Solving the authentication problem while opening Office documents hosted on Apache in IE8/IE9 on Windows 7

We were facing a problem in IE 8/9 on Windows 7 while accessing  Office 2007/ Office 2010 documents hosted on apache/Cent OS 4.6. After some analysis I found the reason and finally ended in a fix. See below my findings and solution. Hope this helps:

The main issue is with the Microsoft’s way of implementing Webdav protocol for accessing web content through Microsoft Web Client. When we click on a Office document then web client  sends HTTP /1.1 OPTIONS Request header to server to check the WebDav communication (My server doesn’t have WebDav). In response Apache return 200 OK Response header to Web Client which results in prompting the authentication screen by Windows 7.  Well you have option in IE to pass the authentication login automatically but that would be security breach as you will be exposing your machine authentication to internet so I would not prefer that. Best way is to configure Apache to reject these request. This is how i have solved. These changes needs to be done in httpd.conf file in /etc/httpd/conf folder (Cent OS 4.6)

# One way to doing it – Deny access based on request method

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(OPTIONS|PROPFIND)$ [NC]
RewriteRule ^.*$ - [F,L]

# Another way to implementing – Deny acess based on user agent (Vista and Windows 7 used same user agent with different version so this Regx shall work for both

RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^Microsoft-WebDAV-MiniRedir
RewriteRule ^.*$ - [F,L]

Explanation on Flags:

1. [F] flag causes the server to return a 403 Forbidden status code to the client.

2. Use of the [NC] flag causes the RewriteRule to be matched in a case-insensitive manner. That is, it doesn’t care whether letters appear as upper-case or lower-case in the matched URI.

3. The [L] flag causes mod_rewrite to stop processing the rule set. In most contexts, this means that if the rule matches, no further rules will be processed. This corresponds to the last command in Perl.

 Some References:

Microsoft knowledge article on authentication requests from office documents 

Apache mod_rewrite rule documentaion

fiddler tool for debugging HTTP requests

Delhi.pm Perl Monger user group: Need suggestions

Hello

We have a Delhi.pm Perl Monger Group in New Delhi, India. The group is almost  inactive for some years (except monthly mail of mailing list membership detail). I am trying to revive Delhi.pm and need suggestions from community.

I have already created a Google + page to spread the word. Actually, we have a mailing list but I assume that most of the members are either inactive or not working in Perl anymore.  I know many active Perl programmers in Delhi but they are not connected.

Do let me know your thoughts to make Delhi.pm active? Comments/advice are most welcome.

Thanks,

Resource on debugging, profiling and benchmarking in Perl

I am listing some of the online resource which really helped me to understand the debugging and profiling in Perl.

Profiling Perl by Simon Cozens

Dr. Dobbs Journel by brian d foy

Wasting time thinking about wasted time by brian d foy

Randal L. Schwartz column on Unix Review

Benchmarking your code by turnstep

Debugging and Profiling mod_perl Applications by Frank Wiles 

also do not forget to check chapter 4, 5, 6 of Mastering Perl Book and documentation on CPAN and perldoc.

Any Addition to this list is welcome.

Enjoy Perl.

 

Added:

Devel::Nytprof 

 Slides of Tim Bunce talk on Devel::NYTProf YAPC::EU August 2010

 

Perl Data Language (PDL) Release News

PDL 2.4.10 is released. Another great work from Chris Marshall and PDL Development Team. See this link for official announcement.

You can also checkout the first draft of the PDL book. For existing MATLAB users there is a very good guide which can help in migrating from MATLAB to PDL.

 

Enjoy the new PDL release and unleash the power of Perl for solving mathematical problems.

Good Luck!