Sharepoint 2010 Redirect to Access Denied Page

Hi everyone ,

If your code need  to redirect access denied page in somewhere you can use SPUtility.HandleAccessDenied() function.

Here is an example:

SPUtility.HandleAccessDenied(new Exception(“You don’t have access rights to see this content”));

Happy tips.

Sharepoint 2010 Access Denied when modifing web.config with ApplyWebConfigModifications()

Ok i accept this problem is one of my favorite. After 3 hours finally i found a solution .Let me describe the error first. I have a feature receiver class which makes web.config modifications but SPWebApplication.ApplyWebConfigModifications() method cause an access denied error in activation process.Here is my code :

public override void FeatureActivated(SPFeatureReceiverProperties properties)

{

bool bApplyChanges = ApplyWebConfigMods(properties);

SPSite currentSite = properties.Feature.Parent as SPSite;

if (bApplyChanges)

{

SPWebApplication currentWebApp = currentSite.WebApplication;

string sClassName = typeof(NSF.Modules.ErrorModule).FullName;

SPWebConfigModification moduleEntry = addHttpModule(“NFSErrorModule”,

“NFSErrorModule”, PreConditions.integratedMode, sClassName, 1);

currentWebApp.WebConfigModifications.Add(moduleEntry);

//currentWebApp.WebService.ApplyWebConfigModifications();

SPFarm.Local.Services.GetValue<SPWebService>().ApplyWebConfigModifications();

currentWebApp.Update();

}

}

First i changed currentWebApp.WebService.ApplyWebConfigModifications()  to SPFarm.Local.Services.GetValue<SPWebService>().ApplyWebConfigModifications();

Secondly i gave permission read/write Network Service user which is my apppool identity for wss folder where web.config in it.

Third I ran powershell commadlet that change RemoteAdministratorAccessDenied propterty to false . i found it in below url
http://unclepaul84.blogspot.com/2010/06/sppersistedobject-xxxxxxxxxxx-could-not.html

function Set-RemoteAdministratorAccessDenied-False(){ # load sharepoint api libs [System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.SharePoint”) > $null [System.Reflection.Assembly]::LoadWithPartialName(“Microsoft.SharePoint.Administration”) > $null
# get content web service $contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService  # turn off remote administration security $contentService.RemoteAdministratorAccessDenied = $false  # update the web service $contentService.Update()  }

For more info:
http://stefvanhooijdonk.com/2010/08/02/custom-spjobdefinition-and-access-denied-error/
http://blogs.msdn.com/b/navdeepm/archive/2010/09/15/sharepoint-2010-adding-nested-web-config-entries-using-the-spwebconfigmodification.aspx

and now its ok.

by the way default value of RemoteAdministratorAccessDenied property is totally sucking idea.And so shouldnt be someone code it with throwing explanatory exception ?

Have a nice codding…

Sharepoint RunWithElevatedPrivileges and Access Denied error

Hi everyone,

in this short article i try to explain most common error of Access Denied cause by misusage of SPSecurity.RunWithElevatedPrivileges() method.

Here is the wrong code sample:

SPSecurity.RunWithElevatedPrivileges(delegate()
{
    //never use like this
    SPList list = SPContext.Current.Web.Lists["SomeList"];
    SPListItem item = list.GetItemById(12);
    item["Title"] = "Some Changes";
    item.Update();
});

The code defined above cause Access Denied when a user request without privs. Beacuse SPContext still contains unpriviledged user rights.If you call any object from SPContext it work with actual user (unpriviledged) rights not the admin rights.

Now is the correct one:

Guid webID = SPContext.Current.Web.ID;
Guid siteID = SPContext.Current.Site.ID;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
    using (SPSite site = new SPSite(siteID))
    {
        site.AllowUnsafeUpdates = true;
        using (SPWeb web = site.OpenWeb(webID))
        {
            web.AllowUnsafeUpdates = true;
            SPList list = web.Lists["SomeList"]; //attention here !!!
            SPListItem item = list.GetItemById(12);
            item["Title"] = "Some Changes";
            item.Update();
        }
    }
});

Yep its a little extra codding . I give you a good pattern for using this with more easy and shorter usage:
I created once a static class and add to my project this class named RunAsAdmin and one static method named Run which is taking a delegate method for run our  RunWithElevatedPrivileges codes.

public static class RunAsAdmin
{
    public delegate void RunWithAdminDelegate(SPSite site, SPWeb web);
    public static void Run(RunWithAdminDelegate myDelegate)
    {
        Guid webID = SPContext.Current.Web.ID;
        Guid siteID = SPContext.Current.Site.ID;
        SPSecurity.RunWithElevatedPrivileges(delegate()
        {
            using (SPSite site = new SPSite(siteID))
            {
                site.AllowUnsafeUpdates = true;
                using (SPWeb web = site.OpenWeb(webID))
                {
                    web.AllowUnsafeUpdates = true;
                    myDelegate.Invoke(site ,web );
                }
            }
        });
    }
}

Usage of this code is:

RunAsAdmin.Run((site,web)=>
 {
    SPList list = web.Lists["SomeList"];
    SPListItem item = list.GetItemById(12);
    item["Title"] = "Some Changes";
    item.Update();
});

Its very useful :))
Happy coding with sharepoint 🙂


Remote Debugging Access Denied Visual Studio 2008

Check both remote and local machine Windows Firewall entries.

In Remote Machine:
Open and Check  Remote debugger monitor and go to Tools -> Permissions and grant the user’s permission to Allow Debug.

One thing that can be missing is File and Printer sharing on the remote machine should open the following ports: TCP 139TCP 445UDP 137, and UDP 138.

Even if you have configured properly remote debugger and set permission correct but still getting “access denied” error when remote debugging . Possibly, your account for network connection is differnt from as server remote debuggers defined user. you may store a credental for target server before remote debugging and its username/password not match servers user for debugging.

You can remove stored networks passwords for specific targets in your client computer.

Control Panel->User Accounts->manage your networks passwords

opens “Stored Usernames and Passwords” windows.

Select account and click  remove button .Try again for remote debugging.