Office Web Apps and Forms Based Authentication
Is it possible to use Office Web Apps Server 2013 to give external SharePoint Foundation 2013 clients access to Office documents in a View only capacity?
Does FBA work with Office Web Apps or would external users have to at least have a Windows CAL in AD if we are just using SharePoint Foundation?
Hi,
It may be possible.
Here are some links for your situation:
http://technet.microsoft.com/en-us/library/ff431682(v=office.15).aspx
http://blogs.technet.com/b/office_web_apps_server_2013_support_blog/archive/2014/03/20/office-web-apps-2013-errors-previewing-viewing-editing-documents-when-using-fba-in-the-extended-zone-but-not-the-default-zone.aspx
http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
Office Web Apps can be used only by SharePoint 2013 web applications that use claims-based authentication.
There is a known issue when using Office Web App in the extended zone with FBA, but not the default zone. Please configure FBA authentication in the Default zone in case of that.
Hope it helps.
Regards,
Rebecca Tu
TechNet Community Support
Similar Messages
-
SP4 and Form Based Authentication
Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
Patrick.Hehe Hiya Patrick!, that was Me! seems we use the same hot source of info :)
Cheers
Rob :)
"Patrick Byrne" <[email protected]> wrote in message
news:[email protected]..
Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
Patrick. -
Issues with OSSO ,custom login module and form based authentication
Hi:
We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
authentication and Custom login module.
Application is going in infinite loop when we we try to login using osso ,from the logs
what I got is looks like tha when we we try to login from OSSO application goes to the login
page and it gets the remote user from request so it forwards it to the home page till now
it is correct behaviour ,but after that It looks like home page find that authentication is
not done and sends it back to the login page and login page again sends it to the home as it
finds that remote user is not null.
Our web.xml form authentication entry looks like this :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
</form-login-config>
</login-config>
While entry in orion-application.xml has the following entry for custom login :
<jazn provider="XML">
<property name="custom.loginmodule.provider" value="true" />
<property name="role.mapping.dynamic" value="true" />
</jazn>
Whether If I change the authentication type to BASIC and add the following line
in orion-application.xml will solve the issue :
<jazn provider="XML">
<property name="custom.loginmodule.provider" value="true" />
<property name="role.mapping.dynamic" value="true" />
<jazn-web-app auth-method="SSO" >
</jazn>
Any help regarding it will be appreciated .
Thanks
AnilHi:
We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
authentication and Custom login module.
Application is going in infinite loop when we we try to login using osso ,from the logs
what I got is looks like tha when we we try to login from OSSO application goes to the login
page and it gets the remote user from request so it forwards it to the home page till now
it is correct behaviour ,but after that It looks like home page find that authentication is
not done and sends it back to the login page and login page again sends it to the home as it
finds that remote user is not null.
Our web.xml form authentication entry looks like this :
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
</form-login-config>
</login-config>
While entry in orion-application.xml has the following entry for custom login :
<jazn provider="XML">
<property name="custom.loginmodule.provider" value="true" />
<property name="role.mapping.dynamic" value="true" />
</jazn>
Whether If I change the authentication type to BASIC and add the following line
in orion-application.xml will solve the issue :
<jazn provider="XML">
<property name="custom.loginmodule.provider" value="true" />
<property name="role.mapping.dynamic" value="true" />
<jazn-web-app auth-method="SSO" >
</jazn>
Any help regarding it will be appreciated .
Thanks
Anil -
MOBI SSO with trusted authentication and form based authentication
Dear All,
I am trying to configure Trusted authentication based SSO FOR MOBI, here are the details:
- SAP BI 4.1 SP04
- Trusted authentication with HTTP header configurred for BI Launchpad and working fine.
Now to have SSO from Mobile, I plan to leverage the existing configuration of BI Launchpad and at Mobile level, I want to use authentication type as TRUSTED_AUTH_FORM, instead of TRUSTED_AUTH_BASIC, with the approach: Trusted authentication with HTTP header.
And
Provide our app users their X502 certs.
1. Will the above approach work ??
2. As per SAP NOTE: 2038165 - SSO using form based trusted auth gives with the SAP BI app for iOS gives error MOB00920 this does not work and is still under investigation from July last year ? So for any community member, has this been found working ??
I would appreciate your valuable inputs.
Regards,
Sarvjot SinghHi,
According to your post, my understanding is that you want to know the difference of the SharePoint three type user authentications.
Windows claims-based authentication uses your existing Windows authentication provider (Active Directory Domain Services [AD DS]) to validate the credentials of connecting clients. Use this authentication to allow AD DS-based accounts access to SharePoint
resources. Authentication methods include NTLM, Kerberos, and Basic.
