EWS 应用程序和 Exchange 体系结构EWS applications and the Exchange architecture

了解 EWS 方式内 Exchange 体系结构,并找出哪些 EWS 依赖的协议。Learn about how EWS works within the Exchange architecture, and find out which protocols EWS relies on.

Exchange Web Services (EWS) 是一个跨平台 API,使应用程序访问邮箱项目,如电子邮件、 会议和联系人从 Exchange Online 中,Exchange Online 作为 Office 365 的一部分或本地版本的 Exchange 开头Exchange Server 2007。Exchange Web Services (EWS) is a cross-platform API that enables applications to access mailbox items such as email messages, meetings, and contacts from Exchange Online, Exchange Online as part of Office 365, or on-premises versions of Exchange starting with Exchange Server 2007. EWS 应用程序可以通过在 SOAP 基于 XML 邮件中发送的请求访问邮箱项目本地或远程。EWS applications can access mailbox items locally or remotely by sending a request in a SOAP-based XML message. 嵌入到 SOAP 消息时应用程序和服务器,这意味着,只要您的应用程序可以发布通过 HTTP 的 XML,它可以使用 EWS 访问 Exchange 之间发送的 HTTP 消息中。The SOAP message is embedded in an HTTP message when sent between the application and the server, which means that as long as your application can post XML through HTTP, it can use EWS to access Exchange.

Exchange 体系结构概述Exchange architecture overview

下图显示的身份验证方法和 EWS 应用程序与 Exchange 2013 和 Exchange Online 进行通信时使用的通信路径。The following diagrams show the authentication methods and communication paths used by EWS applications when communicating with Exchange 2013 and Exchange Online. 从 EWS 应用程序的角度来看,是相同的通信路径和身份验证方法只会略有不同;主要区别是 Exchange 后端到您具有的可见性。From the EWS application perspective, the communication paths are identical and the authentication methods only vary slightly; the main difference is the visibility you have into the Exchange backend.

图 1。EWS 应用程序和 Exchange 内部部署体系结构Figure 1. EWS application and the Exchange on-premises architecture

此插图显示 Exchange 本地体系结构情境中的 EWS 应用程序。若要获取此图中组件的说明,请参阅本图和下图下方文本的第 1 至 8 条。

图 2 显示了在与 Exchange Online 进行通信时使用的 EWS 应用程序图 1 中所示的相同的通信路径。Figure 2 shows the same communication paths shown in Figure 1, as used by EWS applications when communicating with Exchange Online.

图 2。EWS 应用程序和 Exchange Online 体系结构Figure 2. EWS application and the Exchange Online architecture

此插图显示适用于 EWS 应用程序的 Exchange Online 体系结构情境中的 EWS 应用程序。若要获取此图中组件的说明,请参阅本图像下方文本的第 1、2、3、6 和 9 条。

以下是图所示的组件:The following are the components that are shown in the diagrams:

  1. EWS 应用程序 — 这可以是客户端、 门户或服务应用程序而可以将安装在客户端或 Exchange 内部部署客户端访问服务器上。EWS application — This can be a client, portal, or service application and it can be installed on a client or on an Exchange on-premises Client Access server. 如果您使用 EWS 托管 API 开发的 EWS 应用程序,将 EWS 托管 API 的程序集必须安装在客户端和您的应用程序重新分配If you use the EWS Managed API to develop the EWS application, the EWS Managed API assemblies have to be installed on the client and redistributed by your application.

  2. SOAP XML 消息 — XML 消息,SOAP 信封中, 嵌入到客户端访问服务器上的 Services.wsdl 文件符合 HTTP/S 邮件中。The SOAP XML message — An XML message, in a SOAP envelope, embedded in an HTTP/S message that conforms to the Services.wsdl file on the Client Access server. HTTPS 建议 Exchange 内部部署和 Exchange Online 的需要。HTTPS is recommended for Exchange on-premises and is required for Exchange Online.

  3. 身份验证方法 — EWS 消息包括基本,作为 HTTP 负载的一部分的 NTLM (集成 Windows 身份验证) 或 OAuth 身份验证信息。Authentication methods — EWS messages include basic, NTLM (Windows Integrated authentication), or OAuth authentication information as part of the HTTP payload.

  4. 负载平衡器 — 负载平衡器分发客户端访问服务器阵列中的客户端访问服务器的邮件。Load balancer — The load balancer distributes the message to a Client Access server in the Client Access server array. Exchange 内部部署体系结构中将仅显示此组件。This component is only visible in the Exchange on-premises architecture.

