Anonymous site and word documents authentication promt
-
Donnerstag, 19. Januar 2012 13:38
I have anonymous site,
Client integration is off.
When anonymous user try to open word document, system prompts it user name and password. After canceling document downloads ok.
Alle Antworten
-
Donnerstag, 19. Januar 2012 15:25Have you checked that anonymous view access has been granted for the documents in the library? If the document library is inheriting permissions, you may want to break inheritance of it and check the anonymous access for the library to see the the allow view items check-box is checked.
Simon Rennocks | SharePoint 2010 MCITP & MCPD | Microsoft Community Contributor 2011 | Blog | LinkedIn -
Donnerstag, 19. Januar 2012 17:14
Anonymous have access to view documents. After canceling prompt document opened correctly.
I already disable lockdown mode and break permissions inheritance. No rusults.
-
Donnerstag, 19. Januar 2012 21:40
I've found the following workaround:
To keep it simple:
1. Disable client integration
2. Remove the OPTIONS verb from the <HTTPHandlers> registration line in the web.config file for the site
Also check: http://stackoverflow.com/questions/375390/office-documents-prompt-for-login-in-anonymous-sharepoint-site
regards, Gokan
Founder of SharePoint CookBook: http://www.GokanOzcifci.be
Microsoft Certified Technology Specialist: SharePoint 2010, Configuring
Microsoft Certified Personal -
Donnerstag, 19. Januar 2012 22:18
Thank you!
Before asking I did some research.
As I said, I already disable client integration.
Also I checked out web config - there is no OPTIONS verb. There just empty <HTTPHandlers/>
-
Freitag, 20. Januar 2012 08:16
Hey,
Did you try this solutions who has worked for several users: http://www.theblackknightsings.com/RemoveLoginBoxWhenAnonymousUsersDownloadOfficeDocumentFromSharePointSite.aspx
And be sure for you IE settings: http://sharepointsolutions.blogspot.com/2008/06/how-do-i-make-our-sharepoint-site-stop.html
Thx, Gokan
Founder of SharePoint CookBook: http://www.GokanOzcifci.be
Microsoft Certified Technology Specialist: SharePoint 2010, Configuring
Microsoft Certified Personal -
Sonntag, 22. Januar 2012 15:34
I just have try first solution with no results.
About IE settings - that article describes how to avoid password prompt for domain users. We don't have this problem. We have problem with anonymous Internet users and we don't have access to their IE config.
In IIS log we have such records:
2012-01-22 15:43:18 172.30.10.61 GET /emergency_info/0900000180043399.doc - 80 - 89.179.119.66 Mozilla/5.0+(compatible;+MSIE+10.0;+Windows+NT+6.2;+WOW64;+Trident/6.0) 304 0 0 66
2012-01-22 15:43:19 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 403 0 0 61
2012-01-22 15:43:19 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 401 1 2148074254 41
2012-01-22 15:43:19 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 401 1 2148074252 81
2012-01-22 15:43:21 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 403 0 0 47
2012-01-22 15:43:21 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 401 1 2148074254 51
2012-01-22 15:43:21 172.30.10.61 OPTIONS /emergency_info/ - 80 - 89.179.119.66 Microsoft+Office+Protocol+Discovery 401 1 2148074252 244
2012-01-22 15:43:21 172.30.10.61 GET /emergency_info/0900000180043399.doc - 80 - 89.179.119.66 Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+6.2;+WOW64;+Trident/6.0;+.NET4.0E;+.NET4.0C;+InfoPath.3;+.NET+CLR+3.5.30729;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.30729;+MS-RTC+EA+2;+ms-office;+MSOffice+14) 304 0 0 56
2012-01-22 15:43:21 172.30.10.61 HEAD /emergency_info/0900000180043399.doc - 80 - 89.179.119.66 Microsoft+Office+Existence+Discovery 200 0 0 65
2012-01-22 15:43:21 172.30.10.61 HEAD /emergency_info/0900000180043399.doc - 80 - 89.179.119.66 Microsoft+Office+Existence+Discovery 200 0 0 250
2012-01-22 15:43:25 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 45
2012-01-22 15:43:25 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 43
2012-01-22 15:43:25 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 43
2012-01-22 15:43:25 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 63
2012-01-22 15:43:27 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 43
2012-01-22 15:43:27 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 44
2012-01-22 15:43:27 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 43
2012-01-22 15:43:27 172.30.10.61 OPTIONS / - 80 - 89.179.119.66 Microsoft-WebDAV-MiniRedir/6.2.8102 403 0 0 64- Bearbeitet Alexander Sapozhkov Sonntag, 22. Januar 2012 15:35
- Bearbeitet Alexander Sapozhkov Sonntag, 22. Januar 2012 15:44
-
Sonntag, 22. Januar 2012 18:37
I don't necessarily have a solution, but I wanted to point out that this prompt doesn't come from SharePoint - it comes from the local Office client, which doesn't like to be opened by an outside source, which is SharePoint in this case. It's on the client side that this is occuring, and that's where the focus should be if your SharePoint settings are in order.
