Logo 
Search:

Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

WSS sites list from SPS portal

  Asked By: Tucker    Date: Jun 08    Category: Sharepoint    Views: 10561

I've been fighting this all day, and can't find a way around
impersonation.
I need a list of all the WSS web sites to display on a web part on
the SPS portal home page.
I can use thisWeb.GetSubwebsForCurrentUser(), but it only lists the
subareas in the portal, not the /sites/... web sites.
I can cycle through the virtual server's site collections' sites,
but this needs admin access.

Do I need impersonation and a stored username/domain/password to get
the site list I need?

SPSiteCollection sites = virt.Sites;
foreach (SPSite site in sites) // This line needs admin access

Share: 

 

12 Answers Found

 
Answer #1    Answered By: Stephon Valentine     Answered On: Jun 08

I have not found any other solution then impersonating, one option you
may want to consider is to use the Lists in the site  Directory, this
will list  all sites  that have been "Listed" but will now show other
sites. I believe this is a regular list and doesn't require admin  access

I will let know if I found a other solution

 
Answer #2    Answered By: Jasper Hatfield     Answered On: Jun 08

You can use my SimulatedUser.cs class (attached) to become another user.
Call it like this:

private Mindsharp.SimulatedUser user;

user = new Mindsharp.SimulatedUser();
user.Impersonate();

//run your code

user.Undo();

We currently use this throughout the Mindsharp site. However, one of the
tasks on my to do list  is to switch over to using the .NET RevertToSelf
function. It discontinues the ASP.NET impersonation  that IIS is doing
and runs your code as the application pool identity. No stored  usernames
or passwords in config files. I like that. The text file that contains
the research that I've done this far is also attached. But it isn't a
working or easy to use canned solution as of yet. Let me know if you
make some progress in this area.

Note, the code you mention is the same code I posted about a short while
back because I cannot get it to work in my environment. I get an error
even though I am running as the SharePoint Farm Administrator. Let me
know if you can run my code below...

 
Answer #3    Answered By: Rashawn Hopper     Answered On: Jun 08

IIRC, Todd worked with this and WSS team - he filed a bug and they have
decided to not fix it.

I could be wrong, however, but this sounds familiar to what Todd was working
on with the product team. I'm sure he'll respond soon.

 
Answer #4    Answered By: Horace Coffey     Answered On: Jun 08

My email was held up for quite some time. Not sure why.

Attached is an updated version of my RevertToAppPool class. I worked on
it yesterday with Aaron Naas. You call it similar to the way my
SimulatedUser class was called:

private Mindsharp.RevertToAppPool reverter = new
Mindsharp.RevertToAppPool();

reverter.UseAppPoolIdentity();

//run your code

reverter.ReturnToImpersonatingCurrentUser();

This code is currently untested and needs some additional error checking
but it should work. I really like the idea of using the app pool
identity rather than storing credentials in some config file. We are
just using the credentials that are already stored  in the IIS metabase.
Cool.

 
Answer #5    Answered By: Rigoberto Beard     Answered On: Jun 08

I just came across this thread that came up back in December. I am
trying to accomplish exactly what is described below, and am faced with
the exact same situation. I want to display  a hierarchical list  of
sub-sites from within the portal, and the AllSites property requires
admin access.

My question has to do with Todd's proposed solution of a SimulatedUser
class that mimics a system administrator.

I'm not a C-Sharp expert, so please forgive my ignorance. If I am
reading the code right, then the username and password are pulled from
settings in the web.config file. Is that a safe place to put an
administrator's username and password? Can non-administrators access  the
web.config file? Are there ways to safeguard against someone
unauthorized getting at the settings?

 
Answer #6    Answered By: Alphonso Mckay     Answered On: Jun 08

Yes, non-admins can access  the web.config. And the code in the original
post does not require username/pwd as it runs through impersonization.
Regardless, you should never hardcode a username and password into
anything you write. That's just asking for trouble. I haven't tried the
code mentioned in the original post, so I can't help you there. I can
just offer the advice that although it may require more work, avoid
hardcoding usernames/pwds at all costs.

 
Answer #7    Answered By: Daron Oneill     Answered On: Jun 08

Yes, non-admins can access  the web.config. And the code in the original
post does not require username/pwd as it runs through impersonization.
Regardless, you should never hardcode a username and password into
anything you write. That's just asking for trouble. I haven't tried the
code mentioned in the original post, so I can't help you there. I can
just offer the advice that although it may require more work, avoid
hardcoding usernames/pwds at all costs.

 
Answer #8    Answered By: M Juarez     Answered On: Jun 08


I would think it's a little severe to consider recording a username, password, connection string or the like in web.config as hard coding. The issue of security is valid, many people have taken to encrypting values when they store them in web.config like this

www.thedatafarm.com/.../PermaLink.aspx

 
Answer #9    Answered By: Marty Mcdowell     Answered On: Jun 08

Check out my recent blog post for the best method of impersonation  I've
found to date:
mindsharpblogs.com/.../467.aspx

 
Answer #10    Answered By: Dakota Shaffer     Answered On: Jun 08

My work on this got shoved to the back burner, and I am just now getting
back to it.

I've tried using the impersonation  RevertToAppPool class that you
reference, Todd, and I am running into some trouble.

On the line:
foreach(SPWeb web  in site.AllWebs) {

I am getting the error:

Cannot complete this action. Please try again.Microsoft.SharePoint at
Microsoft.SharePoint.Library.a.a(String A_0, Object& A_1, Object& A_2,
Object& A_3, Object& A_4, Object& A_5) at
Microsoft.SharePoint.b.a(String[]& A_0, String[]& A_1, Guid[]& A_2,
Int32[]& A_3, String[]& A_4, String[]& A_5, String[]& A_6, String[]&
A_7, Boolean[]& A_8, Int32[]& A_9, Int16[]& A_10, Int16[]& A_11) at
Microsoft.SharePoint.SPWebCollection.b() at
Microsoft.SharePoint.SPWebCollection.Undirty() at
Microsoft.SharePoint.SPBaseCollection.System.Collections.IEnumerable.Get
Enumerator() at
ASI.PortalLibrary.WebParts.MySubSites.RenderWebPart(HtmlTextWriter
output) in c:\documents and settings\bnadler\my documents\visual studio
projects\asinet3\asiportal\webparts\mysubsites.cs:line 74


I am using the following code:
--------------------
protected override void RenderWebPart(HtmlTextWriter output) {



try {

RevertToAppPool reverter = new RevertToAppPool();
reverter.UseAppPoolIdentity();


SPSite site  = GetSite();
output.WriteLine (site.Url + " ");

foreach(SPWeb web in site.AllWebs) {
output.WriteLine ("Subsite: <a href=" + web.Url
+ ">" + web.Title + "</a> ");
}

reverter.ReturnToImpersonatingCurrentUser();

} catch (System.Exception exc) {
Text += exc.Message + exc.Source + exc.StackTrace;
}

output.Write(Text);
}
-------------------------

 
Answer #11    Answered By: Ted Gilmore     Answered On: Jun 08

I have recreated the problem and I'll try to look into it.

 
Answer #12    Answered By: Monte Cooley     Answered On: Jun 08

It happens that I have run across this same issue. I have been able to use the reverter to revert when doing some things, but not when adding a new site. Todd, have you had time to research this? I have not had any luck finding a solution at this point.

 
Didn't find what you were looking for? Find more on WSS sites list from SPS portal Or get search suggestion and latest updates.




Tagged: