WebDAV module

iKnowBase comes with a WebDAV server serving iKnowBase documents to WebDAV Clients. This enables direct editing of Microsoft Office documents with a Microsoft Office client.

The WebDAV server is implemented as a java module in the iknowbase-webapp application.

Special requirements

License from Milton.io

The WebDAV server is built with Java WebDAV Server Library from Milton.io. A valid commercial license is required and can be purchased from Milton.io. The WebDAV server must be configured with path to a directory containing the license file.

WebDAV traffic is served from /

Due to client requirements, the WebDAV Server must be available at context root / (the root). Collision with the iKnowBase Viewer module (also deployed to /) is avoided using either User-Agent detection or a separate virtual host for WebDAV traffic.

By default, all known Microsoft Office User-Agents will be served by the WebDAV server (the expression is configurable). This detection mechanism is default and recommended.

For special requirements, you may also use a separate virtual host for the WebDAV traffic (e.g. using webdav.example.com, while other applications are deployed on intranet.example.com). When enabled together with the Viewer module, use the hostnames WebDAV configuration option.

SSL

SSL is strongly recommended and Microsoft Office will require SSL for some authentication types.

Clustering

The WebDAV module does not support clustering.

Installation

Review WebDAV Special Requirements and configure the WebDAV Server module accordingly.

The WebdavConfiguration accepts these configuration properties:

See Web Application Security for configuration options for form based authentication for WebDAV.

Authentication

The WebDAV module supports these authentication options in prioritized order (first enabled module wins):

• Header
• Spnego
• Form based (MS-OFBA protocol)
• Basic
• Container (Oracle WebLogic only)

For the iKnowBase web server, the default authentication option is “Form”. For Oracle WebLogic, the default is “Container”.

Presentation configuration

To set up direct editing of Microsoft Office documents, do the following:

• Using the iKnowBase Administration Console, configure the “WebDAV Path” in the relevant Domain configuration with the proper value, e.g. “https://webdav.example.com/”.
• In relevant content viewers, configure an “Edit using WebDAV” action.
• From a supported web browser, click the “Edit using WebDAV” icon.

Launching applications for editing

From iKnowBase 7.0, applications are launched using browser protocol extensions and Microsoft Office URI schemes .

If the document type has been registered as a WebDAV type and presentation has been configured to display “Edit using WebDAV”, the registered application will launch when the link is clicked. The link includes information regarding which application to launch.

NOTE: Before iKnowBase 7.0, applications were launched using the Microsoft SharePoint NPAPI plugin (SharePoint.OpenDocuments and ffSharepointPlugin). Support for this plugin has been removed in favor of browser protocol extensions.

WebDAV registration for file types

WebDAV registration for each type file type is managed in iKnowBase administration console under Mimetypes. “Edit using WebDAV” will only be available for types enabled for WebDAV. The associated WebDAV script must match the Microsoft Office URI Scheme for the application that should be used for editing the file.

Troubleshooting

For troubleshooting, do this:

• Find a suitable document in your iKnowBase installation, making note of the document ID. For this example, we assume a document ID of “2804”.
• Using a web browser, go to the url “https://webdav.example.com/ikb$content/2804/document.docx” (using the proper hostname and a suitable extension). Open (or save + open) this document, and verify that it opens properly in e.g. Microsoft Word.
• Using Microsoft Word directly, go to the “Open Document” dialog (Ctrl+F12 will often do the trick). Here, enter the same full URL, including the https-prototcol and all (“https://webdav.example.com/ikb$content/2804/document.docx”) and click “Open”. Verify that it opens properly.
• Make sure that the plugin is not blocked by the browser (in such case you will be prompted)

Microsoft Office 2011 for Mac requires SSLv3 protocol support

Microsoft Office 2011 for Mac requires that the old SSLv3 protocol is enabled. Web sites will typically want to remove support for SSLv3 due to the SSLv3 vulnerability “POODLE”, but this will result in the message “No connectivity with the server” when opening a document using WebDAV.

The WebDAV web site must support SSLv3 until this issue is resolved.

iKnowBase reference: IKB-2867

Microsoft Office 2016 for does not currently support forms based authentication

Office 2016 for Mac clients are not compatible and will currently (by the time of this release) not be able to edit documents when using forms based authentication (MS-OFBA).

iKnowBase reference: IKB-3060

Re-authentication problems with form based login

Form based authentication for WebDAV uses persistent session cookies. The session is valid until server restart or idle timeout.

When a presented session cookie is invalid, Microsoft Office will say that there is a permission problem and offer to save a copy. If you continue with the save copy dialog, you will be able to re-authenticate and save your document.

Note: Microsoft Office also offers the sign in option when a permission error occurs. However, this option will not try to re-authenticate when you still have a persistent cookie.

Note: A restart of the Microsoft Office application will prompt for new authentication.

Word did not save the document (0x80004005)

When a form based authentication is invalid and you re-authenticate (see previous section), this error message may occur if you cancel the re-authentication dialog: “Word did not save the document” with the error code 0x80004005 in event viewer. A hotfix is available at http://support2.microsoft.com/kb/2479169.

Browser warning when launching application for direct editing

By default, all browsers will display a warning when clicking the “Edit using WebDAV” (or similar) link.

Chrome displays an option to remember the decision and further warnings can then easily be avoided.

The warning in Firefox and Internet Explorer can be avoided by adding the WebDAV hostname to Internet Explorer’s Trusted Zone. Note that if you run WebDAV on a separate hostname, then only that hostname is required to be in the Trusted Zone.

Warning: While Intranet Zone will have Compatibility View and Automatic Windows login enabled by default, the Trusted Zone will not. You may add the site to Compatibility View manually (if required) and enable Automatic Windows login by setting Trusted Zone custom level to “Automatic login with current user name and password”.