Understanding Fully Trusted Forms

Office 2013 and later

Office 2010

Last modified: March 22, 2013

Applies to: InfoPath 2013 | InfoPath Forms Services | Office 2013 | SharePoint Server 2013

In this article
Introduction
Why Use a Fully Trusted Form?
What Makes a Form Fully Trusted?
Creating a Fully Trusted Form
Manually Creating a Fully Trusted Form
Digitally Signing a Form Template to Create a Fully Trusted Form
Using a Fully Trusted Form
Making Changes to a Fully Trusted Form
Conclusion

InfoPath provides the ability to create fully trusted forms, which are forms that have greater security permissions and can access system resources and other components on a user's computer. This article describes what a fully trusted form is, and why it is used, and create a fully trusted form by manually converting and registering a standard form, or by digitally signing a standard form.

Introduction

InfoPath form templates can be deployed with varying levels of security. The level you use is dictated by the level of access to external resources that you want a form to have. By default, InfoPath form templates are restricted from accessing system resources and are not allowed to use any software components that are not marked as safe for scripting. However, this behavior can be overridden so that a form can access system resources and other external resources, including software components that are not marked as safe for scripting.

For a form to be used, InfoPath must be able to access the form template that the form is based on. When you create a form template, InfoPath creates an entry in the form definition (.xsf) file that contains the URL of the location of the form template. A URL-based form is said to be sandboxed. When a user fills it out, the form is added in a local cache and denied access to system resources. This kind of form inherits its permissions from the domain in which it is opened.

However, you can modify a form so that it is based on a Uniform Resource Name (URN) instead, which allows access to system resources. Forms of this kind are said to be fully trusted.

Why Use a Fully Trusted Form?

Fully trusted forms have a better set of permissions than sandboxed forms. For example, they can contain programming code that uses external objects for accessing system resources, they can use software components or Microsoft ActiveX controls that are not marked as safe for scripting, and they can use custom business logic provided by .NET assemblies.

In addition, some members of the InfoPath object model are set to security level 3, which means that they can only be used in a fully trusted form. For example, to access the Microsoft Office CommandBars object, you use the CommandBars property of the InfoPathWindow class to set a reference to it. Because this property is set to security level 3, it cannot be used in a form that is not fully trusted.

Note
Using the CommandBars property of the Window class, or any other object model member that has a security level of 3, in a form that is not fully trusted will result in a "permission denied" error.

What Makes a Form Fully Trusted?

The following actions, involving both the InfoPath user interface and the form files, are required to create and use a fully trusted form:

Enabling InfoPath to allow for the use of fully trusted forms on the Trusted Publishers category of the Trust Center dialog box. This option must be enabled for users to open fully trusted forms.
Registering the fully trusted form on the target computer by using the RegisterSolution method of the InfoPath Application object.

Creating a Fully Trusted Form

You can create the form manually, which involves modifying some of the form files directly.
You can digitally sign the form template.

Manually Creating a Fully Trusted Form

To manually create a fully trusted form

Make a backup copy of the form template that you want to make fully trusted.
Open the form template in InfoPath.
Save the form source files to a folder on your hard disk by clicking the File tab, clicking Publish, and then clicking Export Source Files.
Specify the folder in which to save the form source files, click OK, and then exit the InfoPath designer.
In the folder in which you extracted the form files, open the form definition (.xsf) file, named manifest.xsf by default, in a text editor such as Microsoft Notepad.

Add the following attributes to the xDocumentClass element in the .xsf file:

XML

requireFullTrust="yes" 
name="urn:MyForm:MyCompany"

Note
The values that are used for the URN can be any kind of string value, as long as this value is unique. There must be at least two values after the urn: prefix, and these values must be separated by a colon. In addition, the URN should not exceed 255 characters.

Save and close the .xsf file, and then open the XML template (.xml) file that is named Template.xml by default, in a text editor such as Notepad.

Remove the href attribute from the mso-infoPathSolution processing instruction and replace it with the same name attribute that you used in step 6 for the .xsf file.

Note
The URN values that are used for the name attribute must be the same in both the .xsf file and XML template file.

Save and close the XML template file.

Repackage the files into the .xsn CAB format with a tool such as makecab.exe.

Note
Although InfoPath form designer supports repackaging the form files into an .xsn file, doing this will revert the form to a URL-based form. For this reason, you must repackage the files manually to avoid overwriting your changes to the form files.

