Anonymous Views/Forms
You can mark specific Views/Forms to be available anonymously. For example, you may wish to expose a View/Form to public users who do not have user accounts in your organization's Active Directory. Enabling Anonymous Access on a View/Form would allow these external users to access that specific View/Form without having to provide credentials.
- An Internet Information Services (IIS) web site, application or virtual directory can be configured to run anonymously; the Application Pool Account user is used to log into K2 HostServer on the site. The Anonymous Access View/Form setting is not required for this scenario. See the K2 smartforms Configuration and Installation Guide for more information.
- The Anonymous Access View/Form setting was added to allow a specific View/Form to be marked as Anonymous. This allows the View/Form to be executed as the Application Pool Account user inside a site that normally requires authentication. The Anonymous Access View/Form setting was added to be more secure and to remove the need for a second site configured for anonymous access.
There are two approaches that can be used to enable anonymous access: you can create a separate SmartForms runtime site and configure that site to run anonymously (note that this option is not available in K2 Appit for SharePoint), or you can mark specific Forms and Views to be executed anonymously.
How to use the Anonymous Access property setting
- Create a View/Form.
- Edit the View/Form.
- In the Properties section under Advanced, select Anonymous Access.
View:Form:
- Obtain or determine the runtime URL for the anonymous View/Form. (You can use the View/Form Properties page to determine the URL. You may need to replace the server address part of the URL with the server address of the runtime URL)
- Access the runtime URL as an anonymous user. The View/Form will open without requiring credentials.
Considerations
- A subview/subform opened from a View/Form should also be configured for Anonymous Access. The property is not automatically inherited by subviews/subforms and must be set individually on the View/Form's properties.
- User context information such as Name, Display Name, e-mail, Manager, FQN, etc. will not be populated on an anonymous View/Form since there is no user context.
- Behind the scenes, the View/Form will run in the context of the user account of the Application Pool associated with the runtime SmartForms site. Therefore, any integration requiring credentials (for example: SmartObject interaction using the Impersonation authentication mode or starting a workflow) would execute under the context of the Application Pool user ID.
- If a View/Form is checked-in and marked as Anonymous, the View/Form is run under the AppPool user (as if the AppPool user was accessing the View/Form). If the View/Form is then checked-out, edited and saved by the same user as the AppPool is configured to run under, then all users running the View/Form will see the new edited changes (even if the View/Form is not re-checked in). This is due to the changes that were made by the AppPool user account which as stated above is the user under which the View/Form runs for all users.