3

We are willing to implement a web application with edit functionalities of WORD documents using WebDav. We are starting to have a better picture of the implementation required however, we have read on your site (http://www.webdavsystem.com/server/documentation/ms_office_read_only) that it is possible to avoid MS office Word login dialog to open when URL-authentication is implemented.

We can hardly find solutions on how to achieve this or on how to use URL-authentication with MS Office.

Would you be able to point us in the right direction with this process or even let us know how to get some examples on that?

sngnico
  • 31
  • 2

1 Answers1

1

Here are some options to avoid login dialog:

  • Implement URL authentication. You will need to include some session ID in the URL. Note that you will need to include it in path. For example:

    https://server/[SessionID1234567890]/path/file.docx

    Do not include your session ID in the query string, as MS Office will truncate it when saving a document.

  • Implement cookies/Forms authentication. In this case you will need the IT Hit WebDAV Ajax Library to open documents for editing. You will also need to install the protocol application (Edit Document Opener, supplied with the WebDAV Ajax Library) on a client machine.

  • Implement MS-OFBA authentication. You can generate sample MS-OFBA code using 'Add WebDAV Server Implementation' wizard for Visual Studio supplied with IT Hit WebDAV Server for .NET SDK.

    Note that MS-OFBA will display an HTML login dialog inside MS Office UI, which is rendered by Internet Explorer. If you open a document from any other web browser the login dialog will be always displayed during first open.

    To avoid login dialog during subsequent access you will need to set permanent authentication cookie (check the 'Keep me logged-in' checkbox).

  • Use Kerberos authentication. By default Kerberos authentication will display login dialog during first document access only. This option can be configured in Active Directory policies.

IT Hit WebDAV
  • 5,652
  • 12
  • 61
  • 98
  • In the "Implement URL Authentication" part you said "Do not include your session ID in the query string, as MS Office will truncate it when saving a document.". To workaround the truncation of query string problem, maybe we could store the session ID in a cookie set with the value of the query string during the "get" ? – bN_ Jun 20 '23 at 10:35
  • Yes, you can store your token, session ID or other authentication info in cookies. Typically you will store the user name and encrypt it. MS Office can pass cookies back to the server. – IT Hit WebDAV Jun 22 '23 at 07:51
  • Unfortunately it does not work because the cookies are not shared with the Webdav MiniRedirector (User-Agent = "Microsoft-WebDAV-MiniRedir"). So the session cookie is provided by the client only when the request is issued by MS-Word directly (User-Agent = "Microsoft Office Word" or "Mozilla/4.0"). It seems I'll have no other choice than setting the session id in the URL :'( – bN_ Jun 22 '23 at 15:58