What happens when you try to open an Office doc from our COSPUG site?
http://www.cospug.com/Sessions/Forms/AllItems.aspx
SharePoint Architect || Microsoft MVP || My Blog
Planet Technologies || SharePoint Task Force- Bearbeitet Clayton Cobb - MVP Sonntag, 22. Januar 2012 18:37
-
Sonntag, 22. Januar 2012 19:20Agreed on what Clayton suggested/mentioned. Additionally, what happens if you put the site into your LOCAL INTRANET (not Trusted Sites) security zone in IE? Any change in behavior? It could be related to this.
Trevor Norcross | Principal Consultant | Blue Chip Consulting Group | http://www.bluechip-llc.com -
Sonntag, 22. Januar 2012 20:10
When I open http://www.cospug.com/Sessions/Search_Architecture.docx word twice asks me password and then shows me document.
When I open docx from regular site, it opens without prompts: http://download.microsoft.com/download/D/A/8/DA82C84A-1C3F-418A-BCC7-8A38CBBC1935/Virtualization_of_SharePoint_Products_and_Technologies_White_Paper_-_final1.docx.
When I add site to intranet - nothing changing: my local user don't have any permissions on that public server.
- Bearbeitet Alexander Sapozhkov Sonntag, 22. Januar 2012 20:14
-
Sonntag, 22. Januar 2012 21:30
Solved problem by using special link like http://server/_layouts/download.aspx?SourceUrl=/folder/0900000180043399.doc.
Works greate for me, because all views in my site are custom, and I can easy correct them.
- Bearbeitet Alexander Sapozhkov Sonntag, 22. Januar 2012 21:30
- Als Antwort markiert Alexander Sapozhkov Freitag, 24. Februar 2012 08:42
-
Montag, 23. Januar 2012 06:12Alexander, I do not get prompted when opening docs from my site even when I'm not authenticated, so that's something to think about.
SharePoint Architect || Microsoft MVP || My Blog
Planet Technologies || SharePoint Task Force -
Montag, 23. Januar 2012 08:19
Clayton, do you think its normal when installed new windows and office without any additional configuration and domain policies?
Anyone please try open http://www.cospug.com/Sessions/Search_Architecture.docx!
On all my computers it asks password.
-
Dienstag, 24. Januar 2012 01:20
Per my response elsewhere in this thread, what happens if you put the site into your LOCAL INTRANET (not Trusted Sites) security zone in IE? Any change in behavior? It could be related to this.
It is possible your newly built computers are getting some Group Policy from your Active Directory domain which are changing a setting in IE - unless you are able to find the specific setting, the test suggeted above may be a way around it for now. The results would at least give us some idea of what might be happening.
Trevor Norcross | Principal Consultant | Blue Chip Consulting Group | http://www.bluechip-llc.com -
Dienstag, 24. Januar 2012 14:03
Trevor, as I said, "When I add site to intranet - nothing changing: my local user don't have any permissions on that public server".
May be this related with SharePoint Workspace installed on computers, I will check it.
-
Mittwoch, 25. Januar 2012 21:34
Could you please check if the Enable anonymous option is checked in the IIS for the web application.
