0

I'm using a portalsitemapprovider object to create my navigation server control.

I've assigned sharepoint object model access and impersonation rights in the controls CAS. However despite this I can't retrieve the child nodes of the root node of the sitemap, they just return an error.

If I change the web app to run under full trust I can retrive the child nodes.

Thus my question is what CAS policies are requried to fully access data in the sitemap provider object, and how come I can access the root node but not it's children currently?

Example code:

PortalSiteMapProvider sp = PortalSiteMapProvider.WebSiteMapProvider;
PortalSiteMapNode rootNode = (PortalSiteMapNode)siteProvider.RootNode;
foreach (SiteMapNode node in rootNode.ChildNodes)
{
    //this loop returns 1 item with title "Error" with no exception thrown. 
}

My Assembly has the following CAS requests:

[assembly: SharePointermission(SecurityAction.RequestMinimum, ObjectModel=true, Impersonate=true)]

With approprite IPermission entries in the deployment manifest. After deploying the web app web.config is updated to WSS_Custom trust level as expected.

Any ideas?

Thanks

Marinos An
  • 9,481
  • 6
  • 63
  • 96
Eriedor
  • 391
  • 2
  • 13

1 Answers1

1

You could try using Reflector. This should show you the CAS permissions on that class.

Or use WSPBuilder, which will use reflection to generate the CAS file for you. I recommend this option as you shouldn't need to worry about editing your CAS files again!

Alex Angas
  • 59,219
  • 41
  • 137
  • 210
  • Not sure how to see the CAS permissions on a class in reflector. I am using WSPBuilder and it is creating a custom CAS but it doesn't seem to work! :( – Eriedor Aug 03 '09 at 22:02
  • Navigate to the class and look at the attributes decorating it (should be near the top line). – Alex Angas Aug 04 '09 at 05:22
  • Ok I had a look and the portalsitemapnode has a link demand for asphostingpermission.minimal (covered by wss_minimal) and a link demand for sharepoint object (covered by my custom cas). What is strange is if CAS levels aren't being met shouldn't the assembly simply not load? (e.g. if i change web app trust level to wss_medium the assembly won't load). Why does it load the assembly fine but fail the call without a security exception, just a generic "error". – Eriedor Aug 04 '09 at 10:13
  • Set CustomErrors to Off in web.config and see if you get more details. Maybe it's nothing to do with security. – Alex Angas Aug 04 '09 at 11:00