Office Web Apps and Forms Based Authentication

Similar Messages

• SP4 and Form Based Authentication

  Hi,
  I had just advised a customer to apply SP4 to WLS and
  then plug in the 'source code' patch, he replied that he had
  been informed that SP4 breaks Form Based Authentication for
  war web apps?
  Can anyone confirm/deny this for me please ?
  regards,
       Patrick.

  Hehe Hiya Patrick!, that was Me! seems we use the same hot source of info :)
  Cheers
  Rob :)
  "Patrick Byrne" <[email protected]> wrote in message
  news:[email protected]..
  Hi,
  I had just advised a customer to apply SP4 to WLS and
  then plug in the 'source code' patch, he replied that he had
  been informed that SP4 breaks Form Based Authentication for
  war web apps?
  Can anyone confirm/deny this for me please ?
  regards,
  Patrick.

• Issues with OSSO ,custom login module and form based authentication

  Hi:
  We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
  authentication and Custom login module.
  Application is going in infinite loop when we we try to login using osso ,from the logs
  what I got is looks like tha when we we try to login from OSSO application goes to the login
  page and it gets the remote user from request so it forwards it to the home page till now
  it is correct behaviour ,but after that It looks like home page find that authentication is
  not done and sends it back to the login page and login page again sends it to the home as it
  finds that remote user is not null.
  Our web.xml form authentication entry looks like this :
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/jsp/login.jsp</form-login-page>
  <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
  </form-login-config>
  </login-config>
  While entry in orion-application.xml has the following entry for custom login :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  </jazn>
  Whether If I change the authentication type to BASIC and add the following line
  in orion-application.xml will solve the issue :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  <jazn-web-app auth-method="SSO" >
  </jazn>
  Any help regarding it will be appreciated .
  Thanks
  Anil

  Hi:
  We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
  authentication and Custom login module.
  Application is going in infinite loop when we we try to login using osso ,from the logs
  what I got is looks like tha when we we try to login from OSSO application goes to the login
  page and it gets the remote user from request so it forwards it to the home page till now
  it is correct behaviour ,but after that It looks like home page find that authentication is
  not done and sends it back to the login page and login page again sends it to the home as it
  finds that remote user is not null.
  Our web.xml form authentication entry looks like this :
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/jsp/login.jsp</form-login-page>
  <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
  </form-login-config>
  </login-config>
  While entry in orion-application.xml has the following entry for custom login :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  </jazn>
  Whether If I change the authentication type to BASIC and add the following line
  in orion-application.xml will solve the issue :
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true" />
  <property name="role.mapping.dynamic" value="true" />
  <jazn-web-app auth-method="SSO" >
  </jazn>
  Any help regarding it will be appreciated .
  Thanks
  Anil

• MOBI SSO with trusted authentication and form based authentication

  Dear All,
  I am trying to configure Trusted authentication based SSO FOR MOBI, here are the details:
  - SAP BI 4.1 SP04
  - Trusted authentication with HTTP header configurred for BI Launchpad and working fine.
  Now to have SSO from Mobile, I plan to leverage the existing configuration of BI Launchpad and at Mobile level, I want to use authentication type as TRUSTED_AUTH_FORM, instead of TRUSTED_AUTH_BASIC, with the approach: Trusted authentication with HTTP header.
  And
  Provide our app users their X502 certs.
  1. Will the above approach work ??
  2. As per SAP NOTE: 2038165 - SSO using form based trusted auth gives with the SAP BI app for iOS gives error MOB00920 this does not work and is still under investigation from July last year ? So for any community member, has this been found working ??
  I would appreciate your valuable inputs.
  Regards,
  Sarvjot Singh

  Hi,
  According to your post, my understanding is that you want to know the difference of the SharePoint three type user authentications.
  Windows claims-based authentication uses your existing Windows authentication provider (Active Directory Domain Services [AD DS]) to validate the credentials of connecting clients. Use this authentication to allow AD DS-based accounts access to SharePoint
  resources. Authentication methods include NTLM, Kerberos, and Basic.
  Forms-based authentication can be used against credentials that are stored in an authentication provider that is available through the ASP.NET interface
  SAML token-based authentication in SharePoint 2013 requires coordination with administrators of a claims-based environment, whether it is your own internal environment or a partner environment.
  There is a good article contains all the SharePoint Authentications, including how they work and how to configure.
  http://sp77.blogspot.com/2014/02/authentication-in-sharepoint-2013_5.html#.VFcyQ_mUfkJ
  Thanks & Regards,
  Jason
  Jason Guo
  TechNet Community Support

• I switched to excel services from office web app, and i want to revert my changes. remove-spwopisupressionSetting doesnt work!

