[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 484
  • Last Modified:

Sharepoint (WSS) authentication issues in code

First, apologies if this isn't in the right group, but it kind of spans. I'm working with a client that has Windows Server 2003, WSS, accessed through a custom application. In this application, we need to attach files to cases by adding them to a database and storing them in Sharepoint. This process works fine at our office, but the client is having authentication problems.

The only authentication being used is Windows security. Before, my Sharepoint code (in C#) was in a file, and the users would get a login prompt. However, even if they entered correct information, it would not let them in and eventually give an Unauthorized (401.1) error. I decided to move the functionality to a web service and use the Credentials object to set up authentication. These are the calls in my web page:

     pmdtc_ws.CreateSite svcCreateSite = new PMDTC.pmdtc_ws.CreateSite();
     svcCreateSite.Credentials = System.Net.CredentialCache.DefaultCredentials;
     string strResult = svcCreateSite.AttachFile(subWeb, sFileName, pFileContents);

And this is the web service's method:

            [WebMethod]
            public string AttachFile(string pFolderID, string pFileName, byte[] pFileContents)
            {
                  string strMessage;

                  try
                  {
                        SPSite site = SPControl.GetContextSite(Context);
                        SPWeb web;// = SPControl.GetContextWeb(Context);
                        string tmpSite = site.Url;

                        if (pFolderID != "0")
                        {
                              tmpSite += "/" + pFolderID + "/";
                        }

                        tmpSite = tmpSite.Substring(7);
                        int posSite = tmpSite.IndexOf("/");
                        tmpSite = tmpSite.Substring(posSite);

                        web = site.OpenWeb(tmpSite);
                        web.AllowUnsafeUpdates = true;
                        SPFolder folder;
                        SPFile file;
                        folder = web.GetFolder("Shared Documents");

                        file = web.GetFile(folder.Url + "/" + pFileName);

                        if (file.Exists) ////check in existing file
                        {
                              file.CheckOut();
                              file.SaveBinary(pFileContents);
                              file.CheckIn(""); ////We have to force the checkin here.
                        }
                        else ////Add a new file
                        {
                              SPFileCollection files;
                              files = folder.Files;
                              
                              files.Add(folder.Url + "/" + pFileName, pFileContents);
                        }

                        strMessage = "Success!";
                  }
                  catch (Exception ex)
                  {
                        strMessage = "Fail! " + ex.Message.ToString();
                  }

                  return strMessage;
            }

When I run this, I get back an ASP.Net error page, that says the user is unauthorized: 401, treating it as an unhandled exception. (As a note, users have Contributer permissions in Sharepoint, and a cross-site group with Contributer permissions is set up for the subsites that files might be stored to, but this happens at any level.)

We found that if the administrator does a file attach, it will work, and allow access to the site for a time, before it loses that access. Also, when I used a standard user (having the problem) to access the Sharepoint site, we got this error message:

"Error

List does not exist

The page you selected contains a list that does not exist. It may have been deleted by another user. Click "Home" at the top of the page to return to your Web site."

There was a fix mentioned on Google for this, giving users read access to the webtemp.xml file in Templates/1033/XML, but that worked only until we rebooted the machine.

I've been trying to figure this out for a few weeks now with no success, so any help would be extremely appreciated. Thanks.
0
kmac23va
Asked:
kmac23va
  • 2
  • 2
1 Solution
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Even though Sharepoint seems to be using Active Directory (Windows Authentication) it actually does somewhat of a replication of it...

Here's the full scoop:  http://msdn.microsoft.com/library/en-us/odc_SP2003_ta/html/sharepoint_wsscodeaccesssecurity.asp

Jeff
TechSoEasy
0
 
kmac23vaAuthor Commented:
Thanks for the article, Jeff...I'm getting the client's web.config files from inside the 60 folder. One question, how or in what order do the web.config files fire? Doing a search, I noticed them in the Config folder, the ISAPI folder, and the Template\Layouts folder. I'm figuring the last is the one that really matters, but the Config folder stores the trust definitions for wss_minimal and wss_medium, and the ISAPI folder is where my web service resides (based on an article of Microsoft's on modifying a web service to run in Sharepoint - http://msdn.microsoft.com/library/default.asp?url=/library/en-us/spptsdk/html/soapptCreateCustomWebService_SV01083361.asp).

Also, this is the Google article that describes the "List does not exist" problem, as well as the access/timeout issue I described. However, as noted, after making the suggested fix and rebooting it no longer worked. http://groups-beta.google.com/group/microsoft.public.sharepoint.windowsservices/browse_thread/thread/af31e15c9c25d508/8066f85b290548f6?q=%22list+does+not+exist%22+sharepoint&rnum=4&hl=en#8066f85b290548f6
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Actually, take a look at this, which is a simpler view of folders & permissions:  
http://www.microsoft.com/resources/documentation/wss/2/all/adminguide/en-us/stsk07.mspx

as well as this:  http://www.microsoft.com/resources/documentation/wss/2/all/adminguide/en-us/stsk08.mspx

Jeff
TechSoEasy
0
 
kmac23vaAuthor Commented:
I actually pursued a solution of my own and it appears to have resolved the problem; the points should probably be refunded. I only found out today from our client that the solution was successful. What was needed was to add the AllowUnsafeUpdates = true to the site call, which allowed the database to be affected. I'm guessing there was some issue with the SQL authentication in the Sharepoint MSDE database, but I can't be sure. Thanks to TechSoEasy for their thoughts on the issue as well.
0
 
moduloCommented:
PAQed with points refunded (500)

modulo
Community Support Moderator
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now