Sharepoint (WSS) authentication issues in code

Posted on 2005-05-16
Last Modified: 2012-08-14
First, apologies if this isn't in the right group, but it kind of spans. I'm working with a client that has Windows Server 2003, WSS, accessed through a custom application. In this application, we need to attach files to cases by adding them to a database and storing them in Sharepoint. This process works fine at our office, but the client is having authentication problems.

The only authentication being used is Windows security. Before, my Sharepoint code (in C#) was in a file, and the users would get a login prompt. However, even if they entered correct information, it would not let them in and eventually give an Unauthorized (401.1) error. I decided to move the functionality to a web service and use the Credentials object to set up authentication. These are the calls in my web page:

     pmdtc_ws.CreateSite svcCreateSite = new PMDTC.pmdtc_ws.CreateSite();
     svcCreateSite.Credentials = System.Net.CredentialCache.DefaultCredentials;
     string strResult = svcCreateSite.AttachFile(subWeb, sFileName, pFileContents);

And this is the web service's method:

            public string AttachFile(string pFolderID, string pFileName, byte[] pFileContents)
                  string strMessage;

                        SPSite site = SPControl.GetContextSite(Context);
                        SPWeb web;// = SPControl.GetContextWeb(Context);
                        string tmpSite = site.Url;

                        if (pFolderID != "0")
                              tmpSite += "/" + pFolderID + "/";

                        tmpSite = tmpSite.Substring(7);
                        int posSite = tmpSite.IndexOf("/");
                        tmpSite = tmpSite.Substring(posSite);

                        web = site.OpenWeb(tmpSite);
                        web.AllowUnsafeUpdates = true;
                        SPFolder folder;
                        SPFile file;
                        folder = web.GetFolder("Shared Documents");

                        file = web.GetFile(folder.Url + "/" + pFileName);

                        if (file.Exists) ////check in existing file
                              file.CheckIn(""); ////We have to force the checkin here.
                        else ////Add a new file
                              SPFileCollection files;
                              files = folder.Files;
                              files.Add(folder.Url + "/" + pFileName, pFileContents);

                        strMessage = "Success!";
                  catch (Exception ex)
                        strMessage = "Fail! " + ex.Message.ToString();

                  return strMessage;

When I run this, I get back an ASP.Net error page, that says the user is unauthorized: 401, treating it as an unhandled exception. (As a note, users have Contributer permissions in Sharepoint, and a cross-site group with Contributer permissions is set up for the subsites that files might be stored to, but this happens at any level.)

We found that if the administrator does a file attach, it will work, and allow access to the site for a time, before it loses that access. Also, when I used a standard user (having the problem) to access the Sharepoint site, we got this error message:


List does not exist

The page you selected contains a list that does not exist. It may have been deleted by another user. Click "Home" at the top of the page to return to your Web site."

There was a fix mentioned on Google for this, giving users read access to the webtemp.xml file in Templates/1033/XML, but that worked only until we rebooted the machine.

I've been trying to figure this out for a few weeks now with no success, so any help would be extremely appreciated. Thanks.
Question by:kmac23va
    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    Even though Sharepoint seems to be using Active Directory (Windows Authentication) it actually does somewhat of a replication of it...

    Here's the full scoop:


    Author Comment

    Thanks for the article, Jeff...I'm getting the client's web.config files from inside the 60 folder. One question, how or in what order do the web.config files fire? Doing a search, I noticed them in the Config folder, the ISAPI folder, and the Template\Layouts folder. I'm figuring the last is the one that really matters, but the Config folder stores the trust definitions for wss_minimal and wss_medium, and the ISAPI folder is where my web service resides (based on an article of Microsoft's on modifying a web service to run in Sharepoint -

    Also, this is the Google article that describes the "List does not exist" problem, as well as the access/timeout issue I described. However, as noted, after making the suggested fix and rebooting it no longer worked.
    LVL 74

    Expert Comment

    by:Jeffrey Kane - TechSoEasy
    Actually, take a look at this, which is a simpler view of folders & permissions:

    as well as this:


    Author Comment

    I actually pursued a solution of my own and it appears to have resolved the problem; the points should probably be refunded. I only found out today from our client that the solution was successful. What was needed was to add the AllowUnsafeUpdates = true to the site call, which allowed the database to be affected. I'm guessing there was some issue with the SQL authentication in the Sharepoint MSDE database, but I can't be sure. Thanks to TechSoEasy for their thoughts on the issue as well.

    Accepted Solution

    PAQed with points refunded (500)

    Community Support Moderator

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
    Read about why website design really matters in today's demanding market.
    This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
    This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now