Re: Problemes with custom Webservices and security.
From: Noble Lesmana (NobleLesmana_at_discussions.microsoft.com)
Date: 12/10/04
- Next message: John S: "Re: 48 hour response?"
- Previous message: Wei-Dong XU [MSFT]: "RE: Using DataList in Web Part"
- In reply to: Tako: "Re: Problemes with custom Webservices and security."
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 9 Dec 2004 23:09:01 -0800
I believe the web service is run under the anonymous access or the security
context which does not have any permission to create site. You should try
with the impersonation on your web service to run under the security context
of the site owner. I hope it will work. Thanks
Noble
"Tako" wrote:
> Noble Lesmana wrote:
> > Hi,
> >
> > Before I can do much help with your problem here, I need to see what
> > you're trying to do in you finally block. However, I suspect that you
> > do something that generates exception in your finally block. When the
> > exception is thrown, the ASP.NET will redirect your client to the
> > error page. Hence, you will never get the 'return "hello"' line
> > executed.
>
> At the end was a problems with the CatchAccessDeniedException from
> SPSite class :)
>
>
> >
> > You can try putting another try/catch block inside your finally block.
> >
> > As for the security issues, I suggest that you enable the
> > impersonation of security context. You can add:
> >
> > <identity impersonate="true"/>
> >
> > inside the web.config of your web service application.
> >
> > Then you should disable anonymous access in the IIS setting. Then you
> > can use windows authentication to enforce your client to login with
> > the security context that has permission to create site.
> >
> > Thank you.
> >
> >
> > "Tako" wrote:
> >
> >>
> >> I have a very strange problem:
> >>
> >> I have a client that calls a Webservice, this Webservice calls a
> >> DLL that uses de object model to create sites in SPS2003.
> >> If the user that uses the client hasn´t rights to create sites
> >> then the DLL throws a exception, this exception is catched by the
> >> Webservice, but then some strange happens.
> >>
> >> The code is something like that
> >>
> >> try
> >> call to dll
> >> catch
> >> somecode A
> >> finally
> >> somecode B
> >> end try
> >>
> >> return "hello"
> >>
> >> The call to dll generates a exception that it´s traped by
> >> "catch" then "somecode A" is executed, after that the "finally" part
> >> is executed ("somecode B") But then the Webservice never executes
> >> 'return "hello"', nevers executes code outsite the try statement.
> >>
> >> Then the client throws a connection exception (http error 401).
> >>
> >> It seems that the Webservice redirects itself to a page where
> >> the user does not have permissions and generates this connection
> >> error.
> >>
> >> Why happens this? I catch the security exception so I don´t know
> >> why the SPS redirects the Webservice´s call to another place
> >> Any suggestion?
> >>
> >> Thank you very much mucho
>
>
>
>
- Next message: John S: "Re: 48 hour response?"
- Previous message: Wei-Dong XU [MSFT]: "RE: Using DataList in Web Part"
- In reply to: Tako: "Re: Problemes with custom Webservices and security."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
