With Microsoft’s advanced into cloud-based services, one of the most impressive developments is the web-based version of the office applications. These apps can be used an add-on to SharePoint, and allow users to open office documents and files directly from within the browser, without needing to install these applications on their computers.

Since UAG can publish SharePoint, many UAG customers have tried publishing SharePoint portals with the office web applications included. Some have been successful with this, and others have had less luck. The office web applications are a complex product, and so while some features work easily, not all do. Sometimes, with enough tweaking, certain issues can be address (and I’ll talk about that shortly), but it’s important to be aware that publishing the Office Web Applications is not supported by UAG. I will be offering some ideas on things you can do to make things work, but even if things don’t work out, this scenario is not supported.

If, despite this being unsupported, you wish to publish the Office Web Applications; your best bet is to use VPN. This could entail publishing SSTP/NC, using DirectAccess or simply using the “browser-embedded application” template. Technically, the office Web Apps are built with SilverLight, so the B.E.A. template is specifically designed for this sort of thing. This blog post may help you use this type of application template.

clip_image002

If you must use regular web publishing, then keep in mind that the AAM configuration on your SharePoint server is always very important, but here, it’s even more critical. Specifically, consider the AAM zones for HTTP vs HTTPS.

Secondly, check the authentication providers for both zones. To do so, go to the application management, and open the Authentication Providers settings. Verify that the providers are both set for “windows”:

clip_image004clip_image006

The third thing to check is the trusted file locations. This may need to be done for all the applications, but Excel, specifically, is more sensitive than the other apps. To configure this, go to the application management tab, and click on one of the apps, and then, click “trusted file locations”:

clip_image008clip_image010

Make sure that both http:// and https:// are covered as trusted file locations with “Trust Children” (can be more specific for security reasons if required). It is important that the “Location Type” for these locations is “Microsoft SharePoint Foundation” which indicates WebDAV is being used (and not “HTTP” or “UNC”). Also, make sure that “Allow External Data is configured to “Trust data connection libraries and embedded”:

clip_image012

Another issue you may run into when trying to publish the office web applications is specific to InfoPath. Naturally, this too is unsupported, but if you are receiving JavaScript errors on the client, there are some things you can do. To the user, this situation would look something like this:

clip_image014

Your own behavior may vary, but the root cause is that UAG injects certain JavaScript code into the pages sent by InfoPath. The InfoPath data is XML, and the additional script causes it to become non-XML compliant, and breaks the client side processing. The fix involves instructing UAG to not touch the forms delivered by InfoPath. The server page that delivers them is called formserver.aspx, and to prevent it from being touched, we use one of the options in the Advanced Trunk Configuration. Here are the steps:

1) Get the name of the internal server that you are publishing. This would be the name you defined in the Web Servers tab of the published application.

2) Go the UAG’s Advanced Trunk Configuration

3) Go to the Portal tab

4) Click on Edit next to “Do not process the bodies of responses to these requests:

clip_image016

5) On the server edit dialog, click ADD under Server, and add the name of the internal server.

6) On the URLs, click ADD and add the path to the FormServer.aspx file:

clip_image018

Note that I specified a relative path, ending with .*, so that any URL that starts with this will be affected. Your path would probably different, based on the configuration of your back-end server

7) Click OK and OK, and activate your configuration.