up vote 0 down vote favorite
share [fb]

I'm getting the following error when attempting to access a SharePoint 2010 site via the SharePoint API from within an ASP.NET MVC Application:

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

The MVC Application is hosted on IIS7 in 64-bit mode with an Application Pool User who is a Site Administrator on the SharePoint installation. Importantly, a WCF Service calling the SharePoint API hosted within the very same web application works without any issues, so I find it strange that I can't get the same results from within a Controller Action.

I have tried:

  • Setting System.web/identity impersonate="true" etc etc
  • Setting System.web/authentication mode="Windows"
  • A combination of the above.

Regardless of what is tried above, System.Security.Principal.WindowsIdentity.GetCurrent().Name returns the expected Application Pool User but Request.IsAuthenticated returns false. This is verified both programmatically by examination through the debugger as well as in the Event Log:

Event code: 4011 
Event message: An unhandled access exception has occurred. 
...
Process information: 
    Process ID: 1234 
    Process name: w3wp.exe 
    Account name: VALIDDOMAIN\VALIDUSER 

Request information: 
    Request URL: http://localhost:2000/Service/ 
    Request path: /Service/ 
    User host address: ::1 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: VALIDDOMAIN\VALIDUSER

How can I call the SharePoint 2010 API from a standard MVC3 Web Application Controller Action?

UPDATE 01:

Here's the code I'm using:

    using (SPSite site = new SPSite(siteUrl))
    {
        workflow.SPSiteCollectionID = site.ID;

        using (SPWeb web = site.OpenWeb())
        {
            foreach (SPGroup group in web.SiteGroups)
            {
                //some code
            }
        }
    }

This fails on the line foreach (SPGroup group in web.SiteGroups)

link|improve this question
75% accept rate
which framework are you targeting? 3.5? – Andreas Scharf Oct 7 at 17:16
.NET 3.5 - that's the only version we can use with the SharePoint 2010 API. – Ryan Shripat Oct 7 at 17:49
yea i know, that's why i asked :P so the access denied happens when you construct a new SPSite object right? Have you tried with Elevated Privileges? also, in the wcf service, do you set the default (network) credentials anywhere (config/code)? – Andreas Scharf Oct 7 at 18:06
Naw, it happens later than new SPSite()... see the update above. It happens when I try to iterate through the SPWeb.SiteGroups. I also don't set the creds anywhere (neither config nor code); remember the MVC app would be using the very same web.config as the WCF service - they're both in the same application. I haven't tried RunWithElevated because I can't see why I'd need to since the WCF service works with the very same code (actually, they're both using the same DLL)... – Ryan Shripat Oct 7 at 18:25
hmm ok this is quite strange... sorry i can't think of anything else since both the mvc app and the service share the same codebase. – Andreas Scharf Oct 10 at 11:39
feedback

1 Answer

up vote 1 down vote

Try this: new SPSite(siteUrl, SystemAccount.UserToken)

link|improve this answer
feedback

Your Answer

 
or
required, but never shown

Not the answer you're looking for? Browse other questions tagged or ask your own question.