Anonymously Submit InfoPath Form to SharePoint Library

If you’ve landed on this post, then you are probably struggling to submit InfoPath browser-enabled forms to a SharePoint library anonymously. And you’ve already learned that SharePoint doesn’t allow anonymous users to add to document and form libraries. There are some good solutions out there, but I found most to be more complex than I needed.

I had one anonymous access site collection. I needed anonymous users to submit a browser enabled InfoPath form, and I needed the submission to trigger a SharePoint Designer workflow. You may or may not already know this, but SharePoint Designer workflows will not trigger on items added or updated by anonymous users. [Note: Prior to SP1, declarative workflows could run under System Account. If you have upgraded to SP1 then this is no longer possible. See comments below for possible solutions.]

My solution assumes you are already familiar with setting up anonymous access within MOSS 2007. If you are not, you can find information on this at http://technet.microsoft.com/en-us/library/cc263363.aspx and http://blogs.devhorizon.com/reza/?p=498. You will also need to deploy your InfoPath form as an administrator-approved form template. If you are not sure how to do this, check out http://technet.microsoft.com/en-us/library/cc262921.aspx and http://www.infopathdev.com/blogs/janice/archive/2009/03/03/administrator-approved-form-templates.aspx. You should be able to accomplish both of the above before you proceed with this solution.

Below I’ll show you how to setup a SharePoint library to allow anonymous users to open your form template, and how to create a custom button to submit the form under elevated privileges.

Enable Anonymous Access on Form Library (MOSS 2007)

Go to Form Library Settings. Under Permissions and Management, click Permissions for this form library.

af1jt20090602

Under Actions, choose Edit Permissions. When the Settings button appears, choose Anonymous Access.

You will notice that on the Change Anonymous Access Settings page only View Items is selectable. Add, Edit, and Delete Items check boxes are grayed out. As mentioned earlier, by default SharePoint only allows anonymous users to view items in document and form libraries. Without checking Add Items, anonymous users will not be able to open your browser-enabled form. To workaround this issue, look at the end of the URL for this page.

Change DOCLIB to LIST and hit Enter. The page will now allow you to select Add Items for anonymous users.

Select Add Items and hit OK. While anonymous users can now open your form, when they attempt to submit the form they will receive an error. This workaround to allow anonymous access to the form template will not override SharePoint’s default policies regarding anonymous users and libraries.

Preparing Your Administrator-Approved Form Template to Use Custom Code (InfoPath 2007)

Open your form template in InfoPath Design mode. Under Tools, choose Form Options. In the Form Options window, choose Category: Security and Trust. You will need to set the Security Level of your form template to Full Trust.

Next choose Category: Programming. Under Programming Language, select C# and hit OK. My solution uses C#. If you prefer to use VB or another language, there are some good conversion sites on the web. You can try the converter at http://www.developerfusion.com/tools/convert/csharp-to-vb/. If you are already using custom VB code in your form template, then converting the C# to VB will be a must.

Adding Custom Code to Your Administrator-Approved Form Template (InfoPath 2007, Visual Studio 2005 Tools for Applications)

You should have already setup your form template to submit to a document library under Tools: Submit Options. If you have not, you can find more info on this at http://office.microsoft.com/en-us/infopath/HA101070571033.aspx.

Under Insert: More Controls, add a Button control to your form template. Double click your new button control, enter a unique Label and ID, and click Edit Form Code.

This will open your custom code in a Visual Studio environment. If you are not familiar working within Visual Studio, there are numerous primers on the web. However, this solution is straight forward and simple so you should be fine.

If you are developing your form template on a client operating system and not on a SharePoint development server, you will need to add a reference to Microsoft.SharePoint.dll. You can copy this dll from your SharePoint server at C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\ISAPI\. Copy the dll into your InfoPath template projects folders which will probably be located under \Documents\InfoPath Projects\.

After adding the dll reference, you will add the following code within your button’s click event.

SPSecurity.RunWithElevatedPrivileges(delegate()
{
this.Submit();
});

The final code should look something like this.

Save All and Build your project. Back in InfoPath, save your template and Publish the administrator-approved form template.

Once the new template is published and activated to your SharePoint site collection, you should be able to open and submit the form anonymously. The form will actually submit under the System account credentials, and as a bonus will successfully trigger SharePoint Designer workflows. [Note: As of SP1, Microsoft deprecated the ability for declarative workflows to run under System Account. See comments below for possible solutions.] You will probably want to adjust some Form Options on your template to ensure that the default Submit button does not show anywhere in the user’s browser. You only want them submitting with your custom button.

