Delpoying farm solution (Application Page) sharepoint 2010 --Access denied

sharepoint.stackexchange https://sharepoint.stackexchange.com//questions/28934

Question

I am deploying an application page (globally), I have a button on the editform.aspx. When a user clicks on the button, it redirects to the application page in a new window but I am getting an error Access denied.

Below is my code in the page load function: 

           SPSecurity.RunWithElevatedPrivileges(delegate()
            {if (Request.QueryString["IDs"] != null)
                {

                    ticketID= Request.QueryString["IDs"].ToString();

                }
                else
                {
                    ticketID= "";
                }
                    ticketIdTEXTBOX.Text = ticketID;
});

I am getting Access Denied, screen shot below:

enter image description here

Was it helpful?

Solution

Using firebug (or chrome or ie dev tools) check if your redirect button redirects you to correct address. (For example you may expect that it redirects to http://mysite/sites/cars/_layouts/myApplicationPage.aspx, but it actually redirects to http://mysite/_layouts/myApplicationPage.aspx where you get access denied).

And also (this is not an answer, but note), it is absolutely no make sense to use RunWithElevatedPrivileges to access Request.QueryString.

edit
_layouts is a virtual directory in iis, which means that it maps to the physical path (for sharepoint it is 14\template\layout). Every sharepoint web application has this virtual directory, which means that yes, it is accessible between all web applications.

You may have two site collections under http://mysite/ and http://mysite/sites/sitecol. Your application page is accessible using http://mysite/_layouts/myapplicationpage.aspx and http://mysite/sites/sitecol/_layouts/myapplicationpage.aspx. But when user access to this application pages security still working for user, because it requests page in particular site collection. And this means that if user has no sufficient rights under http://mysite/ he gets access denied under http://mysite/_layouts/myapplicationpage.aspx, but can successfully navigate to http://mysite/sites/sitecol/_layouts/myapplicationpage.aspx (again, if user has rights).
Hope I answer your question.

OTHER TIPS

I encountered a similar issue in the past. I was able to get through the problem by using teh Farm Account to deploy the solution. Hopefully this helps you out!

Good Luck!

Make sure that all resources the page uses are accessible to the current user. Things to consider include but are not limited to:

  • Master Page checked in and viewable by user
  • CSS files stored in SharePoint are checked in and viewable by user
  • JavaScript files stored in SharePoint are checked in and viewable by user
  • Image files (including favicon) stored in SharePoint are checked in and viewable by user
  • Web Parts and other controls on the page don't utilize resources not accessible by the user
Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top