  I originally had excel web app working on prem, but since it didn't support powerview I tried my luck with excel services.
  I switched to excel services by using the new-SPWOPISuppressionSetting cmdlet.
  I figured to return to excel web app, I would just use the remove-SPWOPISupressionSetting cmdlet, but I removed the suppression setting and even reboot the server and it's still using excel services!
  What do I have to do at this point, reinstall office web app completely? Its still working for word and powerpoint, why didn't it take back over for excel? Any tips?
  Thanks

  Hi,
  From your description, my understanding is that you want to
  remove the suppression settings for excel.
  I could try these point below:
  1.      
  Test the issue with another browser.
  2.      
  Test the issue with another computer.
  3.      
  Try to clear the cookie of your browser and test your issue.
  4.      
  Try restart the IIS with command iisreset.
  Please try command
  Get-SPWOPISuppressionSetting to get
  all the suppression settings on the current SharePoint farm to check if the excel is suppressed or not. You could refer to this article:
  https://technet.microsoft.com/en-us/library/jj219445.aspx.
  As word and PowerPoint work well, you could try command
  Remove-SPWOPISuppressionSetting -Extension "XLSX" -Action "view" that you could refer to this article:
  https://technet.microsoft.com/en-us/library/jj219452.aspx?f=255&MSPPError=-2147217396.
  Best Regards,
  Vincent Han
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• SharePoint 2013 Anonymous (public) site and Office Web Apps Server 2013 issue with download.aspx

  Our organization has a public facing anonymous site in SharePoint 2013 which allows access to documents (docx) in a library.  ViewFormsLockdown is activated as we present the documents via CQWP / custom template.  We are combating the usual
  issue of multiple login prompts when using Internet Explorer when a user accesses said document.  We also have tried  using the Word Viewer (view only mode) from Office Web Apps Server 2013 which works well, but ...
  the problem stems from the fact that users can go the file menu from the word view and choose to download the document (which is what we want),  unfortunately it looks like the link redirects via /_layouts/15/download.aspx which also presents a login
  prompt. Much has been written out there about doing direct links for documents via /_layouts/download.aspx to address multiple login prompts when the document is opening in word (from IE).
  I've tried nearly every combination of recommendations (disabling client integration, browser file handling (permissive/strict), ViewFormsLockdown feature, web.config modifications with options and propfind verbs and more) all to varying levels of success,
  but never totally getting rid of the prompt.  It has been stated that because the downloads.aspx inherits from Microsoft.SharePoint.ApplicationPages.Download this will not allow anonymous access.  We really want to use the word view from the Office
  web app and have the file download functionality work from the menu there ... can anyone suggest an alternate fix?  I might be wishing but will appreciate any guidance offered ...
  cheers,
  Dean
  some reference links (but not all) for various things we've tried:
  http://mohitvash.wordpress.com/2013/06/18/sharepoint-download-a-file-programatically/
  http://blog.sharedove.com/adisjugo/index.php/2012/09/29/open-sharepoint-files-in-edit-mode-from-client-applications-and-not-read-only/
  http://stackoverflow.com/questions/375390/office-documents-prompt-for-login-in-anonymous-sharepoint-site
  http://yalla.itgroove.net/tag/anonymous-access/
  Glifnard

  I'm glad to here that the problem has been fixed. Thank you for sharing your experience here, it will be helpful to other community members who have similar questions.
  Cheers,
  Steve Fan
  TechNet Community Support

• Issue with office web apps sorry, there was a problem and we can't open this document.

  Hi All,
  i am having issue when trying to open the word file using office web apps farm. i have multi-tier farm (2 wfe, 2 apps and 2 owa). is that something wrong with certificate or the way AAM configured. Can anyone give me some direction please?