Also, change the authentication method to basic in the IIS for the particular web application. As, it worked for me couple of time while troubleshooting in clients environment.
Regards,
Pallav Srivastav
-
Mittwoch, 25. Januar 2012 21:35
Could you please check if the Enable anonymous option is checked in the IIS for the web application.
Also, change the authentication method to basic in the IIS for the particular web application. As, it worked for me couple of time while troubleshooting in clients environment.
Regards,
Pallav Srivastav
-
Mittwoch, 25. Januar 2012 22:28Have you setup DisableLoopbackCheck on the SharePoint Server?
-
Donnerstag, 26. Januar 2012 00:23Do you have URLScan turned on? If so make sure you check your URLScan.ini configuration file to see if the OPTIONS verb in the allowed section.
Brian T. Shell -
Donnerstag, 26. Januar 2012 05:00
When I try to open PDF - opens correctly. And you?
When docx - double prompt and after canceling shows me document well.
CoderBond, I think your problem is slightly different.- Bearbeitet Alexander Sapozhkov Donnerstag, 26. Januar 2012 05:04
-
Donnerstag, 26. Januar 2012 08:18Coderbond, your topic is way different, so please help not to sidetrack this particular thread. I don't know what behavior you expect if the user doesn't have Office installed. If I try to open any document from any website on any platform without the proper application to see that document, I expect an error or association prompt. Much different topic, though. I assume you've created a separate thread for it.
SharePoint Architect || Microsoft MVP || My Blog
Planet Technologies || SharePoint Task Force -
Donnerstag, 26. Januar 2012 23:42
I never intended to sidetrack this thread. I was trying to explain that without Microsoft Office being installed the Microsoft Office Protocol Discovery components are not available and therefore the client browser and system will treat the document like any other file.
However with Office present on the client machine additional HTTP traffic occures to determine whether to use WebDav or FPRPC. Depending on what is discovered via HTTP the server will proceed with either WebDav or FPRPC, all in an attempt to create an ehanced experiance for the user while working with office documents.
Section 2.1.2.1.2 of this document explains this clearly. http://download.microsoft.com/download/1/6/F/16F4E321-AA6B-4FA3-8AD3-E94C895A3C97/[MS-OCPROTO].pdf
A good test to see if the anonymous access is configured correctly is to try downloading a document that is not a Microsoft Office document OR find a machine that doesn't have office installed.
At the point that you've confirmed that anonymous access is configured correctly you can proceed to trouble shoot the components outlined in the document I supplied.
-
Dienstag, 31. Januar 2012 18:07
Alexander,
If you break inheritance between the document library and the site and re apply anonymous access directly to the document list, will the office documents open anonymously? Or do you still get the prompt?
Also, Are you using Office Web Apps?- Bearbeitet Jeremy Allen Bond Dienstag, 31. Januar 2012 18:07 missing details
-
Freitag, 24. Februar 2012 08:43
Library have breaked permissions inheritance.
We don't have Office Web Apps.
-
Sonntag, 15. April 2012 07:22
I hit the link and was prompted twice as well, and then it opened. I ran a quick Fiddler on it
this behavior is caused by the microsoft office protocol discovery, as was mentioned above by another reply. An article on how to deal with these issues can be found here:
http://support.microsoft.com/kb/2019105
the article suggests a handful of remedies. Hopefully, one of them is appropriate for you.
-
Sonntag, 15. April 2012 17:49Bill, what exactly way you suggest from this article to this situation?
-
Mittwoch, 18. April 2012 04:34
this looks promising. looks like a web.config setting
Disable support of the OPTIONS and PROPFIND verbs – ... If the site provides WebDAV functionality through another extension, the provider of that extension should be involved. For example, to do this with Windows SharePoint Services (WSS), the site should be configured to disable Client Integration, or the OPTIONS and PROPFIND verb should be inhibited. (On IIS 6, remove the verbs from the <httpHandlers> registration line in the web.config file. On IIS 7.0, use the HTTP Verbs tab of the Request Filtering feature to deny the verbs.) Be aware that this approach will open the content in read-only mode because this approach disables direct-edit functionality.
.png)
.png)
