Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
DiscussionsAccessExcelInfoPathOutlookPowerPointPublisherWord
DirectoryUser Groups
Related Topics
Outlook ExpressInternet ExplorerWindowsMS Server ProductsMore Topics ...
MS Office Forum / General MS InfoPath Questions / September 2005

Tip: Looking for answers? Try searching our database.

Enabling only write access to a form library or folder

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Paul Robinson - 02 Sep 2005 10:20 GMT
Hello chaps,

Last time I posted a question here I got a perfect answer in minutes - so
I'm really hoping the same happens today!

I need a way to secure form submissions, either through a SharePoint Forms
Library (preferred) or NTFS folder.  People completing the forms should not
be able to see the responses of other users.

Sounds simple, but I'm finding it quite complicated.  NTFS write access
doesn't do the business it would seem (the form can't save) , and SharePoint
doesn't appear to support saving but subsequently not editing or viewing.

I know I could overload the form save location to save it somewhere 'secret'
but really that seems like a ropey and insecure way to configure it.  I want
to avoid having to write a Web Service to consume the XML if possible, unless
someone knows of a ready-made web service which could just drop the file into
a SharePoint library or something on submissions?

All comments and suggestions are welcome.  You can be as techie as you like,
i'm not frightened!
Reply to this Message
Scott L. Heim [MSFT] - 02 Sep 2005 13:12 GMT
Hi Paul,

As you have seen, Sharepoint does not provide this level of granularity.
What about this option: is the user's name somewhere on the form? If so,
what about using code to get the user name and compare this to the entry on
the form. If they match, open the form - if not, display a message and
close the application.

Possibility?

Scott L. Heim
Microsoft Developer Support

This posting is provided "AS IS" with no warranties, and confers no rights
Reply to this Message
Paul Robinson - 02 Sep 2005 13:25 GMT
Hi Scott, thanks for the reply.

It's a creative approach, but I don't feel that would give the level of
security required.  The form submissions could be sensitive and this method
wouldn't stop the form from being opened in a viewer (such as notepad).  In
addition, I dont really want people to even know whether someone else has
completed the form.

I suppose I could remove the default view in SharePoint and create a view
which only shows submissions by a single user, but that still leaves the
Explorer view and UNC paths open for browsing.

Maybe I'll create a quick web service which will just accept the file and
drop it into a SharePoint list using a priviledged account.  If the options
can be set through web.config others may find this useful too.

Cheers,

Paul
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.