Create a custom installation program by using the RegisterSolution method of the InfoPath Application object to install the fully trusted form. A simple way to do this is to create a script file that uses the following lines of code (in either Microsoft JScript or VBScript syntax):

JScript

C++

No code example is currently available or this language may not be supported.

Note
Although this example uses a simple script file, you can also use a more robust installation mechanism such as Microsoft Windows Installer (.msi) files. Be sure, however, to use the RegisterSolution method to correctly install the fully trusted form on the target computer. To access the RegisterSolution method of the InfoPath the Application object from Visual Basic or Visual Studio, set a reference to the Microsoft InfoPath 3.0 Type Library, which is provided by IPEDITOR.dll that is installed in the C:\Program Files\Microsoft Office\Office14 folder.

Note

Although this example uses a simple script file, you can also use a more robust installation mechanism such as Microsoft Windows Installer (.msi) files. Be sure, however, to use the RegisterSolution method to correctly install the fully trusted form on the target computer. To access the RegisterSolution method of the InfoPath the Application object from Visual Basic or Visual Studio, set a reference to the Microsoft InfoPath 3.0 Type Library, which is provided by IPEDITOR.dll that is installed in the C:\Program Files\Microsoft Office\Office14 folder.

If you have to remove a fully trusted form, you can use the UnregisterSolution method of the Application object as shown in the following JScript and VBScript examples.

JScript

C++

No code example is currently available or this language may not be supported.

Digitally Signing a Form Template to Create a Fully Trusted Form

Digitally signing a form template enables you to deploy a fully trusted form template by e-mail or on a Web server, such as a server that is running Microsoft SharePoint Foundation. Use the steps in the following three procedures to make a form fully trusted by specifying full trust for the form, signing it digitally, and then publishing it.

To digitally sign a form template

Open the form in the InfoPath designer, click the File tab, and then click Form Options on the Info tab.
In the Form Options dialog box, click the Security and Trust category.
Clear the selection for Automatically determine security level (recommended).
Select Full Trust (the form has access to files and settings on the user's computer).
Under Form Template Signature, select Sign this form template.
Click Select Certificate to select a certificate that was previously downloaded and installed from a trusted certificate provider.
Click OK two times to exit completely.

To publish the form template to a SharePoint Document Library

Click the File tab, click Publish, and then click SharePoint Server.
Follow the instructions in the Publishing Wizard to publish the form template to a new or existing SharePoint document library.

To a create a form that is based on your fully trusted, digitally signed form template

In the SharePoint document library, click Fill Out the Form.

Note
After publishing the form template to a SharePoint document library using the Publishing Wizard, the template is not displayed as an item in the form library. When you create a form in that document library, the template will be used by default as the template for the new form.

If the default form template was digitally signed, InfoPath displays a security warning about the digitally signed form template. Select Always trust files from this publisher and open them automatically, and then click Open.

Using a Fully Trusted Form

Using a fully trusted form is very similar to using a standard form. The only significant differences are that the form can access restricted resources and warnings will no longer be displayed.

Note
To enable InfoPath to use a fully trusted form, users must ensure that the Allow fully trusted forms to run on my computer check box is selected on the Trusted Publishers category of the Trust Center dialog box. To open the Trust Center dialog box, click the File tab, click Options (below the InfoPath tab), click Trust Center , and then click Trust Center Settings.

A fully trusted form can be opened in InfoPath from the Fill Out a Form dialog box.

The Fill Out a Form dialog box opens when you click More Forms in the Fill Out a Form task pane, or you click Fill Out a Form on the File menu.

Making Changes to a Fully Trusted Form

If you only have to make changes to the .xsn file, you can have users replace their existing .xsn file with the new one after the changes are made. They will not have to reinstall it by using a custom installation program.

However, if you are making changes to the form files that the .xsn file contains, you must repackage the files, as explained earlier, and then have users reinstall the fully trusted form.

Note
The best approach is to save the form template back to the .xsn format from the InfoPath designer, and then follow the steps in this article to create a fully trusted form.

Conclusion

Depending on your business requirements and the needs of your users, you may have to create a form that has a higher set of permissions than the standard InfoPath form. InfoPath provides the ability to modify a form so that it can access system resources and other external resources that are not marked as safe for scripting. This can be done manually by making modifications to the form files that a form template contains and running an installation script, or by digitally signing the form template.