Forms-based authentication can be used against credentials that are stored in an authentication provider that is available through the ASP.NET interface
SAML token-based authentication in SharePoint 2013 requires coordination with administrators of a claims-based environment, whether it is your own internal environment or a partner environment.
There is a good article contains all the SharePoint Authentications, including how they work and how to configure.
http://sp77.blogspot.com/2014/02/authentication-in-sharepoint-2013_5.html#.VFcyQ_mUfkJ
Thanks & Regards,
Jason
Jason Guo
TechNet Community Support -
I originally had excel web app working on prem, but since it didn't support powerview I tried my luck with excel services.
I switched to excel services by using the new-SPWOPISuppressionSetting cmdlet.
I figured to return to excel web app, I would just use the remove-SPWOPISupressionSetting cmdlet, but I removed the suppression setting and even reboot the server and it's still using excel services!
What do I have to do at this point, reinstall office web app completely? Its still working for word and powerpoint, why didn't it take back over for excel? Any tips?
ThanksHi,
From your description, my understanding is that you want to
remove the suppression settings for excel.
I could try these point below:
1.
Test the issue with another browser.
2.
Test the issue with another computer.
3.
Try to clear the cookie of your browser and test your issue.
4.
Try restart the IIS with command iisreset.
Please try command
Get-SPWOPISuppressionSetting to get
all the suppression settings on the current SharePoint farm to check if the excel is suppressed or not. You could refer to this article:
https://technet.microsoft.com/en-us/library/jj219445.aspx.
As word and PowerPoint work well, you could try command
Remove-SPWOPISuppressionSetting -Extension "XLSX" -Action "view" that you could refer to this article:
https://technet.microsoft.com/en-us/library/jj219452.aspx?f=255&MSPPError=-2147217396.
Best Regards,
Vincent Han
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected] -
Our organization has a public facing anonymous site in SharePoint 2013 which allows access to documents (docx) in a library. ViewFormsLockdown is activated as we present the documents via CQWP / custom template. We are combating the usual
issue of multiple login prompts when using Internet Explorer when a user accesses said document. We also have tried using the Word Viewer (view only mode) from Office Web Apps Server 2013 which works well, but ...
the problem stems from the fact that users can go the file menu from the word view and choose to download the document (which is what we want), unfortunately it looks like the link redirects via /_layouts/15/download.aspx which also presents a login
prompt. Much has been written out there about doing direct links for documents via /_layouts/download.aspx to address multiple login prompts when the document is opening in word (from IE).
I've tried nearly every combination of recommendations (disabling client integration, browser file handling (permissive/strict), ViewFormsLockdown feature, web.config modifications with options and propfind verbs and more) all to varying levels of success,
but never totally getting rid of the prompt. It has been stated that because the downloads.aspx inherits from Microsoft.SharePoint.ApplicationPages.Download this will not allow anonymous access. We really want to use the word view from the Office
web app and have the file download functionality work from the menu there ... can anyone suggest an alternate fix? I might be wishing but will appreciate any guidance offered ...
cheers,
Dean
some reference links (but not all) for various things we've tried:
http://mohitvash.wordpress.com/2013/06/18/sharepoint-download-a-file-programatically/
http://blog.sharedove.com/adisjugo/index.php/2012/09/29/open-sharepoint-files-in-edit-mode-from-client-applications-and-not-read-only/
http://stackoverflow.com/questions/375390/office-documents-prompt-for-login-in-anonymous-sharepoint-site
http://yalla.itgroove.net/tag/anonymous-access/
GlifnardI'm glad to here that the problem has been fixed. Thank you for sharing your experience here, it will be helpful to other community members who have similar questions.
Cheers,
Steve Fan
TechNet Community Support -
Issue with office web apps sorry, there was a problem and we can't open this document.
Hi All,
i am having issue when trying to open the word file using office web apps farm. i have multi-tier farm (2 wfe, 2 apps and 2 owa). is that something wrong with certificate or the way AAM configured. Can anyone give me some direction please?Hi,
According to your description, my understanding is that you failed to open the word file using office web app.
Please open the word file using office web app in other SharePoint sites and test whether this issue occurs. Also, please test whether all words have this issue.
Please reset IIS on the OWA server.
Please disconnect the SharePoint Farm from Office Web Apps and reconnect it. Then check the WOPIZone and TMG server.
Please created certificate for your PC and update mappings of IP addresses.