  5. 客户端访问服务器阵列 — 客户端访问服务器均分成各种名为客户端访问服务器阵列的负载平衡的组。Client Access server array — Client Access servers are organized into a load-balanced group called a Client Access server array. 单个客户端访问服务器提供身份验证、 有限的重定向和代理服务。Individual Client Access servers provide authentication, limited redirection, and proxy services. 客户端访问服务器本身不执行任何数据呈现和排入队列或存储在客户端访问服务器上的任何数据-精简并无状态;它只是对请求进行身份验证,执行自动发现查找,然后代理对邮箱服务器的请求。The Client Access servers themselves don't do any data rendering, and no data is queued or stored on a Client Access server - it is thin and stateless; it simply authenticates the request, performs an Autodiscover lookup, and then proxies the request to the Mailbox server. 客户端访问服务器维护承载用户的数据的邮箱服务器 1:1 关系。The Client Access server does maintain a 1:1 relationship with the Mailbox server that hosts the user's data. 客户端访问服务器和邮箱服务器之间使用 HTTP 协议 (通过使用自签名的证书的 SSL 安全)。The HTTP protocol (secured via SSL using a self-signed certificate) is used between the Client Access server and Mailbox server. Exchange 内部部署体系结构中将仅显示此组件。This component is only visible in the Exchange on-premises architecture.

  6. 自动发现服务 — 自动发现服务执行发现服务通过访问 Active Directory 域服务 (AD DS) 来检索邮箱版本和邮箱服务器托管主动副本的用户的数据的位置。Autodiscover service — The Autodiscover service performs a service discovery by accessing Active Directory Domain Services (AD DS) to retrieve the mailbox version and the location of the Mailbox server that is hosting the active copy of the user's data.

  7. EWS 服务 — EWS 服务由三个文件描述: Services.wsdl、 Messages.xsd,Types.xsd,以及将 EWS 托管 API 的程序集。EWS service —The EWS service is described by three files: Services.wsdl, Messages.xsd, and Types.xsd, as well as the EWS Managed API assemblies. Services.wsdl 介绍在客户端和服务器之间合同、 Messages.xsd 定义请求和响应 SOAP 消息,并 Types.xsd 定义的 SOAP 消息中使用的元素。Services.wsdl describes the contract between the client and server, Messages.xsd defines the request and response SOAP messages, and Types.xsd defines the elements used in the SOAP messages. Messages.xsd 和 Types.xsd 始终包含架构的最新版本,尽管存在早期版本的架构。Messages.xsd and Types.xsd always contain the latest versions of the schema, although earlier versions of the schema exist. 请注意,Services.wsdl、 Messages.xsd 和 Types.xsd 可在客户端访问服务器上,但实际上并不用于的架构验证 — 它们仅供参考。Note that Services.wsdl, Messages.xsd, and Types.xsd are made available on the Client Access server, but are not actually used for schema validation — they are provided for reference only. EWS 托管 API 的程序集提供的服务器端 EWS 客户端应用程序,并在所有 Exchange 服务器角色,而不仅仅是客户端访问服务器上部署。The EWS Managed API assemblies are provided for server-side EWS client applications and are deployed on all Exchange Server roles, not just the Client Access servers. Exchange 内部部署体系结构中将仅显示此组件。This component is only visible in the Exchange on-premises architecture.

    功能的可用性取决于 EWS 架构版本的应用程序的目标。Feature availability is based on the EWS schema version that your application targets. 因为 EWS 架构和转发-兼容,如果您创建的应用程序面向早期架构版本,Exchange 2007 SP1,例如您的应用程序也适用的更高版本的架构版本,Exchange 2010 SP2 服务,如针对以及Exchange Online。Because EWS schemas are backward- and forward-compatible, if you create an application that targets an earlier schema version, such as Exchange 2007 SP1, your application will also work against a later schema version, such as the Exchange 2010 SP2 service, as well as Exchange Online. 由于特性和功能更新驱动的架构,我们建议您在该目标您想要在客户端应用程序中实现的 EWS 功能使用最早的常见代码库。Because features and feature updates are driven by the schema, we recommend that you use the earliest common code base that targets the EWS features that you want to implement in your client application. 多个应用程序可以目标 Exchange2007_SP1 版本,因为 Exchange 2007 SP1 架构包含几乎所有核心 Exchange 功能用于处理项目和 Exchange 存储中的文件夹。Many applications can target the Exchange2007_SP1 version, because the Exchange 2007 SP1 schema contains almost all the core Exchange functionality for working with items and folders in the Exchange store. 有关详细信息,请参阅EWS 客户端功能For more information, see EWS client features.

  8. 数据库可用性组 (DAG) — 高度可用的 DAG,可以在一个或多个数据中心中部署到组织的邮箱服务器。Database Availability Group (DAG) — Mailbox servers are organized into a highly available DAG, which can be deployed in one or more datacenters. 邮箱服务器包含邮箱数据库,并处理该服务器上的活动邮箱的所有活动。The Mailbox server contains the mailbox database and handles all activity for the active mailboxes on that server. 处理,呈现,并存储数据的所有组件都都在邮箱服务器上。All components that process, render, and store data are on the Mailbox server. 客户端不直接连接到邮箱服务器。由客户端访问服务器处理所有连接。Clients do not connect directly to the Mailbox server; all connections are handled by the Client Access server. Exchange 内部部署体系结构中将仅显示此组件。This component is only visible in the Exchange on-premises architecture.

