Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

using object model to access list, but not the site

  Asked By: Sanchay    Date: Aug 26    Category: Sharepoint    Views: 1236

SPWeb web = SPControl.GetContextWeb(Context);
web.Site.CatchAccessDeniedException = false;

Share: 

 

2 Answers Found

 
Answer #1    Answered By: Laura Walker     Answered On: Aug 26

You can also use the app pool identity from your code to access  the list/site. This is something that works really well so far for us.

You simply call UseAppPoolIdentity() when you want to do something that might cause permissions problems, then when you are done call ReturnToImpersonatingCurrentUser().

public class RevertToAppPool
{
private WindowsImpersonationContext ctx = null;

//Revert to the original application pool security context
//We only want to do this if we are not already running as the system
public void UseAppPoolIdentity()
{
try
{
if (!WindowsIdentity.GetCurrent().IsSystem)
{
ctx = WindowsIdentity.Impersonate(System.IntPtr.Zero);
}
}
catch{}
}

//Return to impersonating the authenticated user
//Anonymous users are impersonated as IUSR_machinename, by default
public void ReturnToImpersonatingCurrentUser()
{
try
{
if(ctx != null)
{
ctx.Undo();
}
}
catch{}
}
}

 
Answer #2    Answered By: Nina Banks     Answered On: Aug 26

I also used the code below to access  a webpart that displays all sites a user is a member of. This webpart is to appear on the user's my sites...so I needed to impersonate the app pool identity in order for the user to see all the sites he/she has access to.

I wanted to post this to say that the code below definitely impersonated the apppool ID, but I still couldn't access the SP site  object. It was weird b/c I could run this code in the catch block while impersonating the apppool ID (administrator) ....

string u = WindowsIdentity.GetCurrent().Name;
string s = base.Context.User.Identity.Name;
output.Write(u + " -- " + s + " ");

and the output would be u = administrator and s = the logged in user <eg. doej>

Patrick states in his blog <blog.u2u.info/.../235.aspx> that at the object  model level, SP is always using the account of the logged on user. This certainly would explain the symptoms I was having.

The blog goes on to suggest using a COM object to overcome this hurdle. That is not an option for us...

At any rate, I have added this one line of code from you/Todd/Jeff Goddard and after several hours of testing, it appears to access the SP objects with the impersonated app pool account.

try
{
this.UseAppPoolIdentity();
WindowsIdentity.Impersonate(WindowsIdentity.GetCurrent().Token);
.....
}
catch
{}
finally
{this.ReturnToImpersonatingCurrentUser();}

 
Didn't find what you were looking for? Find more on using object model to access list, but not the site Or get search suggestion and latest updates.




Tagged: