Access Denied when access another site collection properties
https://sharepoint.stackexchange.com/questions/163597
-
06-10-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianВопрос
I have two site collections:
http://company- this is main portalhttp://company:200- this is personal sites.
On a personal sites collection, in its root web properties we stores Guid of main portal site collection: personalWeb.Properties[MainPortalGuid].
On a main site, also in web.Properties we had stored some specific info: mainWeb.Properties[SomeInfo]
Being in Personal sites collection, I need to access this specific info, and I always get "Access denied" exception when trying to read main site properties. I'm acting that way:
Guid portalGuid = new Guid();
SPServiceContext serviceContext = SPServiceContext.GetContext(SPContext.Current.Site);
UserProfileManager upm = new UserProfileManager(serviceContext);
string pesonalSitesUrl = upm.MySiteHostUrl;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite personalSite = new SPSite(pesonalSitesUrl))
{
using (SPWeb personalWeb = personalSite.RootWeb)
{
string guid = personalWeb.Properties[MainPortalGuid];
portalGuid = new Guid(guid);
}
}
using (SPSite secureSite = new SPSite(portalGuid))
{
using (SPWeb secureWeb = secureSite.RootWeb))
{
// And this line throws "access denied" exception:
if (secureWeb.Properties.ContainsKey(CommonConsts.RssKeyCommon))
{
someInfo = secureWeb.Properties[SomeInfo];
}
}
}
});
I'm creating new SPSite/SPWeb objects in RunWithElevatedPrivileges delegate. All Guids and consts are correct, all properties exists and not empty.
I've also tried SPSecurity.CatchAccessDeniedException with no luck.
Решение
We've found the answer - the problem is that these site collections were created under different Application Pool Users.
Main portal runs under Pool_Portal_User, and Personal Sites runs under Pool_Personal_User.
Because of that we've got Access Denied when trying to access Main Portal from Personal Sites.
To resolve this, we need to grant access to Pool_Personal_User on Main Portal.
In SharePoint PowerShell console (run as Fram administrator account):
$app = Get-SPWebApplication http://company
$app.GrantAccessToProcessIdentity("Domain\Pool_Personal_User")
$app.Update()