  9. Exchange Online 和 Exchange Online 作为 Office 365 的一部分 — 托管作为基于云的服务提供 Exchange 功能的消息解决方案。Exchange Online and Exchange Online as part of Office 365 — The hosted messaging solution that delivers Exchange features as a cloud-based service.

当 EWS 应用程序请求从 Exchange 存储的信息时,符合标准的 SOAP XML 请求消息创建并发送到 Exchange 服务器中。When an EWS application requests information from the Exchange store, an XML request message that complies with the SOAP standard is created and sent to the Exchange server. Exchange 服务器接收请求时,它验证客户端提供的凭据,并自动分析所请求的数据的 XML。When the Exchange server receives the request, it verifies the credentials that are provided by the client and automatically parses the XML for the requested data. 然后,服务器建立 SOAP 响应,其中包含代表请求的强类型的对象及其属性的 XML 数据。The server then builds a SOAP response that contains XML data that represents the requested strongly typed objects and their properties. XML 数据发送回 HTTP 响应中的应用程序。The XML data is sent back to the application in an HTTP response. 应用程序然后 XML 反序列化和使用数据修订的强类型的对象。The application then deserializes the XML and uses the data to reform the strongly typed objects.

协议和 EWS 应用程序必须支持的标准Protocols and standards that EWS applications must support

要与 Exchange 服务器通信,EWS 应用程序必须支持以下协议和标准。To communicate with an Exchange server, EWS applications must support the following protocols and standards.

表 1。协议Table 1. Protocols

协议Protocol 如何使用它How it's used
允许通过网络,无论客户端是否在 Internet 或 intranet 访问 Exchange 数据库数据 EWS 应用程序。Enables EWS applications to access Exchange database data over the network, regardless of whether the client is on the Internet or intranet.
SOAP 1.0SOAP 1.0
窗体周围消息负载信封。Forms an envelope around the messaging payload. EWS 通过使用 SOAP 信封的不同部分实现不同的功能实现 SOAP 协议。EWS implements the SOAP protocol by using different parts of the SOAP envelope to enable different functionality. SOAP 标头用于模拟,并提供版本控制数据。The SOAP header is used for impersonation and to provide versioning data. SOAP 主体提供有关要运行的操作和数据提交到该操作的信息。The SOAP body provides information about the operation to run and the data that is submitted to the operation. SOAP 依赖于 WSDL 来描述要呼叫的操作。SOAP relies on WSDL to describe the operations to call.
WSDL 1.0WSDL 1.0
介绍绑定、 操作和用于 Services.wsdl 文件中调用 EWS 操作的属性。Describes the bindings, the operations, and the properties that are used to call EWS operations, in the Services.wsdl file. 此文件,以及被引用的架构文件,包括 EWS 应用程序和 Exchange 服务器之间的协定和通常用于供应商特定工具以及创建特定于平台的应用程序。This file, along with the referenced schema files, comprises the contract between an EWS application and the Exchange server, and is often used along with vendor-specific tools to create platform-specific applications. WSDL 文件位于 EWS 虚拟目录,它是网站的根目录。The WSDL file is located in the EWS virtual directory, which is at the root of the website.
传输层安全性 (TLS) / SSLTransport Layer Security (TLS)/SSL
在 Internet 或 intranet 上提供安全的 web 通信。Provides secure web communications on the Internet or on intranet. TLS 使应用程序进行身份验证服务器或服务器进行身份验证 EWS 应用程序,(可选)。TLS enables applications to authenticate servers or, optionally, servers to authenticate EWS applications. 它还提供一个安全通道,通过加密通信。It also provides a security channel by encrypting communications. TLS 是安全套接字层 (SSL) 协议的最新版本。TLS is the latest version of the Secure Sockets Layer (SSL) protocol.
Exchange server 和客户端之间的信息的 exchange 提供通用消息的格式。Provides a universal message format for the exchange of information between the Exchange server and the client. XML 可提供复杂 Exchange 数据库数据客户端应用程序,但在定义的结构。XML provides complex Exchange database data to client applications, but in a defined structure. XML 的优点在于,它允许的数据交换的 EWS 应用程序和服务器不共享一个共同平台,即使。The beauty of XML is that it allows for the exchange of data even when an EWS application and server do not share a common platform.

此外,EWS 应用程序必须支持以下身份验证标准:In addition, EWS applications must support the following authentication standards:

  • 基本身份验证使用 ssl,针对 Exchange Online 或 Exchange 内部部署的应用程序。Basic authentication over SSL, for applications that target Exchange Online or Exchange on-premises.

  • NTLM 身份验证使用 ssl,支持 Exchange 内部部署的应用程序。NTLM authentication over SSL, for applications that support Exchange on-premises.

  • OAuth 2.0 令牌身份验证,受信任的合作伙伴应用程序和 Lync Server 2013 和 SharePoint Server 2013 互操作性。OAuth 2.0 token authentication, for trusted partner applications and interoperability with Lync Server 2013 and SharePoint Server 2013.

另请参阅See also