Hi Tim,
Based on my experience, Word doesn't provide interfaces for performing
impersonation or authentication. Since the client side merge is handled an
ActiveX control, the workaround would be downloading the ".dot" file to the
client side before performing the merging.
Since this issue mainly concerns IE client side authentication, it may be
better answered in IE programming related newsgroup, such as
<microsoft.public.windows.inetexplorer.ie55.programming>
Hope this helps.
Best regards,
Lewis
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: (e-mail address removed) (TimmyG)
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Subject: Re: Opening documents from asp.net fodler sturcture
| Date: 19 Aug 2003 07:43:11 -0700
| Organization:
http://groups.google.com/
| Lines: 125
| Message-ID: <
[email protected]>
| References: <
[email protected]>
<
[email protected]>
| NNTP-Posting-Host: 81.5.185.60
| Content-Type: text/plain; charset=ISO-8859-1
| Content-Transfer-Encoding: 8bit
| X-Trace: posting.google.com 1061304191 10909 127.0.0.1 (19 Aug 2003
14:43:11 GMT)
| X-Complaints-To: (e-mail address removed)
| NNTP-Posting-Date: 19 Aug 2003 14:43:11 GMT
| Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onlin
e.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!sn-xit-03!sn-xit-06!sn-
xit-08!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:6321
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Hi Lewis,
|
| I am aware of the security settings required for client impersonation
| and they are of no concern to us (whereas maximum security is).
|
| The process is pretty much a web enabled document production system
| based around word templates stored on the server that are merged on
| the client and uploaded for saving.
|
| The client side merge is handled via an active x control.
|
| The process needs to be as seamless as possible hence i am opening the
| templates directly from the sevrer and then saving locally (to avoid a
| download dialog).
|
| The templates are stored in a sub folder under the web app route.
|
| The problem occurs when the active x control attempts to open the
| template.
|
| Code as follows:
|
| //Open word on client
| Set myWord = CreateObject("Word.Application")
|
| //Open template from server location
| myWord.Documents.Open("
http://myserver/approot/templates/template.dot",
| blah)
|
| The line above causes a network log in dialog to be displayed (if
| filled in corretly everything runs fine).
|
| As far as i can gather this is beacuse IIS / asp.net cannot
| authenticate the request from word as being from the same client that
| IE is impersonating. This is of course not greatly surprising.
|
| I was wondering about the possibilites of hosting word in IE but am
| unsure of whether i can carryout the required processing via active x
| if word is hosted in this way (but that's for another group).
|
| Equally interesting is that a log in dialog is displayed when opening
| the template; this suggests that word (or active x or whatever) is
| able to authenticate itself against the server and hints that this
| maybe possible via code, but how?
|
| I cannot see that forms auth would operate any differently in this
| circumstance because surely a request from word would be equally
| 'unauthenticated' and the app would try and redirect to the forms
| login page. Surely one cannot only open templates in this way with
| completely anonymous security on IIS / aspnet?
|
| The more i write the more i think this may be the wrong group as the
| intricasies are pretty clear. Nevertheless any help would be greatly
| appreciated.
|
| Obliged and out,
| TimmyG.
|
| (e-mail address removed) (Lewis Wang [MSFT]) wrote in message
| > Hi Timmy,
| >
| > I don't think it is a good idea to use client impersonation, since it
| > requires extra security settings on the client side. Could you provide
more
| > explanations on what you are trying to archive?
| >
| > Does it work if the control saves the document to hard drive, and then
use
| > Word to open it?
| >
| > Best regards,
| > Lewis
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| > --------------------
| > | From: (e-mail address removed) (TimmyG)
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| > | Subject: Opening documents from asp.net fodler sturcture
| > | Date: 18 Aug 2003 05:12:51 -0700
| > | Organization:
http://groups.google.com/
| > | Lines: 26
| > | Message-ID: <
[email protected]>
| > | NNTP-Posting-Host: 81.5.185.60
| > | Content-Type: text/plain; charset=ISO-8859-1
| > | Content-Transfer-Encoding: 8bit
| > | X-Trace: posting.google.com 1061208772 8614 127.0.0.1 (18 Aug 2003
| > 12:12:52 GMT)
| > | X-Complaints-To: (e-mail address removed)
| > | NNTP-Posting-Date: 18 Aug 2003 12:12:52 GMT
| > | Path:
| >
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!news-out.cwix.com!newsfeed.cwix.co
| >
m!nntp1.roc.gblx.net!nntp.gblx.net!nntp.gblx.net!priapus.visi.com!news-out.v
| >
isi.com!petbe.visi.com!news-out1.nntp.be!propagator2-sterling!news-in-sterli
| >
ng.newsfeed.com!tdsnet-transit!newspeer.tds.net!sn-xit-02!sn-xit-04!sn-xit-0
| > 1!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
| > | Xref: cpmsftngxa06.phx.gbl
| > microsoft.public.dotnet.framework.aspnet.security:6303
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| > |
| > | Hello all,
| > |
| > | We have an asp.net app protected with integrated security. Part of
| > | this application carries out document prodcution and management via a
| > | mixture of asp.net code and activex client controls.
| > |
| > | The problem occurs when trying to open documents / templates (ms word)
| > | from the folder structures under the asp.net app root.
| > |
| > | It is imporatnt that we open these documents in word itself and not
| > | through a browser window (as we automate from the client).
| > |
| > | When trying to open a doc / template we are presented with a netwrok
| > | log on box. I can only presume that this is happening because word is
| > | making the request to the web app to open the doc (we open directly
| > | from server). This would be becasue the dir structure is protected by
| > | the web config and iis settings. This is really not acceptale. We are
| > | using client impersonation and this obviously (and unsurprisingly)
| > | doesnt apply to requests made by word.
| > |
| > | Can anyone offer any solution to this problem i.e. impersonating from
| > | activex / word or maybe using a different web config for the doc
| > | subfolder?
| > |
| > | Obliged and out,
| > | TimmyG.
| > |
|
