Ask a Question related to ASP.NET Security, Design and Development.
-
TimmyG #1
Opening documents from asp.net fodler sturcture
Hello all,
We have an asp.net app protected with integrated security. Part of
this application carries out document prodcution and management via a
mixture of asp.net code and activex client controls.
The problem occurs when trying to open documents / templates (ms word)
from the folder structures under the asp.net app root.
It is imporatnt that we open these documents in word itself and not
through a browser window (as we automate from the client).
When trying to open a doc / template we are presented with a netwrok
log on box. I can only presume that this is happening because word is
making the request to the web app to open the doc (we open directly
from server). This would be becasue the dir structure is protected by
the web config and iis settings. This is really not acceptale. We are
using client impersonation and this obviously (and unsurprisingly)
doesnt apply to requests made by word.
Can anyone offer any solution to this problem i.e. impersonating from
activex / word or maybe using a different web config for the doc
subfolder?
Obliged and out,
TimmyG.
TimmyG Guest
-
Opening documents by DDE
I'm not sure if this is the right place to ask, but nevertheless: My application used to connect to Acrobat Reader 7.0 via DDE in order to open/close... -
Opening word documents (.doc) on a cd?
Hi all, First off, i am a director newbie. Planning to create a cd for the pc which has some word documents on it. Can i open this documents in... -
Opening Quark 6 documents in ID CS
Can anyone tell me if there is a plugin that will allow ID CS to import Quark 6 files? I get an errror message stating that "ID may not support the... -
opening documents on external program
is your movie in a far deep folder ? sometimes paths too long or containing spaces can make problems..... I'm suggesting that 'cause I use Filextra4... -
opening documents on external programs
I'm a beginner in Director, and I am currently using Director MX. I am making a CD for distribution, and on the CD I have several large pictures at... -
Lewis Wang [MSFT] #2 RE: Opening documents from asp.net fodler sturcture
Hi Timmy,
I don't think it is a good idea to use client impersonation, since it
requires extra security settings on the client side. Could you provide more
explanations on what you are trying to archive?
Does it work if the control saves the document to hard drive, and then use
Word to open it?
Best regards,
Lewis
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: [email]tim@pracctice.com[/email] (TimmyG)
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Subject: Opening documents from asp.net fodler sturcture
| Date: 18 Aug 2003 05:12:51 -0700
| Organization: [url]http://groups.google.com/[/url]
| Lines: 26
| Message-ID: <3eab3b41.0308180412.102f39f9@posting.google.com >
| NNTP-Posting-Host: 81.5.185.60
| Content-Type: text/plain; charset=ISO-8859-1
| Content-Transfer-Encoding: 8bit
| X-Trace: posting.google.com 1061208772 8614 127.0.0.1 (18 Aug 2003
12:12:52 GMT)
| X-Complaints-To: [email]groups-abuse@google.com[/email]
| NNTP-Posting-Date: 18 Aug 2003 12:12:52 GMT
| Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!news-out.cwix.com!newsfeed.cwix.co
m!nntp1.roc.gblx.net!nntp.gblx.net!nntp.gblx.net!p riapus.visi.com!news-out.v
isi.com!petbe.visi.com!news-out1.nntp.be!propagator2-sterling!news-in-sterli
ng.newsfeed.com!tdsnet-transit!newspeer.tds.net!sn-xit-02!sn-xit-04!sn-xit-0
1!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security: 6303
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Hello all,
|
| We have an asp.net app protected with integrated security. Part of
| this application carries out document prodcution and management via a
| mixture of asp.net code and activex client controls.
|
| The problem occurs when trying to open documents / templates (ms word)
| from the folder structures under the asp.net app root.
|
| It is imporatnt that we open these documents in word itself and not
| through a browser window (as we automate from the client).
|
| When trying to open a doc / template we are presented with a netwrok
| log on box. I can only presume that this is happening because word is
| making the request to the web app to open the doc (we open directly
| from server). This would be becasue the dir structure is protected by
| the web config and iis settings. This is really not acceptale. We are
| using client impersonation and this obviously (and unsurprisingly)
| doesnt apply to requests made by word.
|
| Can anyone offer any solution to this problem i.e. impersonating from
| activex / word or maybe using a different web config for the doc
| subfolder?
|
| Obliged and out,
| TimmyG.
|
Lewis Wang [MSFT] Guest
-
Lewis Wang [MSFT] #3 Re: Opening documents from asp.net fodler sturcture
Hi Tim,
Based on my experience, Word doesn't provide interfaces for performing
impersonation or authentication. Since the client side merge is handled an
ActiveX control, the workaround would be downloading the ".dot" file to the
client side before performing the merging.
Since this issue mainly concerns IE client side authentication, it may be
better answered in IE programming related newsgroup, such as
<microsoft.public.windows.inetexplorer.ie55.progra mming>
Hope this helps.