Some useful posts for your reference:
https://social.technet.microsoft.com/Forums/office/en-US/fdbf2198-5a62-422a-9015-a65599eabeb5/office-web-apps-2013-sorry-there-was-a-problem-and-we-cant-open-this-document-if-this-happens?forum=sharepointadmin
https://social.technet.microsoft.com/Forums/office/en-US/154e9673-8227-4913-9f2a-97677e4c5314/sorry-there-was-a-problem-and-we-cant-open-that-document?forum=sharepointadminprevious
http://sharepoint.stackexchange.com/questions/66013/a-problem-with-a-websites-security-certificate-for-apps
Best Regards,
Dean Wang
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected] -
When I try to open any docx file from the SharePoint it opens on web via office web apps, and when I choose edit document > edit in Word , Microsoft word show me this error "Sorry, we couldn't find your file.
Is it possible it was moved, renamed or deleted?" followed by half a url to the end users document on onedrive.
I noted that this problem only happens with Docx files, with specific users and only when you try to open the Docx file from OneDrive folder ( SkyDrive ) which is hosted in the MySite.
Any Help?Hi,
According to your post, my understanding is that you failed to open the Docx file from OneDrive folder ( SkyDrive ).
Since this problem only happens with Docx files, with specific users, I recommend to delete and recreate the personal site for the specific users.
More information:
Configure My Sites in SharePoint Server 2013
Best Regards,
Linda Li
Linda Li
TechNet Community Support -
Form based authentication HTTP 403 access forbidden in WL 8.1
Hi there..
I found following message posted in April-2004 by Sandeep very useful.
I also ended up getting the following HTTP 403 Forbidden access error while using Pageflow controller and Form based authentication.
I noticed 2 things. If you have a normal webapp A, which is a plain old webapp (which does not use pageflow..workshop etc..) then the following error does not occur.
It only happens with those webapps which utilizes WL 8.1's pageflow features. Note that I am not using nested page flows. I just used 1 pageflow controller and wanted to have the form based login feature for the same.
BEA's samples on form authentication talks about nested page flows and javax.security.auth.login.FailedLoginException and etc.. are they only applicable to nested pageflows?
can't I use the same to capture failed login exception within a single controller?
I tried out putting FailedLoginException exception-handler in Global.app file but it didn't catch it. Only the following work around worked. is this a bug in WL 8.1 workshop? or I am missing something.
I would appreciate if someone can clear this doubt.
I am using WL 8.1 with sp3.
Rajesh
Hey guys,
I could find the solution for my problem. Here it is
We need to add following lines of code in the erro.jsp page.
<form action"j_security_check>
....write the error mesage....
</form>
You will get rid of "403 Forbidden page" error.
Thanks,
Sandip
[email protected] (Sandip Atkole) wrote in message news:<[email protected]>...
I am trying to set up Form-Based Authentication on WebLogic 8.1
The Problem:
If the user provides correct userid/password, he gets access to the
protected resource as required, but if he provides incorrect
userid/password, he gets a 403 Forbidden page, instead of getting the
login failure page.
The Descriptors:
WEB.XML
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/Login.jsp</form-login-page>
<form-error-page>/LoginError.jsp</form-error-page>
</form-login-config>
</login-config>
Why doesn't it redirect to "/LoginError.jsp" instead of showing the
403 Forbidden page?
Thanks in advance
SandipIt seems like a bug. However when I explicitly reset the error using set status it worked for me. I added following code in my error jsp .
<%
response.setHeader("conent-type","text/html");
response.setStatus(200);
%> -
Office Web Apps - Office Web Apps was unable to find the specified certificate
Hello,
Let me start by saying I did not see a forum listed for Office Web Apps and figured the SharePoint forum would be the second best place to post this. With that said, here's my issue...
I installed OWA 2013 on a Windows Server 2012 (not R2) VM and installed all the prereqs as described here: http://technet.microsoft.com/en-us/library/jj219455(v=office.15).aspx Since this is a test environment, I'm planning on using a self-signed
cert which appears to be supported based on info found here: http://technet.microsoft.com/en-us/library/2e147f11-6f47-46bc-90bf-b2f179958d11(v=office.15)#certificate.
I created the cert using the following command:
New-SelfSignedCertificate -DnsName owa.test.local -CertStoreLocation cert:\LocalMachine\My
I then edited the cert's properties in the Cert Manager MMC snap-in and added a friendly name of "2014_OWA_Cert". I then proceeded to try and create the OWA farm by running:
New-OfficeWebAppsFarm -InternalUrl "https://owa.test.local" -CertificateName "2014_OWA_Cert" -EditingEnabled
This produces the following error:
New-OfficeWebAppsFarm : Office Web Apps was unable to find the specified certificate.
