Wednesday, November 21, 2012

Implementing Anonymous Access and Client Integration without Credential Prompting for Office Files in SharePoint

For those who want the best of both worlds and are trying to use anonymous access for certain content within a single web application while keeping Integrated Windows Authentication and Client Integration enabled for internal users, you may notice that anonymous users will be prompted for credentials when opening Office files in a document library configured for anonymous access.

From my research, I have learned this annoying piece of functionality is actually by design in SharePoint, and the vast majority of bloggers have implemented the most common fix of disabling Client Integration on the web application and denying the OPTIONS verb in the HTTP Verbs tab of Request Filtering on the site in IIS. However, I decided not to implement this most common fix because I discovered it makes all Office files open by default in read-only mode and prevents publishing of InfoPath forms to sites in that web application.


Instead, I opted for the following solution:

1) Download jQuery to your WFE servers in C:\Program Files\Common files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\jQuery.

2) Open the site in SharePoint Designer.

3) Under Master Pages, make a copy of the v4.master page, rename it appropriately, and edit it.

4) Add the following lines to the section of your master page:

 <script type="text/javascript" src="/_layouts/jQuery/jquery-1.8.2.min.js"></script>
  <script type="text/javascript">
  function setDownloadHyperlinks()
  {
  $("a")
  .each(function()
  {
if (this.href.match(/.doc$/i) || this.href.match(/.docx$/i) || this.href.match(/.pdf$/i) || this.href.match(/.xls$/i) || this.href.match(/.xlsx$/i))
  if (this.href.indexOf("/_layouts/download.aspx?SourceUrl=") == -1)
  this.href = "/_layouts/download.aspx?SourceUrl=" + this.href;
  });
 }
 </script>


5) Save master page and Set as Default Master Page and Set as Custom Page for the site.

Should now have the best of both worlds.