Technology, Tips & Tricks, , , , , , , , , , , , , , , , .

24 Comments

  1. June 5, 2009 at 11:04 am

    Great write up JT! Ali

  2. Jonny
    June 30, 2009 at 6:14 am

    Thanks JT, this was doing my nut in!
    Jonny

  3. Michael
    July 9, 2009 at 3:55 am

    This is a great solution! However, the code doesn’t seem to trigger a declarative workflow. Any suggestions? TIA

    • July 9, 2009 at 12:42 pm

      Michael,
      Unfortunately Microsoft determined that declarative workflows running under the context of System Account is a security hole. In SP1 they depricated this; which I believe left many annoyed that Microsoft didn’t implement a solution where the admin could decide if they wanted to let workflows run as System Account.

      You can see a MSDN blog post on this issue here:
      http://blogs.msdn.com/sharepointdesigner/archive/2008/09/28/declarative-workflows-and-user-context.aspx

      I apologize that I have not had a chance to update my blog post with this information.

      A possible workaround could be to execute your code under a specific user account; giving that user account the minimal rights needed to contribute to the form library. Microsoft has a how-to on this here:
      http://support.microsoft.com/kb/306158#4

      It’s lengthy but may work. I haven’t tried it yet. Also, if you Google “custom c# impersonator,” you may find a quicker solution on CodePlex.

      • Boris
        May 13, 2010 at 11:45 am

        Michael,
        I know that it's been like 10 months since you wrote this post, but I am struggling with this problem for a long time. I have a a browser enabled form that needs to be opened and submitted by anonymous users. I followed this article but when I click the submit button i get an error saying "There has been an error while processing the form …", in both cases: anonymously and as authenticated user.

        I also followed the solution you mentioned above, but my project fails while building solution ('Microsoft.Office.InfoPath.User' does not contain a definition for 'Identity'). Here is what my submitting code looks like:
        public void FormEvents_Submit(object sender, SubmitEventArgs e)
        {
        System.Security.Principal.WindowsImpersonationContext impersonationContext;
        impersonationContext = ((System.Security.Principal.WindowsIdentity)User.Identity).Impersonate();

        SPSecurity.RunWithElevatedPrivileges(delegate()
        {
        this.Submit();
        });
        impersonationContext.Undo();
        }
        I added <Identity impersonate="true" userName="Administrator" password="password" /> in the App.config file.
        What am I doing wrong?
        Can you please help me find a solution on letting anonymous users to submit the form?
        Thanks in advance.

  4. Michael
    July 11, 2009 at 2:48 am

    Hi Jon,

    We have thought about this impersonation context hence I appreciate your response for pointing us to this codeplex solution. I knew that this System Account was creating the issue triggering the workflow since we have previous encounter of such however, we were under the impression that you have managed to run a declarative workflow using that C# code. Well regardless of the issue that we are currently facing, your solutions on this article have helped us achieved a lot. Additionally, thanks for updating us on your solution.

    Now, it’s time to test this impersonation technique.

    More power to you Jon.

    Regards,
    Michael

  5. Nicole
    July 24, 2009 at 4:26 pm

    When I publish an infopath form as content type to SharePoint, when I try to open the form in the form library as anonymous I get the user prompy. If I publish just a document library to SharePoint then I don't get the user prompt but not able to submit.

    Any ideas of what I could be doing different?

  6. October 22, 2009 at 7:41 am

    Sometimes called initial, immediate, short-term or interim outcomes. ,

  7. JohnT
    November 4, 2009 at 2:58 pm

    Browser Error:
    "An error occurred while the form was being submitted."

    12 hive Server Logs.

    Forms Server
    Forms Services Runtime
    Warning
    Form submission failed. (User: , Form Name: Template4a1admin, IP: , Request: http://siteneame/_layouts/Postback.FormServer.aspx,

    Type: DataAdapterException,
    Exception Message: The form cannot be submitted to the following location: http://siteneame/infotest/filename.xml.
    There is a problem with the Web server. Make sure the Web server exists, try again later or contact the Web server administrator. Access denied.)

    I have enabled anon access on the "infotest" Document Library which I am trying to submit.

    Please help.

    -tj

  8. Matt
    January 6, 2010 at 9:38 pm

    Man, this is confusing. Why would you need to deploy your InfoPath form as an administrator-approved form template first, and then add the code, and re-publish it? Once I add it as an admin approved, I can no longer edit the template on my local maching. Or do you perform all the steps here, and THEN deploy your InfoPath form as an administrator-approved form template?

  9. March 12, 2010 at 5:07 am

    Good brief and this post helped me alot in my college assignement. Say thank you you as your information.

