.comment-link {margin-left:.6em;}

Pranav Wagh's Blog

Friday, December 02, 2005

Accessing database in a secured way from InfoPath ?

The real issue which exists here is, InfoPath xsn file is a combination of XML files with is finally nothing but something that is very readable, so even if you create a secured database, and in the connection string you provide the user name & password; its stored in the XML file...!!! fully readable ..so please don’t do it.. unless you really want to expose your username & password.

The only(easier) possible workaround(yes; workaround !)  is to use a web service which runs in the context of a specific user, give the permissions to this user on your database  and then you can create a InfoPath form with accesses the webservice ...but the point is . xsn file will still reveal the server name where the webservice is situated..so its upto you if you dont mind you can go ahead & do it..

The other way is use the .NET code behind use ADO.NET to access the data and updata the xml nodes in Infopath programmatically..its offcourse secure ..but you have to give full trust to the IP form in order to allow it to execute....moreover...if you need to do all this just make sure you really need InfoPath :) may be the tool that you really need is ASP.NET have a look at http://msdn.microsoft.com/library/en-us/odc_ip2003_ta/html/odc_IPInfoPathDecisionTree02.gif  if you are confused. Also have a look at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dno2k3ta/html/Office2003OverviewDeveloperTechnologies.asp 


Post a Comment

Links to this post:

Create a Link

<< Home