SharePoint: Infopath error when accessing external data

I had an issue yesterday where an infopath form published in SharePoint was accessing webservices on another server (on a different domain). Whereas this was working fine when I was testing the infopath form directly on the SharePoint server, when i accessed the form off-box, I got the following error:

An error occurred accessing a data source.
An entry has been added to the Windows event log of the server.
Log ID: 5566

It turns out that this is because of the ntlm double hop issue – in that credentials from the users browser are passed to the SharePoint server, but are not passed to the webservice. This is a well known issue and to resolve this, you typically need to implement kerberos authorisation instead of ntlm.

The workaround to this (although less than ideal) is to embed the credentials to access the webservice in the data connection file (stored in the data connections library in sharepoint central admin). Fortunately this library does not permit people to download and view credentials in plain text. To implement this workaround, simply alter your data connection files to contain the following:

<udc:Authentication>
    <udc:UseExplicit CredentialType=”NTLM”>
        <udc:UserId>DOMAIN\USERNAME</udc:UserId>
        <udc:Password>PASSWORD</udc:Password>
    </udc:UseExplicit>
</udc:Authentication>

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>