我更改了Sharepoint 2010 Web应用程序的IIS池身份服务帐户,从而替换了默认的“网络服务”帐户(使用Sharepoint Administrator。)现在,MS在“应用程序池帐户”中记录了池服务帐户权限“ 部分: http://technet.microsoft.com/en-us/library/cc678863%28v=office.14%29.aspx
尝试激活其他网站功能时,我的功能中的代码升级失败,但出现以下异常:
创建网站时出现异常:此安全验证 页面无效。在Web浏览器中单击“返回”,刷新页面,然后 再次尝试你的操作。
堆栈追踪:
at Microsoft.SharePoint.SPGlobal.HandleComException(COMException comEx)
at Microsoft.SharePoint.Library.SPRequest.ValidateFormDigest(String bstrUrl, String bstrListName)
at Microsoft.SharePoint.SPWeb.ValidateFormDigest()
at Microsoft.SharePoint.SPSecurity.ValidateSecurityOnOperation(SPOperationCode code, SPSecurableObject obj)
at Microsoft.SharePoint.SPFeature.AddRowToFeaturesTable(SPFeaturePropertyCollection props, SPSite site, SPWeb web, Boolean fForce)
at Microsoft.SharePoint.SPFeature.Activate(SPSite siteParent, SPWeb webParent, SPFeaturePropertyCollection props, SPFeatureActivateFlags activateFlags, Boolean fForce)
at Microsoft.SharePoint.SPFeatureCollection.AddInternal(SPFeatureDefinition featdef, Version version, SPFeaturePropertyCollection properties, SPFeatureActivateFlags activateFlags, Boolean force, Boolean fMarkOnly)
at Microsoft.SharePoint.SPFeatureCollection.AddInternalWithName(Guid featureId, String featureName, Version version, SPFeaturePropertyCollection properties, SPFeatureActivateFlags activateFlags, Boolean force, Boolean fMarkOnly, SPFeatureDefinitionScope featdefScope)
at Microsoft.SharePoint.SPFeatureCollection.Add(Guid featureId)
池标识用户需要具有哪些其他权限才能正确运行提升的代码? 如果我将池标识设置为我的场帐户(如owstimer服务),是否存在安全风险? (如果是,为什么?)
答案 0 :(得分:0)
在提升的代码中,要更新的SPWeb对象必须具有AllowUnsafeUpdates = true。这解决了这个问题。 正如所建议的那样,问题转发在sharepoint.stackexchange.com上: https://sharepoint.stackexchange.com/questions/111507/sharepoint-2010-fails-to-run-elevated-code-as-iis-pool-identity-account