tags:

views:

175

answers:

1
Q: 

PortalSiteMapprovider Code Access Security Requirements

Hi All,

I'm using a portalsitemapprovider object to create my navigation server control.

I've assigned sharepoint object model access and impersonation rights in the controls CAS. However despite this I can't retrieve the child nodes of the root node of the sitemap, they just return an error.

If I change the web app to run under full trust I can retrive the child nodes.

Thus my question is what CAS policies are requried to fully access data in the sitemap provider object, and how come I can access the root node but not it's children currently?

Example code:

PortalSiteMapProvider sp = PortalSiteMapProvider.WebSiteMapProvider;
PortalSiteMapNode rootNode = (PortalSiteMapNode)siteProvider.RootNode;
foreach (SiteMapNode node in rootNode.ChildNodes)
{
    //this loop returns 1 item with title "Error" with no exception thrown. 
}

My Assembly has the following CAS requests:

[assembly: SharePointermission(SecurityAction.RequestMinimum, ObjectModel=true, Impersonate=true)]

With approprite IPermission entries in the deployment manifest. After deploying the web app web.config is updated to WSS_Custom trust level as expected.

Any ideas?

Thanks

+1  A: 

You could try using Reflector. This should show you the CAS permissions on that class.

Or use WSPBuilder, which will use reflection to generate the CAS file for you. I recommend this option as you shouldn't need to worry about editing your CAS files again!

Alex Angas  2009-08-03 19:56:33
Not sure how to see the CAS permissions on a class in reflector.I am using WSPBuilder and it is creating a custom CAS but it doesn't seem to work! :(
Eriedor  2009-08-03 22:02:24
Navigate to the class and look at the attributes decorating it (should be near the top line).
Alex Angas  2009-08-04 05:22:54
Ok I had a look and the portalsitemapnode has a link demand for asphostingpermission.minimal (covered by wss_minimal) and a link demand for sharepoint object (covered by my custom cas).What is strange is if CAS levels aren't being met shouldn't the assembly simply not load? (e.g. if i change web app trust level to wss_medium the assembly won't load).Why does it load the assembly fine but fail the call without a security exception, just a generic "error".
Eriedor  2009-08-04 10:13:51
Set CustomErrors to Off in web.config and see if you get more details. Maybe it's nothing to do with security.
Alex Angas  2009-08-04 11:00:18

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps