How to enable anonymous access to InfoPath Forms Library SharePoint 2010

May 13, 2011 at 6:49 PM | Posted in SharePoint | 9 Comments


First of all the idea of enabling anonymous access to infopath forms on Internet sites  is not recommended at all , as it produce security risks. The anonymous access for infopath forms libraries in SharePoint 2010 is disabled by design of Microsoft SharePoint team , thus it’s not a bug it’s the correct behavior. But as you know sometimes requirements can be pain in the ass.  Don’t say I didn’t warn you.

First you need to follow more two steps to make this happen , first you need to change or let’s workaround the permissions of the library , then you need to add custom code to the infopath form submit button and deployment to InfoPath Services on central administration .

Change the permissions of anonymous users on InfoPath Forms Library :

If you go to the infopath forms library permissions and press on the anonymous ribbon button above you will see the following :



As you see that the delete, add , and edit checkboxes are grey and disabled. Thus first you need to copy the url of the popup page like this


Copy the url and paste it on new tab in your browser and change the DOCLIB word with LIST like this



Now the add ,edit , and delete items will be available for checking . Check on add checkbox or/and edit .


NOTE : if you go back to the library and click permissions and anonymous button you will still see the add, edit , and delete items grey and disabled and unchecked although you have checked them. That’s ok , as if you change the DOCLIB with LIST you will see you changes. No worries here.

Preparing you InfoPath form to write custom code with Server Administration :

Open you infopath form that will be available to anonymous users , go to options of the form.



Then select the “Secuirty and Trust” tab on the dialog , and uncheck the “Automatically determines Security Level “ and chose the last option “Full Trust”



Then go to the compatibility tab on the same dialog and make sure that the “Form Type” is Web Browser Form  then  enter your site url on the box of server validation and check the checkbox under it


The press ok for the dialog . Now we finished preparing the infopath for programming and custom code .

Write Custom code for the Submit button of InfoPath Form

Find your submit button and right click on it . Click the properties .


The button properties dialog will show up that contains several tabs . Make sure that you are under general tab , and the action selected is “Rules and Custom Code” . Then click on “Edit Form Code”  ( Please note that you need “Visual Studio toots for Applications” to be installed)



Then Visual Studio project will open for you and it will add the submit button event handler automatically. Your code will be added there but before this we need to add the SharePoint dll as reference to the project . Go to references of the project right click and add reference , popup will show up .Browse your files to the SharePoint Server 14 folder , and then go to BIN and chose the “Microsoft.SharePoint.dll” and add it to the project.



Now refrence the SharePoint dll on the above side of the class and put “using Microsoft.SharePoint;” . Now let’s go to the button event handler and write our code there , we need to add two lines of code

SPSecurity.RunWithElevatedPrivileges(delegate(){ this.Submit(); });

Now we added our code to the form it’s time to build our solution or visual studio project then close it.



Now we are done with the custom code . Go back to the form and publish it to the Central Administration and activate it to your site collection and use the Form content type added and add the form to the library.

Note : Please make sure that the submit button have no “Sumit “ on it’s rules as the code will do the submit instead. If there is rule named “Submit” the custom code will not be executed.

You can go now and try the infopath form for anonymous users. It should work.


Don’t say anything to me if you have been hacked through this form , I warned you that it will introduce security risk .






RSS feed for comments on this post. TrackBack URI

  1. amazing you … thanks alot

  2. Do you realy need to change the permision of the list if you use RunWithElevatedPrivileges?

    • I just ran into this today. Seems like you do not need to edit the list permissions when using RunWithElevatedPermissions. In fact, the list permissions change to allow AddItems did not seem to help at all. But the RunWithElevatedPermissions worked perfectly. Great solution!

  3. Regarding
    “enabling anonymous access to infopath forms on Internet sites is not recommended at all , as it produce security risks”

    Can you List the security risks which you mentioned above?
    I can only think of spam from anon user, which can be controlled, and not a significant security threat?

    thank you

  4. Is there a way to do this using VB.Net?

  5. did you already have a authenticode certificate? I am getting an error regarding that

  6. Hi Saed, thanks for this great post! A question: Do I need to configure the “Submit” options on the form ie Check the “Allows users to submit this form” box; “Send for data to a single destination; and setup the target forms library as the data source?


  7. hi thank you very much
    but when come back and I change the DOCLIB with LIST again I cant see my changes and the add item is still unchecked and anonymous cant access to the form

  8. Thankfulness tto my father who stated to me on the topic
    of this website, this website iss actually awesome.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at
Entries and comments feeds.

%d bloggers like this: