Reputation: 41
Ajax File Explorer: Avoid login popup (SSO)
We want to integrate "AFE (Ajax File Explorer) into our Drupal application. Our users are authenticated in Drupal and it is not possible for us to ask a second time there login/pwd while opening AFE.
We received a first answer from ITHIT:
Here is how to set login and password:
ajaxFileBrowser.GetSession().SetCredentials('User1', 'pwd');
Please note that this API sets password in XHR. Setting login and password in XHR does not provide any feedback on weather the login was successful. That is why in general I would suggest to rely on web browser login dialog which is displayed automatically instead of calling SetCredentials.
However it is not clear if it is a real and robust SSO solution. We discovered that Drupal has an webdav SSO module (https://github.com/Awnage/webdavsso), we will also investigate that part. But any comment/help welcomed.
Upvotes: 3
Views: 498
Answers (1)
Reputation: 5904
To my understanding there is no way to totally get rid of login dialog when using Basic, Digest, NTLM or Kerberos authentication with Microsoft Office.
Microsoft Office applications always ask for the authentication when used with Basic or Digest authentication. This is a Microsoft Office and Microsoft Mini-redirector limitation and there are no workaround in case your server is using Basic or Digest.
However, if you check "Remember my password" check-box it will still display the login dialog, but the user name and password will be already filled-in, so you just click "OK".
Here are some options to consider if you need to totally suppress login dialog with Microsoft Office:
- Use NTLM or Kerberos authentication. In case of NTLM or Kerberos MS Office asks for credentials only 1 time during first document access.
- Implement Office Forms Based Authentication Protocol (MS-OFBA).
Implement Url-authentiation. Your urls will look like: http://webdavserver.com/[SessionID1234567890]/path/file.docx.
In case of Url-authentiation make sure you do not include the session ID in query string, Microsoft Office will truncate it. You will have to put session ID somewhere in the path, as in the above example, which is not very convenient, when you need to mount a WebDAV folder in you file system, but still works in most cases.
Upvotes: 0
Related Questions
- How can I suppress the browser's authentication dialog?
- How do I keep Firefox from prompting for username/password with HTTP Basic Auth with JQuery AJAX?
- Login to ADFS without redirect
- Customize the prompts about opening documents in WebDAV Server Engine for .NET
- How do I get rid of security warning in IT Hit Ajax File Browser when opening docs?
- AjaxFileBrowser applet informations
- Files requiring authentication when folder is already authenticated ajax
- ithit-ajax-file-browser active directory WebDav auto-login
- Is there ANY way to suppress the browser's login prompt on 401 response when using XmlHttpRequest
- How to suppress the browser's "authentication required" dialog when doing an ajax call that requires authentication?