  Hi,
  According to your description, my understanding is that you failed to open the word file using office web app.
  Please open the word file using office web app in other SharePoint sites and test whether this issue occurs. Also, please test whether all words have this issue.
  Please reset IIS on the OWA server.
  Please disconnect the SharePoint Farm from Office Web Apps and reconnect it. Then check the WOPIZone and TMG server.
  Please created certificate for your PC and update mappings of IP addresses.
  Some useful posts for your reference:
  https://social.technet.microsoft.com/Forums/office/en-US/fdbf2198-5a62-422a-9015-a65599eabeb5/office-web-apps-2013-sorry-there-was-a-problem-and-we-cant-open-this-document-if-this-happens?forum=sharepointadmin
  https://social.technet.microsoft.com/Forums/office/en-US/154e9673-8227-4913-9f2a-97677e4c5314/sorry-there-was-a-problem-and-we-cant-open-that-document?forum=sharepointadminprevious
  http://sharepoint.stackexchange.com/questions/66013/a-problem-with-a-websites-security-certificate-for-apps
  Best Regards,
  Dean Wang
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• "Sorry, we couldn't find your file. Is it possible it was moved, renamed or deleted?" Error with SharePoint 2013 and Office Web Apps

  When I try to open any docx file from the SharePoint it opens on web via office web apps, and when I choose edit document > edit in Word , Microsoft word show me this error "Sorry, we couldn't find your file.
  Is it possible it was moved, renamed or deleted?" followed by half a url to the end users document on onedrive.
  I noted that this problem only happens with Docx files, with specific users  and only when you try to open the Docx file from OneDrive folder ( SkyDrive ) which is hosted in the MySite.
  Any Help?

  Hi,
  According to your post, my understanding is that you failed to open the Docx file from OneDrive folder ( SkyDrive ).
  Since this problem only happens with Docx files, with specific users, I recommend to delete and recreate the personal site for the specific users.
  More information:
  Configure My Sites in SharePoint Server 2013
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support

• Form based authentication HTTP 403 access forbidden in WL 8.1

  Hi there..
  I found following message posted in April-2004 by Sandeep very useful.
  I also ended up getting the following HTTP 403 Forbidden access error while using Pageflow controller and Form based authentication.
  I noticed 2 things. If you have a normal webapp A, which is a plain old webapp (which does not use pageflow..workshop etc..) then the following error does not occur.
  It only happens with those webapps which utilizes WL 8.1's pageflow features. Note that I am not using nested page flows. I just used 1 pageflow controller and wanted to have the form based login feature for the same.
  BEA's samples on form authentication talks about nested page flows and javax.security.auth.login.FailedLoginException and etc.. are they only applicable to nested pageflows?
  can't I use the same to capture failed login exception within a single controller?
  I tried out putting FailedLoginException exception-handler in Global.app file but it didn't catch it. Only the following work around worked. is this a bug in WL 8.1 workshop? or I am missing something.
  I would appreciate if someone can clear this doubt.
  I am using WL 8.1 with sp3.
  Rajesh
  Hey guys,
  I could find the solution for my problem. Here it is
  We need to add following lines of code in the erro.jsp page.
  <form action"j_security_check>
  ....write the error mesage....
  </form>
  You will get rid of "403 Forbidden page" error.
  Thanks,
  Sandip
  [email protected] (Sandip Atkole) wrote in message news:<[email protected]>...
  I am trying to set up Form-Based Authentication on WebLogic 8.1
  The Problem:
  If the user provides correct userid/password, he gets access to the
  protected resource as required, but if he provides incorrect
  userid/password, he gets a 403 Forbidden page, instead of getting the
  login failure page.
  The Descriptors:
  WEB.XML
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/Login.jsp</form-login-page>
  <form-error-page>/LoginError.jsp</form-error-page>
  </form-login-config>
  </login-config>
  Why doesn't it redirect to "/LoginError.jsp" instead of showing the
  403 Forbidden page?
  Thanks in advance
  Sandip

  It seems like a bug. However when I explicitly reset the error using set status it worked for me. I added following code in my error jsp .
  <%     
       response.setHeader("conent-type","text/html");
       response.setStatus(200);
  %>

• Office Web Apps - Office Web Apps was unable to find the specified certificate

  Hello,
  Let me start by saying I did not see a forum listed for Office Web Apps and figured the SharePoint forum would be the second best place to post this.  With that said, here's my issue...
  I installed OWA 2013 on a Windows Server 2012 (not R2) VM and installed all the prereqs as described here: http://technet.microsoft.com/en-us/library/jj219455(v=office.15).aspx  Since this is a test environment, I'm planning on using a self-signed
  cert which appears to be supported based on info found here: http://technet.microsoft.com/en-us/library/2e147f11-6f47-46bc-90bf-b2f179958d11(v=office.15)#certificate.  
  I created the cert using the following command:
  New-SelfSignedCertificate -DnsName owa.test.local -CertStoreLocation cert:\LocalMachine\My
  I then edited the cert's properties in the Cert Manager MMC snap-in and added a friendly name of "2014_OWA_Cert".  I then proceeded to try and create the OWA farm by running:
  New-OfficeWebAppsFarm -InternalUrl "https://owa.test.local" -CertificateName "2014_OWA_Cert" -EditingEnabled
  This produces the following error:
  New-OfficeWebAppsFarm : Office Web Apps was unable to find the specified certificate.
  At line:1 char:1
  + New-OfficeWebAppsFarm -InternalUrl "https://owa.test.local" -CertificateNa ...
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  + CategoryInfo : ObjectNotFound: (:) [New-OfficeWebAppsFarm], ArgumentException
  + FullyQualifiedErrorId : CertificateNotFound,Microsoft.Office.Web.Apps.Administration.NewFarmCommand
  What gives?  

