Making Microsoft Office to Work with WebDAV Server
Microsoft Office can open files from a WebDAV server and save them back to the server without the need to download them to local file system. To achieve this the following conditions must be met:
Your WebDAV server must support Class 2. Microsoft Office locks documents when creating and opening files for editing. If Microsoft Office is unable to lock the document it will be opened as read-only.
Your WebDAV server must be configured on the site root in case of MS Office 2007 or earlier. Microsoft Office 2007 and earlier may submit OPTIONS and PROPFIND requests to the site root (http://server/) and requires the server to respond properly. If your WebDAV server is non-root (for example http://server/dav/) Microsoft Office 2007 and earlier may open documents as read-only. There is no this issue with MS Office 2010 and later versions.
Note that this will only enable Microsoft Office to open files from WebDAV server using Windows Shell (Web Folders / mini redirector), via Microsoft Office 'Open' menu or starting a Microsoft Office application passing a document URL as a parameter. Hyperlinked documents will still open as read-only.
Opening Web-hyperlinked Microsoft Office documents in read-write mode
If you click on a hyperlink on a web page in a browser Microsoft Office will open a document as read-only. This is a default Microsoft Office behavior. To open a document in read-write mode you can use ONE of the following approaches:
Use IT Hit WebDAV Ajax Library. It can open both MS Office documents as well as any other file types. See Opening Microsoft Office Documents and Other Types of Files for Editing From a Web Page. Your server can support any authentication scheme including cookies authentication.
Or use Microsoft Office protocols. Protocol handlers are installed by Microsoft Office 2010 SP2 and later by default. Your server must support one of the following authentication schemes:
- Challenge-response authentication (Basic, Digest, NTLM or Kerberos).
- Anonymous or URL-authentication.
Or set OpenDocumentsReadWriteWhileBrowsing DWORD Value on a client machine under the key
Set the Value data to 1.
Microsoft Office Authentication
To open the document from the server, Microsoft Office is using two different components one of which is the Microsoft mini redirector. Some versions of the mini redirector on Windows XP and 2003 require OPTIONS request to be processed without authentication if Basic or Digest is used. So in this case you will need to enable unauthenticated OPTIONS requests.
On the contrary, all PROPFIND requests must be authenticated unless the server is anonymous. If any of the PROPFIND requests are processed without authentication while others request authentication, Microsoft Office may open your file as read-only.
Microsoft Office on Windows and OS X as well as Windows Shell (Web Folders / mini-redirector), requires secure SSL connection when used with Basic authentication. Microsoft Office will fail to open a document via insecure connection with Basic authentication. For a workaround please see the following articles. In case of MS Office Windows: You cannot open Office file types directly from a server that only supports Basic Authentication over a non-SSL connection with Office applications. In case of MS Office on OS X: You cannot open Office for Mac files directly from a server that supports only Basic authentication over a non-SSL connection.
Microsoft Office Office Mobile Applications Support
You can open documents for editing on your mobile device from your server in MS Office Mobile apps using following approaches:
- Using Sample WebDAV Client provided with WebDAV Client Library for .NET. You can use Microsoft Office Mobile (or any other iOS application) Locations dialog to browse server content and open documents.
- Or open documents from a web page or via a Recent files list. This approach has following limitations:
- Microsoft Office Mobile apps for iOS and Android support Basic, Digest, Anonymous and URL-authentication. MS-OFBA and Cookies/Forms authentication are NOT supported.
- Microsoft Office Mobile apps for iOS can Android open documents from a web page and via Recent files list. Opening documents via Open dialog inside Microsoft Office Mobile apps is NOT supported.
How do I avoid login dialog when using Microsoft Office?
Microsoft Office applications always ask for the authentication when used with Basic and Digest authentication. If you check "Remember my password" checkbox it will still display the login dialog, but the username and password will be already filled in, so you just click "OK".
Here are some options to consider to totally avoid login dialog with Microsoft Office:
- Implement cookies authentication. Than use the IT Hit WebDAV Ajax Library to open documents.
- Or implement Office Forms Based Authentication Protocol (MS-OFBA). You can create a sample MS-OFBA implementation using ‘Add WebDAV Server Implementation’ wizard. Find more information about MS-OFBA comparing to other authentication schemes in this article. The login dialog will be displayed one time during first document access.
- Or use NTLM or Kerberos authentication. By default MS Office will ask for credentials only 1 time during first document access. The login dialog default configuration can be changed in Active Directory settings.
- Or implement URL-authentication. Your URLs will look like http://server/[SessionID1234567890]/path/file.docx
Why Microsoft Office still opens my document as read-only?
Here are some troubleshooting tips if Microsoft Office files open as read-only from a WebDAV server.
Examine your server log for exceptions. Before opening a document from a WebDAV server, Microsoft Office submits LOCK request. This request must succeed, otherwise the document will be opened as read-only. Depending on Microsoft Office version and operating system it may submit a bunch of other requests. Check your server log and make sure all requests were successful. By default your server log is located in \App_Data\WebDAV\Logs\ folder.
Examine WebDAV requests with a Fiddler tool. While all requests that reached the WebDAV server Engine are logged, if the request failed before being processed by the Engine you will not find it in the log. Usually, this happens if the request failed during the authentication stage. In this case, use the free Fiddler tool or any other debugging proxy to examine the requests.
Note that to capture requests using Fiddler on 'localhost' you must use 'localhost.fiddler' instead of 'localhost' when connecting to the server, for example: http://localhost.fiddler:1234.
- Clear Microsoft Office WebDAV cache in registry. Microsoft Office reads WebDAV server options when connecting to server first time and stores them for later use. If your server settings have changed during development (or you just fixed some server issues) you may need to delete these settings. The Microsoft Office WebDAV cache is stored under the key:
HKEY_CURRENT_USER\Software\Microsoft\Office\<version>\Common\Internet\Server Cache\To clear cache just delete all keys under this key. In a development environment, we suggest always clearing the cache if your WebDAV server class has changed or after authentication scheme has changed. As an alternative to deleting cache, you can just reconfigure your server to run on a different port.
Note that in a production environment usually you do not need to clear this cache or change port as soon as you server settings do not change often while Microsoft Office will re-request server options after some time.
Exclude client side MS Office issues. Finally, there could be issues with Microsoft Office installation or components registration. Use our demo WebDAV server (or any Class 2 WebDAV server sample provided with SDK) to open, edit and save MS Office documents. Open www.ajaxbrowser.com on a computer with MS Office installed, then right-click on Microsoft Office document in files list pane and select Edit Document command in the context menu. The document should open in read-write mode and you can click Save button on a toolbar to save the document directly to the server.