Acesso negado ao ativar recursos que implementam SPFeatureReceiver?
-
09-12-2019 - |
Pergunta
Desenvolvemos vários recursos que implementam a interface SPFeatureReceiver.Ao tentar isso no ambiente de desenvolvimento, ele falhou primeiro até que encontrei este script do MSDN:
function Set-RemoteAdministratorAccessDenied-False()
{
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") > $null
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint.Administration") > $null
# get content web service
$contentService = [Microsoft.SharePoint.Administration.SPWebService]::ContentService
# turn off remote administration security
$contentService.RemoteAdministratorAccessDenied = $false
$contentService.Update()
}
Set-RemoteAdministratorAccessDenied-False
Depois de executar o script e redefinir o IIS, tudo funcionou bem no desenvolvimento e pudemos ativar o recurso (como Farm Admin) em Site Settings > Manage Site Features
com o escopo definido como Site http://mysolution/_layouts/ManageFeatures.aspx?Scope=Site.Após a ativação revertemos a propriedade RemoteAdministratorAccessDenied para true novamente e fizemos um novo IISRESET
.
No servidor de produção, utilizamos o mesmo procedimento após a implantação do recurso:
- Defina RemoteAdministratorAccessDenied como falso
- IISRESET e tentei ativar o recurso - mas falhou.
A mensagem de erro que recebemos é a seguinte:
Server Error in '/' Application.
--------------------------------------------------------------------------------
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Access Denied.
Source Error:
The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:
1. Add a "Debug=true" directive at the top of the file that generated the error. Example:
<%@ Page Language="C#" Debug="true" %>
or:
2) Add the following section to the configuration file of your application:
<configuration>
<system.web>
<compilation debug="true"/>
</system.web>
</configuration>
Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.
Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.
Stack Trace:
[SecurityException: Access Denied.]
Microsoft.SharePoint.Administration.SPPersistedObject.BaseUpdate() +27451643
Microsoft.SharePoint.Administration.SPJobDefinition.Update() +152
Company.IssueTracker.Features.NewIssueTimerJob.NewIssueTimerJobEventReceiver.FeatureActivated(SPFeatureReceiverProperties properties) +837
Microsoft.SharePoint.SPFeature.DoActivationCallout(Boolean fActivate, Boolean fForce) +25671814
Microsoft.SharePoint.SPFeature.Activate(SPSite siteParent, SPWeb webParent, SPFeaturePropertyCollection props, Boolean fForce) +25676799
Microsoft.SharePoint.SPFeatureCollection.AddInternal(SPFeatureDefinition featdef, Version version, SPFeaturePropertyCollection properties, Boolean force, Boolean fMarkOnly) +27776095
Microsoft.SharePoint.SPFeatureCollection.AddInternalWithName(Guid featureId, String featureName, Version version, SPFeaturePropertyCollection properties, Boolean force, Boolean fMarkOnly, SPFeatureDefinitionScope featdefScope) +150
Microsoft.SharePoint.SPFeatureCollection.Add(Guid featureId, Boolean force, SPFeatureDefinitionScope featdefScope) +83
Microsoft.SharePoint.WebControls.FeatureActivator.ActivateFeature(Guid featid, SPFeatureDefinitionScope featdefScope) +699
Microsoft.SharePoint.WebControls.FeatureActivatorItem.BtnActivateFeature_Click(Object objSender, EventArgs evtargs) +140
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +115
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +140
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +29
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11058199
System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +11057738
System.Web.UI.Page.ProcessRequest() +91
System.Web.UI.Page.ProcessRequest(HttpContext context) +240
ASP._layouts_managefeatures_aspx.ProcessRequest(HttpContext context) +9
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +599
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +171
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.4963; ASP.NET Version:2.0.50727.4971
Meu ambiente:Servidor SharePoint 2010
Perguntas relacionadas no SharePoint 2007:
Solução
Se os blogs que C.vinculado a não ajuda, eu tentaria definir o escopo do recurso WebApplication, o que provavelmente é a coisa certa, pois você está adicionando um novo timerjob.
Presumo que em FeatureDeactiving você remova o trabalho novamente.Nesse caso você terá problema se alguém ativar o recurso em duas Webs e depois removê-lo de uma delas.
Outras dicas
Acredito que seu problema já foi resolvido aqui? Receptor de eventos FeatureActivated dando acesso negado ao tentar definir a propriedade WebApplicatione o problema é explicado mais detalhadamente aqui http://blog.bugrapostaci.com/tag/remoteadministratoraccessdenied/
Espero que ajude, c: marius