At line:1 char:1
+ New-OfficeWebAppsFarm -InternalUrl "https://owa.test.local" -CertificateNa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [New-OfficeWebAppsFarm], ArgumentException
+ FullyQualifiedErrorId : CertificateNotFound,Microsoft.Office.Web.Apps.Administration.NewFarmCommand
What gives?Hi Waqas
Thanks for your help with this. I had a look at both posts, the URL works fine from the WAC server and I am not using a System account to test docs.
Also, this is a production site that is accessible over the Internet, so we are using https therefore the WOPIZone is external-https.
Issue #3 in the above blog link does not reflect the same error I see on my servers.
I also had a look at the information in this link: http://technet.microsoft.com/en-us/library/ff431687.aspx#oauth
Problem: You receive a "Sorry, there was a problem and we can't open this document" error when you try to view an Office document in Office Web Apps.
If you added domains to the Allow List by using the
New-OfficeWebAppsHost cmdlet, make sure you’re accessing Office Web Apps from a host domain that’s in the Allow List. To view the host domains in the Allow List, on the Office Web Apps Server open the Windows PowerShell prompt as an administrator and run
the Get-OfficeWebAppsHost cmdlet. To add a domain to the Allow List, use the
New-OfficeWebAppsHost cmdlet.
I have not added any domains to the Allow list so this did not help either. Should I add the domain?
Any further help with this is much appreciated.
Thanks again.
Yoshi -
Any one having idea on Form based authentication ?
Hi ,
I need help on configuring web.xml for form based authentication .
ie if any one clicks or attempts to access any page in application it should redirect to login page.
Thanks.there is no need to write a servlet filter for this any more. It is part of the servlet spec. Web containers should provide it as a matter of course. It will automatically handle the popping up of the login page, and continue to the destination on successful login, all automagically.
A quick search on Google provides several articles and examples on this very subject. Try http://www.onjava.com/pub/a/onjava/2002/06/12/form.html
Heres a quick example of web.xml config taken from that article:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/fail_login.html</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>AdminPages</web-resource-name>
<description> accessible by authorised users </description>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<description>These are the roles who have access</description>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>Cheers,
evnafets -
Office Web Apps Server IIS site disappeared?
I deployed an Office Web Apps server on a dedicated VM to be used for Lync 2013. After the initial installation / set up, I confirmed the discovery URL. It worked fine.
However, after one point in time, PowerPoint Presentations stopped working. When trying to share a PPT presentation, the Lync client popped up a message saying "Sorry, we couldn't upload <ppt file name> because we're having trouble connecting
to the service. If this keeps happening, try contacting your support team". I've done many many Lync and Office Web Apps install myself previously, and never had a message pop up like the one I saw in this case.
I tried going to the Web Apps discovery URL again, and it didn't get anywhere. I got on the Web Apps server and all the IIS sites were wiped.
I tried uninstalling the Office Web Apps server and reinstalling, but from that point on, IIS sites for Web Apps just would not appear under IIS manager.
Has anyone had similar issue with Office Web Apps?
Thanks,
Andrew Shin, TechNet Forum repliesHello,
Maybe the windows update is active and configured to Automatically download and installed update of Office Web Apps and this behavior just breaking your setup.
Try
remove the farm of WAC
Install SP1
and start new deployment of farm.
Link SP1
http://www.microsoft.com/en-us/download/details.aspx?id=42547
How update your farm Office Web Apps
http://technet.microsoft.com/en-us/library/jj966220(v=office.15).aspx
Hugs[]s
Robson Hasselhoff - Follow me @Robk9e -
Office Web Apps - Best Practice for App Pool Security Account?
Guys,
I am finalising my testing of Office Web Apps, and ready to move onto deploying it to my live farm.
Generally speaking, I put service applications in their own application pool.
Obviously by doing so this has an overhead on memory and processing, however generally speaking it is best practice from a security perspective when using separate accounts.
I have to create 3 new service applications in order to deploy Office Web Apps, in my test environment these are using the Default SharePoint app pool.
Should I create one application pool for all my office web apps with a fresh service account, or does it make no odds from a security perspective to run them in the default app pool?
Cheers,
Conrad
Conrad Goodman MCITP SA / MCTS: WSS3.0 + MOSS2007i run my OWA under it's own service account (spOWA) and use only one app pool. Just remember that if you go this route, "When
you create a new application pool, you can specify a security account used by the application pool to be either a predefined Network Service account or a managed account. The account must have db_datareader, db_datawriter, and execute permissions for the content
databases and the SharePoint configuration database, and be assigned to the db_owner role for the content databases." (http://technet.microsoft.com/en-us/library/ff431687.aspx) -
Office Web Apps 2013 with SharePoint 2013 Server
Hi All,
I have installed a separate server for Office Web Apps 2013 on Windows Server 2012 VM. I have followed TechNet's article on
Deploying Office Web Apps Server & exactly followed steps.
