Hello all:
We have the following hardware-decoupled installation running:
- SharePoint 2007 (MOSS) front-end farm, serving InfoPath Forms Services
- K2 workflow engine on a dedicated server
- SQL server farm hosting the K2 and SharePoint back-ends
The entire thing is glued together by Kerberos (satisfactory configuration of which took quite a bit of finagling). We have the following scenario:
When a Forms Services (web) InfoPath form is submitted from our MOSS front-end, it is accepted by K2, whirls nicely through the various processes and then reaches a state ready for the next step in the workflow. However, in the workspace Process list, the originator is listed as the service account that the MOSS app pool has been configured to run as - as opposed to the user that is currently authenticated (logged in) in the SharePoint context.
At this time, we are not experiencing any specific authentication, Forms Services, K2, or SharePoint errors. However, the fact that K2 thinks the originator is the SharePoint service account messes up subsequent handling of the form through the workflow, as it then appears that users further downstream don't have proper rights to open the form. In other words, it looks like the form doesn't belong to them, even though they submitted it!
During development in a "standalone" configuration (K2/SQL/MOSS on one server; no Kerberos), of course the originator information was as expected - i.e. the user that was logged into SharePoint at the time and submitted the InfoPath form.
What are we missing in order to be able to reflect the proper originator in our distributed scenario? Any ideas, thoughts, etc. most welcome. Thanks in advance,
Allen Racho
System Development Specialist
Brokerage Services Division
Arthur J. Gallagher