client architecture and technology. The client or middle tier communicates via WebDAV with an Exchange server. WebDAV notifications use UDP packets to contact the client application, and so may be unsuitable for use across the Internet. |
Deployment Notes |
None. |