Best regards,
Lewis
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: [email]tim@pracctice.com[/email] (TimmyG)
| Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| Subject: Re: Opening documents from asp.net fodler sturcture
| Date: 19 Aug 2003 07:43:11 -0700
| Organization: [url]http://groups.google.com/[/url]
| Lines: 125
| Message-ID: <3eab3b41.0308190643.632d3744@posting.google.com >
| References: <3eab3b41.0308180412.102f39f9@posting.google.com >
<igjXJOiZDHA.2080@cpmsftngxa06.phx.gbl>
| NNTP-Posting-Host: 81.5.185.60
| Content-Type: text/plain; charset=ISO-8859-1
| Content-Transfer-Encoding: 8bit
| X-Trace: posting.google.com 1061304191 10909 127.0.0.1 (19 Aug 2003
14:43:11 GMT)
| X-Complaints-To: [email]groups-abuse@google.com[/email]
| NNTP-Posting-Date: 19 Aug 2003 14:43:11 GMT
| Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin
e.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!sn-xit-03!sn-xit-06!sn-
xit-08!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
| Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security: 6321
| X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
|
| Hi Lewis,
|
| I am aware of the security settings required for client impersonation
| and they are of no concern to us (whereas maximum security is).
|
| The process is pretty much a web enabled document production system
| based around word templates stored on the server that are merged on
| the client and uploaded for saving.
|
| The client side merge is handled via an active x control.
|
| The process needs to be as seamless as possible hence i am opening the
| templates directly from the sevrer and then saving locally (to avoid a
| download dialog).
|
| The templates are stored in a sub folder under the web app route.
|
| The problem occurs when the active x control attempts to open the
| template.
|
| Code as follows:
|
| //Open word on client
| Set myWord = CreateObject("Word.Application")
|
| //Open template from server location
| myWord.Documents.Open("http://myserver/approot/templates/template.dot",
| blah)
|
| The line above causes a network log in dialog to be displayed (if
| filled in corretly everything runs fine).
|
| As far as i can gather this is beacuse IIS / asp.net cannot
| authenticate the request from word as being from the same client that
| IE is impersonating. This is of course not greatly surprising.
|
| I was wondering about the possibilites of hosting word in IE but am
| unsure of whether i can carryout the required processing via active x
| if word is hosted in this way (but that's for another group).
|
| Equally interesting is that a log in dialog is displayed when opening
| the template; this suggests that word (or active x or whatever) is
| able to authenticate itself against the server and hints that this
| maybe possible via code, but how?
|
| I cannot see that forms auth would operate any differently in this
| circumstance because surely a request from word would be equally
| 'unauthenticated' and the app would try and redirect to the forms
| login page. Surely one cannot only open templates in this way with
| completely anonymous security on IIS / aspnet?
|
| The more i write the more i think this may be the wrong group as the
| intricasies are pretty clear. Nevertheless any help would be greatly
| appreciated.
|
| Obliged and out,
| TimmyG.
|
| [email]v-lwang@online.microsoft.com[/email] (Lewis Wang [MSFT]) wrote in message
news:<igjXJOiZDHA.2080@cpmsftngxa06.phx.gbl>...
| > Hi Timmy,
| >
| > I don't think it is a good idea to use client impersonation, since it
| > requires extra security settings on the client side. Could you provide
more
| > explanations on what you are trying to archive?
| >
| > Does it work if the control saves the document to hard drive, and then
use
| > Word to open it?
| >
| > Best regards,
| > Lewis
| >
| > This posting is provided "AS IS" with no warranties, and confers no
rights.
| >
| > --------------------
| > | From: [email]tim@pracctice.com[/email] (TimmyG)
| > | Newsgroups: microsoft.public.dotnet.framework.aspnet.security
| > | Subject: Opening documents from asp.net fodler sturcture
| > | Date: 18 Aug 2003 05:12:51 -0700
| > | Organization: [url]http://groups.google.com/[/url]
| > | Lines: 26
| > | Message-ID: <3eab3b41.0308180412.102f39f9@posting.google.com >
| > | NNTP-Posting-Host: 81.5.185.60
| > | Content-Type: text/plain; charset=ISO-8859-1
| > | Content-Transfer-Encoding: 8bit
| > | X-Trace: posting.google.com 1061208772 8614 127.0.0.1 (18 Aug 2003
| > 12:12:52 GMT)
| > | X-Complaints-To: [email]groups-abuse@google.com[/email]
| > | NNTP-Posting-Date: 18 Aug 2003 12:12:52 GMT
| > | Path:
| >
cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!news-out.cwix.com!newsfeed.cwix.co
| >
m!nntp1.roc.gblx.net!nntp.gblx.net!nntp.gblx.net!p riapus.visi.com!news-out.v
| >
isi.com!petbe.visi.com!news-out1.nntp.be!propagator2-sterling!news-in-sterli
| >
ng.newsfeed.com!tdsnet-transit!newspeer.tds.net!sn-xit-02!sn-xit-04!sn-xit-0
| > 1!sn-xit-09!supernews.com!postnews1.google.com!not-for-mail
| > | Xref: cpmsftngxa06.phx.gbl
| > microsoft.public.dotnet.framework.aspnet.security: 6303
| > | X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
| > |
| > | Hello all,
| > |
| > | We have an asp.net app protected with integrated security. Part of
| > | this application carries out document prodcution and management via a
| > | mixture of asp.net code and activex client controls.
| > |
| > | The problem occurs when trying to open documents / templates (ms word)
| > | from the folder structures under the asp.net app root.
| > |
| > | It is imporatnt that we open these documents in word itself and not
| > | through a browser window (as we automate from the client).
| > |
| > | When trying to open a doc / template we are presented with a netwrok
| > | log on box. I can only presume that this is happening because word is
| > | making the request to the web app to open the doc (we open directly
| > | from server). This would be becasue the dir structure is protected by
| > | the web config and iis settings. This is really not acceptale. We are
| > | using client impersonation and this obviously (and unsurprisingly)
| > | doesnt apply to requests made by word.
| > |
| > | Can anyone offer any solution to this problem i.e. impersonating from
| > | activex / word or maybe using a different web config for the doc
| > | subfolder?
| > |
| > | Obliged and out,
| > | TimmyG.
| > |
|
Lewis Wang [MSFT] Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
