我在使用对象模型创建SharePoint网站时遇到了着名的错误“此页面的安全验证无效。单击返回...”。
这是我在Web部件中创建共享点网站的代码。
using (SPSite objSite = new SPSite(SPContext.Current.Site.ID))
{
objSite.AllowUnsafeUpdates = true;
using (SPWeb objWeb = objSite.OpenWeb(SPContext.Current.Web.ID))
{
objWeb.AllowUnsafeUpdates = true;
SPWeb NewWeb3 = null;
try
{
NewWeb3 = objSite.AllWebs.Add(RelativeITTURL, projectCode, SiteDescription, LocaleID, ITTSiteDefinitionTemplate, false, false);
NewWeb3.AllowUnsafeUpdates = true;
NewWeb3.Navigation.UseShared = true;
NewWeb3.BreakRoleInheritance(true);
NewWeb3.AllowUnsafeUpdates = true;
ITTSiteID = new Guid(NewWeb3.ID.ToString());
NewWeb3.Update();
NewWeb3.AllowUnsafeUpdates = false;
}
catch (Exception ex3)
{
StringBuilder Message = new StringBuilder();
Message.Append(string.Format("Error while creating the site for the 3rd time. '{0}/{1}'\n", _siteCollection, projectCode));
Message.Append(string.Format("Project Code: {0}\n", projectCode));
Message.Append(string.Format("ITT Site URL: {0}\n", FullITTSiteURL));
Message.Append(string.Format("Web Template: {0}\n", _webTemplate));
Message.Append(string.Format("Web Template To String: {0}\n", ITTSiteDefinitionTemplate.ToString()));
Message.Append(string.Format("Locale ID: {0}\n", LocaleID.ToString()));
//Message.Append(string.Format("Form digest validated: {0}\n", ValidateFormDigect.ToString()));
NFER.ErrorManagement.ErrorLog.LogErrorToEventLog(ex3, Message.ToString());
lblProvisionStatus.Text = "An error occurred while creating the site. Please close your browser and try again.";
return;
}
finally
{
//Since an error can occur
if (NewWeb3 != null)
NewWeb3.Dispose();
}
}
}
我在此行收到错误
CurrentSite.AllWebs.Add...
我可以使用系统帐户成功创建网站,但使用有限的测试帐户会失败。有趣的是它在某个时间点工作但现在却没有。
这是调用堆栈
Error Message: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.
Error Source: Microsoft.SharePoint
Stack Trace: at Microsoft.SharePoint.Library.SPRequest.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs)
at Microsoft.SharePoint.SPSite.CreateWeb(String strUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere, Guid webId, Guid rootFolderId, Boolean createSystemCatalogs)
at Microsoft.SharePoint.SPSite.SPWebCollectionProvider.CreateWeb(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere)
at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere)
at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, SPWebTemplate WebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere)
at ProjectManWebParts.ITTStage2DataCapture.<>c__DisplayClass3.<BtnProvisionITT_Click>b__0()
Target Site: Void CreateWeb(System.String, System.String, System.String, UInt32, System.String, Boolean, Boolean, System.Guid ByRef, System.Guid ByRef, Boolean)
Data Begin Information
Data End Information
Error Message: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.
Error Source:
Stack Trace: at Microsoft.SharePoint.Library.SPRequestInternalClass.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs)
at Microsoft.SharePoint.Library.SPRequest.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs)
Target Site: Void CreateWeb(System.String, System.String, System.String, UInt32, System.String, Boolean, Boolean, System.Guid ByRef, System.Guid ByRef, Boolean)
Data Begin Information
Data End Information
Custom Error Message: Error while creating the site for the 3rd time.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
请真正感谢任何帮助。
答案 0 :(得分:1)
您正在做的是阻止“GET参数具有副作用”例外而不是SharePoint的对象模型。
但是,“此页面的安全验证无效”的异常实际上来自表单摘要组件,该组件位于Web应用程序的每个表单页面中。我们的想法是为每个表单生成一个唯一的ID,并在提交表单时在服务器上对其进行验证。
有时,为了解决这个问题,值得入侵HTTPContext.Current并将“FormDigestValidated”字段设置为true。像这样:HttpContext.Current.Items["FormDigestValidated"]=true;
修改
有人说调用SPUtility.ValidateFormDigest()做同样的事情(见http://stephenkaye.blogspot.com/2008/03/form-digest-and-spsecurityrunwithelevat.html)。这听起来比在HttpContext
我还发现了一篇关于安全性验证的解释性文章:http://hristopavlov.wordpress.com/2008/05/21/what-you-need-to-know-about-allowunsafeupdates-part-2/
答案 1 :(得分:0)
请试试这个:
Guid webId = Guid.Empty;
SPSecurity.RunWithElevatedPrivileges(delegate() // it's required?
{
using (SPSite site = new SPSite(SPContext.Current.Site.ID))
{
try
{
site.AllowUnsafeUpdates = true;
using(SPWeb web = site.AllWebs.Add(RelativeITTURL, projectCode,
SiteDescription, LocaleID, siteDefinitionTemplate, false, false))
{
web.AllowUnsafeUpdates = true;
web.Navigation.UseShared = true;
web.BreakRoleInheritance(true);
web.AllowUnsafeUpdates = true;
web.Update();
webId = new Guid(NewWeb3.ID.ToString());
}
}
catch (Exception ex3)
{
// error handler
}
}
});
如果这不起作用,请告诉我(我在这里没有WSS)
答案 2 :(得分:0)
验证下一行
web.AllowUnsafeUpdates = true;
此行在之前:
SPSite siteCol = new SPSite(YourSiteURL);
SPWeb web = siteCol.OpenWeb();
SPList list = web.Lists[YourListName];
**web.AllowUnsafeUpdates = true;**