  Hi Waqas
  Thanks for your help with this. I had a look at both posts, the URL works fine from the WAC server and I am not using a System account to test docs.
  Also, this is a production site that is accessible over the Internet, so we are using https therefore the WOPIZone is external-https.
  Issue #3 in the above blog link does not reflect the same error I see on my servers.
  I also had a look at the information in this link: http://technet.microsoft.com/en-us/library/ff431687.aspx#oauth
  Problem: You receive a "Sorry, there was a problem and we can't open this document" error when you try to view an Office document in Office Web Apps.
  If you added domains to the Allow List by using the
  New-OfficeWebAppsHost cmdlet, make sure you’re accessing Office Web Apps from a host domain that’s in the Allow List. To view the host domains in the Allow List, on the Office Web Apps Server open the Windows PowerShell prompt as an administrator and run
  the Get-OfficeWebAppsHost cmdlet. To add a domain to the Allow List, use the
  New-OfficeWebAppsHost cmdlet.
  I have not added any domains to the Allow list so this did not help either. Should I add the domain?
  Any further help with this is much appreciated.
  Thanks again.
  Yoshi

• Any one having idea on Form based authentication ?

  Hi ,
  I need help on configuring web.xml for form based authentication .
  ie if any one clicks or attempts to access any page in application it should redirect to login page.
  Thanks.

  there is no need to write a servlet filter for this any more. It is part of the servlet spec. Web containers should provide it as a matter of course. It will automatically handle the popping up of the login page, and continue to the destination on successful login, all automagically.
  A quick search on Google provides several articles and examples on this very subject. Try http://www.onjava.com/pub/a/onjava/2002/06/12/form.html
  Heres a quick example of web.xml config taken from that article:
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/login.jsp</form-login-page>
  <form-error-page>/fail_login.html</form-error-page>
  </form-login-config>
  </login-config>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AdminPages</web-resource-name>
  <description> accessible by authorised users </description>
  <url-pattern>/admin/*</url-pattern>
  <http-method>GET</http-method>
  </web-resource-collection>
  <auth-constraint>
  <description>These are the roles who have access</description>
  <role-name>manager</role-name>
  </auth-constraint>
  </security-constraint>Cheers,
  evnafets

• Office Web Apps Server IIS site disappeared?

  I deployed an Office Web Apps server on a dedicated VM to be used for Lync 2013. After the initial installation / set up, I confirmed the discovery URL. It worked fine.
  However, after one point in time, PowerPoint Presentations stopped working. When trying to share a PPT presentation, the Lync client popped up a message saying "Sorry, we couldn't upload <ppt file name> because we're having trouble connecting
  to the service. If this keeps happening, try contacting your support team". I've done many many Lync and Office Web Apps install myself previously, and never had a message pop up like the one I saw in this case.
  I tried going to the Web Apps discovery URL again, and it didn't get anywhere. I got on the Web Apps server and all the IIS sites were wiped.
  I tried uninstalling the Office Web Apps server and reinstalling, but from that point on, IIS sites for Web Apps just would not appear under IIS manager.
  Has anyone had similar issue with Office Web Apps?
  Thanks,
  Andrew Shin, TechNet Forum replies

  Hello,
  Maybe the windows update is active and configured to Automatically download and installed update of Office Web Apps and this behavior just breaking your setup.
  Try
  remove the farm of WAC
  Install SP1  
  and start new deployment of farm.
  Link SP1
   http://www.microsoft.com/en-us/download/details.aspx?id=42547
  How update your farm Office Web Apps
   http://technet.microsoft.com/en-us/library/jj966220(v=office.15).aspx
  Hugs[]s
  Robson Hasselhoff - Follow me @Robk9e

• Office Web Apps - Best Practice for App Pool Security Account?

