Office documents prompt for login in anonymous SharePoint site

Question

I have a MOSS 07 site that is configured for anonymous access. There is a document library within this site that also has anonymous access enabled. When an anonymous user clicks

Answer 1

Check this : Remove Login box when anonymous users download office document from SharePoint Site

http://www.theblackknightsings.com/RemoveLoginBoxWhenAnonymousUsersDownloadOfficeDocumentFromSharePointSite.aspx

When developing Extranet/Internet site in SharePoint you often want to allow anonymous access and this works fairly well. But there is one are where the out of the box experience fails regarding anonymous access and that is when you allow the users to download Microsoft Office documents. In that case IE/Office pops up a couple of Login dialogs, if the user cancels out of these the document opens as expected, but you really don't want the user to have to cancel a couple of dialogs to open your documents

The problem is that office tries to be intelligent and issues a Microsoft Office Protocol Discovery request to see how much the user is allowed to do, but SharePoint responds with access denied until the users logs in.

The solution I've found is to implement a HttpModule which rejects the Microsoft Office Protocol Discovery request if the user isn't logged in and this gets rid of the Login boxes

Answer 2

I found a solution. First of all, you open the web application config file under the inetpub. Then you find the add verbs section. In this section, many verbs were added in the installation time. Delete Options and Profind verbs and save config file. Finally test the problem and see it. The problem is finished.

Answer 3

To disable login prompt opening office documents from SharePoint 2010 do the following settings in web.config

<system.webServer>
  <security>
    <requestFiltering allowDoubleEscaping="true">
      <!-- here's where the magic happens -->
      <verbs allowUnlisted="true">
        <add verb="OPTIONS" allowed="false" />
        <add verb="PROPFIND" allowed="false" />
      </verbs>
    </requestFiltering>
  </security>
</system.webServer>

Answer 4

Unfortuantly the only work around I've found breaks some functionality for logged in users (can't upload multiple files, connect to outlook ect..)

If that is acceptable, or you want to try it and see:

1. In central admin > application management > application security > authentication providers select your web app and select your provider (likely "default").

2. Select No for client integration and save the settings.

3. Open your web config, find the line <add verb="OPTIONS,PROPFIND,PUT,LOCK,UNLOCK..... and remove the verb OPTIONS.

You should no longer be asked in ie for credentials. To reverse this simply undo both changes.

Answer 5

When opening an Office document in IE, an ActiveX component is used to call the client application, and prompt it to open the document. In other browsers, the download is a standard hyperlink, handled by the browser.

Does this happen in search results and in standard linked columns in document libraries as well?

Answer 6

Using a tool like Fiddler (as referenced/suggested in your first link reference, see http://www.fiddlertool.com/fiddler/ for more info) is the only efficient way of determining the root cause of this type of issue I'm aware of. Whatever is causing this will be happening over HTTP. A debugging proxy like Fiddler will show you exactly which URL/resource is causing the request for authentication.

On a related note, are you running a recent build of the platform? It might be wise to check to make sure this issue hasn't already been addressed by MS e.g. in a hotfix. The best list of updates I'm aware of is here: http://www.harbar.net/articles/postsp1.aspx