  10. April 23, 2010 at 2:53 pm

    What nice answer

  11. April 23, 2010 at 11:47 pm

    Sorry for my bad english. Thank you so much for your good post. Your post helped me in my college assignment, If you can provide me more details please email me.

  12. Ed
    August 20, 2010 at 8:43 pm

    This is exactly what I have been wanting to accomplish for a long time… I follow along pretty clearly until the Visual Studio stuff… I’m not a developer.

    Am I correct in uderstanding that Visual Studio 2005 Tools for Applications is different that Visual Studio itself? I need both, correct? Can I make this work with a trial version of Visual Studio 2010 and Visual Studio 2005 Tools for Applications?

    Thanks!!

    Can I do this with a trial version of

  13. Ed
    September 13, 2010 at 10:30 pm

    So, in case anyone is interested, I guess I answered my own question… I installed a trial version of Visual Studio 2010 and Visual Studio Tools for Applications was an optional component when I installed Office 2010. This allowed me to successfuly follow all of the steps above. Thanks!

  14. kazzius
    March 16, 2011 at 5:57 pm

    I have a question in which folder i need to put the dll?

  15. victor
    March 16, 2011 at 9:01 pm

    I’m facing a problem i did this in sharepoinr 2010 and all seems to work perfect, i followed wvery step but when an anon user try tu open the form i get a message that the access is denied. When i check de library persmissions y saw the add and delete options without been marked the URL is lic ,doclib&List={
    and i did the trick to change DOCLIB for list. Any suggestions?

  16. anon
    June 15, 2011 at 10:23 am

    If you change DOCLIB&List to List&List it allows you to tick the boxes

  17. July 29, 2011 at 11:07 am

    While these instructions work, clicking on the InfoPath form to fill it out causes me to automatically log in to the SharePoint site. This obviously defeats the purpose of an anonymous submittal. In other words, before clicking New in my form library, I make sure I am logged out of the site (to simulate an anonymous user), so I get a Sign In link at the top of the page. As soon as I click the form, when I go back to the site (either from just closing the form OR from a successful submittal), I now see it saw Welcome MyUserName. Actually, I log in as System Account to the box, so it says Welcome System Account. I made sure the web application, site, and form library all allow anonymous access. What could be causing this?

  18. Technology Blog
    August 14, 2011 at 9:55 am

    Awesome blog! Loving it! :)

  19. Scott
    September 15, 2011 at 1:04 pm

    I have designed a form in InfoPath 2007 with a submit button and multiple views that change based on the workflow status in SharePoint 2007 library. When the form is filled out and submitted to SharePoint via the form button the form submits, posts and enters workflow properly. However when you open the form up again the link to the secondary data source to show the SharePoint work flow status will not retrieve and all attempt to force a refresh are unsuccessful.

    Now if you take the same form and use the Save icon on the tool bar, the form will save and post properly to the library. Then when you open the form again the workflow status appears and the screen view changes just the way it is suppose to. As such I have come to the conclusion after much testing and research that when you use the built in InfoPath submit function to create unique file names, is somehow disabling the form’s retrieving process and nothing I seem to do changes this. I know that it will work because it work properly with the save icon. So my question is has anyone seen anything like this and how do I fix. Thanks in advance.

  20. Chris
    April 4, 2012 at 2:59 pm

    Great blog! Any tips for blocking the submitted form library from external search engines besides adding the library to robots.txt? This is to protect submitted data from being found in the search results.

  21. Riaz
    October 18, 2012 at 1:42 am

    This is very good post which help me best for save form anonymously in form library.
    Now plz reply me how can i swich another view after submit the form…..

4 Trackbacks +

  1. [...] form and put some code behind it to submit your form with elevated privileges.  This post, http://blog.metrostarsystems.com/2009/06/04/anonymously-submit-infopath-form-to-sharepoint-library/, does a great job of explaining a technique that works.  It also, at the beginning, talks [...]

  2. [...] How to anonymously submit InfoPath Form? [...]

  3. [...] settings and access more than the ‘View’ option for the anonymous account – http://blog.metrostarsystems.com/2009/06/04/anonymously-submit-infopath-form-to-sharepoint-library/ – however, Microsoft closed a loophole in Service Pack 1 which means the coding solution is [...]

  4. [...] around I came across this blog post by Jon Talbot which describes the fix – thanks Jon! (http://blog.metrostarsystems.com/2009/06/04/anonymously-submit-infopath-form-to-sharepoint-library/). Basically the permissions of the forms library need modifying before anonymous users can open the [...]

Your email is kept private. Required fields are marked *

*
*