  Guys,
  I am finalising my testing of Office Web Apps, and ready to move onto deploying it to my live farm.
  Generally speaking, I put service applications in their own application pool.
  Obviously by doing so this has an overhead on memory and processing, however generally speaking it is best practice from a security perspective when using separate accounts.
  I have to create 3 new service applications in order to deploy Office Web Apps, in my test environment these are using the Default SharePoint app pool. 
  Should I create one application pool for all my office web apps with a fresh service account, or does it make no odds from a security perspective to run them in the default app pool?
  Cheers,
  Conrad
  Conrad Goodman MCITP SA / MCTS: WSS3.0 + MOSS2007

  i run my OWA under it's own service account (spOWA) and use only one app pool.  Just remember that if you go this route, "When
  you create a new application pool, you can specify a security account used by the application pool to be either a predefined Network Service account or a managed account. The account must have db_datareader, db_datawriter, and execute permissions for the content
  databases and the SharePoint configuration database, and be assigned to the db_owner role for the content databases." (http://technet.microsoft.com/en-us/library/ff431687.aspx)

• Office Web Apps 2013 with SharePoint 2013 Server

  Hi All,
  I have installed a separate server for Office Web Apps 2013 on Windows Server 2012 VM. I have followed TechNet's article on
  Deploying Office Web Apps Server & exactly followed steps.
  On SharePoint Server 2013 (Windows Server 2012), I followed TechNet’s article on
  Configure Office Web Apps for SharePoint. The Office Web Apps on SharePoint 2013 environment works for
  Excel document that shows “View in Browser” but
  no Preview.
  However, PowerPoint and Word documents doesn’t show “View in Browser”. I thought Internet Explorer 10 has some issue with Office Web Apps and checked on Chrome and results were same.
  On SharePoint Server 2013 environment, I have configured 3 services applications, MMS, UPS and Excel Service. 
  1.) Do I need any other service applications to be enabled for OWA 2013?      
  I read number of blogs,
  Installing Office Web Apps Server for SharePoint 2013 (Steve Mann),
  Install Office Web Apps 2013 with SharePoint 2013 (Max Melcher) and Spence Harbar
  (Enabling Office Web Apps Preview editing with SharePoint 2013). and all these blogs give more or less same steps that I have followed.  
  Strange thing is that Excel documents on my SharePoint 2013 sites are working but neither word or PowerPoint documents are not showing option for “View in Browser”. 
  I am using HTTP and not HTTPS.
  2. Can someone please advice how could I solve the Office Web Apps 2010 on Word and PPT?
  3. How to can enable preview for Excel, Word and PPT documents.
  Thanks you.
  Regards,
  Aroh
  Aroh Shukla

  Hi Inderjeet and Olafur,
  Thanks for your reply.
  @Inderjeet: That site collection feature on SP2010 works on our production environment but on SP2013 site collection there is no OWA feature. Microsoft recommends to have a separate OWA2013 server and what I create
  a separate VM for OWA2013 server.
  @Olafur: Your suggestion looks spot on. The OWA server does show the discovery:
  Our SP2013 development server has limited RAM (4GB) and it think is causing the issue.
  Let me check if increasing RAM solves the issue.
  Thanks again for your suggestions. (Interjeet and Olafur).
  --Aroh
  Aroh Shukla

• Opening an embedded document in office web apps

  Hi,
  I have a test site configured to use office web apps and it works to open documents in OWA. I have a requirement to open a powerpoint presentation embedded in page in office web apps. I used the page viewer web part to do the embedding, but the document
  is not opening in office web apps. There is a prompt to open the document in the desktop version of power point. I have checked that the site is configured to open the documents in OWA by default in the site collection features.
  Does anybody have a suggestion on how to fix this?
  thanks
  Sherazad

  Hi,
  According to your post, my understanding is that you want to embed a PowerPoint document which is opened in office web apps(OWA) in a page.
  Here are two solution for your reference:
  1.Open the document in OWA, go to File -> Share -> Embed, then copy the Embed Code and add the code into a Content Editor Web Part in the page.
  2.Use Page Viewer web part to achieve it,  we can get the link from the address bar after the document is opened in OWA. The link like this:
  /sites/DennisSite/_layouts/15/WopiFrame.aspx?sourcedoc={D95516CC-6912-4F5B-BF13-C40286BC27A4}&file=Test.pptx&action=default
  Thanks,
  Dennis Guo
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Dennis Guo
  TechNet Community Support