On SharePoint Server 2013 (Windows Server 2012), I followed TechNet’s article on
Configure Office Web Apps for SharePoint. The Office Web Apps on SharePoint 2013 environment works for
Excel document that shows “View in Browser” but
no Preview.
However, PowerPoint and Word documents doesn’t show “View in Browser”. I thought Internet Explorer 10 has some issue with Office Web Apps and checked on Chrome and results were same.
On SharePoint Server 2013 environment, I have configured 3 services applications, MMS, UPS and Excel Service.
1.) Do I need any other service applications to be enabled for OWA 2013?
I read number of blogs,
Installing Office Web Apps Server for SharePoint 2013 (Steve Mann),
Install Office Web Apps 2013 with SharePoint 2013 (Max Melcher) and Spence Harbar
(Enabling Office Web Apps Preview editing with SharePoint 2013). and all these blogs give more or less same steps that I have followed.
Strange thing is that Excel documents on my SharePoint 2013 sites are working but neither word or PowerPoint documents are not showing option for “View in Browser”.
I am using HTTP and not HTTPS.
2. Can someone please advice how could I solve the Office Web Apps 2010 on Word and PPT?
3. How to can enable preview for Excel, Word and PPT documents.
Thanks you.
Regards,
Aroh
Aroh ShuklaHi Inderjeet and Olafur,
Thanks for your reply.
@Inderjeet: That site collection feature on SP2010 works on our production environment but on SP2013 site collection there is no OWA feature. Microsoft recommends to have a separate OWA2013 server and what I create
a separate VM for OWA2013 server.
@Olafur: Your suggestion looks spot on. The OWA server does show the discovery:
Our SP2013 development server has limited RAM (4GB) and it think is causing the issue.
Let me check if increasing RAM solves the issue.
Thanks again for your suggestions. (Interjeet and Olafur).
--Aroh
Aroh Shukla -
Opening an embedded document in office web apps
Hi,
I have a test site configured to use office web apps and it works to open documents in OWA. I have a requirement to open a powerpoint presentation embedded in page in office web apps. I used the page viewer web part to do the embedding, but the document
is not opening in office web apps. There is a prompt to open the document in the desktop version of power point. I have checked that the site is configured to open the documents in OWA by default in the site collection features.
Does anybody have a suggestion on how to fix this?
thanks
SherazadHi,
According to your post, my understanding is that you want to embed a PowerPoint document which is opened in office web apps(OWA) in a page.
Here are two solution for your reference:
1.Open the document in OWA, go to File -> Share -> Embed, then copy the Embed Code and add the code into a Content Editor Web Part in the page.
2.Use Page Viewer web part to achieve it, we can get the link from the address bar after the document is opened in OWA. The link like this:
/sites/DennisSite/_layouts/15/WopiFrame.aspx?sourcedoc={D95516CC-6912-4F5B-BF13-C40286BC27A4}&file=Test.pptx&action=default
Thanks,
Dennis Guo
TechNet Community Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Dennis Guo
TechNet Community Support
Maybe you are looking for
-
External iSight microphone not working with Mac Pro
i have researched this extensively to no avail. i have an external iSight camera plugged into a pci express firewire port (i got one hoping to solve the problem). the camera works fine except for the mic. it shows up in audio inputs in system prefere
-
Want pages of my PDF to NOT SCROLL.
I have done this in the past but i have forgotten how. I have created an InDesign document and I trying to remember where the setting is for this particular preference. This PDF is a photo portfolio and it will be emailed to clients and friends etc.
-
Hi there all, Just working away as usual and I've encountered a problem with a flash app I'm making.. I can save and load variables from flash to the mySQL database, but when I load up the results one after the other I eventually run out of results t
-
Setting Content-Type in .jspx file
Hello, My application is not rendered by an HTML Browser. I need to set the contentType to application/x-ywidget+xml in my JSPX file. The content type returned is always text/xml !!! I have tried: 1. To create a phaseListener and overloading before o
-
DB13: Execute Redo log backup of remote Oracle 11g database fails
Dear Experts, First of all I have to state I am not very experienced in administrating (Oracle) databases, but I would like to ask you all the following: We run two SAP Systems with each their own database on the same host: 1. SAP SRM ABAP system on