1

我在使用对象模型创建 SharePoint 网站时收到著名的错误“此页面的安全验证无效。单击返回...”...

这是我在 Web 部件中创建共享点站点的代码。

using (SPSite objSite = new SPSite(SPContext.Current.Site.ID))
{
    objSite.AllowUnsafeUpdates = true;
    using (SPWeb objWeb = objSite.OpenWeb(SPContext.Current.Web.ID))
    {
        objWeb.AllowUnsafeUpdates = true;
        SPWeb NewWeb3 = null;
        try
        {
            NewWeb3 = objSite.AllWebs.Add(RelativeITTURL, projectCode, SiteDescription, LocaleID, ITTSiteDefinitionTemplate, false, false);
            NewWeb3.AllowUnsafeUpdates = true;

            NewWeb3.Navigation.UseShared = true;
            NewWeb3.BreakRoleInheritance(true);
            NewWeb3.AllowUnsafeUpdates = true;
            ITTSiteID = new Guid(NewWeb3.ID.ToString());
            NewWeb3.Update();

            NewWeb3.AllowUnsafeUpdates = false;
        }
        catch (Exception ex3)
        {
            StringBuilder Message = new StringBuilder();
            Message.Append(string.Format("Error while creating the site for the 3rd time. '{0}/{1}'\n", _siteCollection, projectCode));
            Message.Append(string.Format("Project Code: {0}\n", projectCode));
            Message.Append(string.Format("ITT Site URL: {0}\n", FullITTSiteURL));
            Message.Append(string.Format("Web Template: {0}\n", _webTemplate));
            Message.Append(string.Format("Web Template To String: {0}\n", ITTSiteDefinitionTemplate.ToString()));
            Message.Append(string.Format("Locale ID: {0}\n", LocaleID.ToString()));
            //Message.Append(string.Format("Form digest validated: {0}\n", ValidateFormDigect.ToString()));

            NFER.ErrorManagement.ErrorLog.LogErrorToEventLog(ex3, Message.ToString());

            lblProvisionStatus.Text = "An error occurred while creating the site. Please close your browser and try again.";
            return;
        }
        finally
        {
            //Since an error can occur
            if (NewWeb3 != null)
                NewWeb3.Dispose();
        }
    }
}

我在这一行得到一个错误

CurrentSite.AllWebs.Add...

我可以使用系统帐户成功创建站点,但使用有限的测试帐户会失败。有趣的是,它曾经在某个时间点起作用,但现在却不是。

这是调用堆栈

Error Message: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again. 
Error Source: Microsoft.SharePoint 
Stack Trace:    at Microsoft.SharePoint.Library.SPRequest.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs)
   at Microsoft.SharePoint.SPSite.CreateWeb(String strUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere, Guid webId, Guid rootFolderId, Boolean createSystemCatalogs)
   at Microsoft.SharePoint.SPSite.SPWebCollectionProvider.CreateWeb(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean bCreateUniqueSubweb, Boolean bConvertIfThere)
   at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, String strWebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere)
   at Microsoft.SharePoint.SPWebCollection.Add(String strWebUrl, String strTitle, String strDescription, UInt32 nLCID, SPWebTemplate WebTemplate, Boolean useUniquePermissions, Boolean bConvertIfThere)
   at ProjectManWebParts.ITTStage2DataCapture.<>c__DisplayClass3.<BtnProvisionITT_Click>b__0() 
Target Site: Void CreateWeb(System.String, System.String, System.String, UInt32, System.String, Boolean, Boolean, System.Guid ByRef, System.Guid ByRef, Boolean) 
Data Begin Information 

Data End Information 

Error Message: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again. 
Error Source:  
Stack Trace:    at Microsoft.SharePoint.Library.SPRequestInternalClass.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs)
   at Microsoft.SharePoint.Library.SPRequest.CreateWeb(String bstrUrl, String bstrTitle, String bstrDescription, UInt32 nLCID, String bstrWebTemplate, Boolean bCreateUniqueWeb, Boolean bConvertIfThere, Guid& pgWebId, Guid& pgRootFolderId, Boolean bCreateSystemCatalogs) 
Target Site: Void CreateWeb(System.String, System.String, System.String, UInt32, System.String, Boolean, Boolean, System.Guid ByRef, System.Guid ByRef, Boolean) 
Data Begin Information 

Data End Information 


 Custom Error Message: Error while creating the site for the 3rd time. 




For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

请任何帮助都非常感谢。

4

3 回答 3

1

您正在做的是防止“GET 参数具有副作用”异常成为 SharePoint 的对象模型。

但是,“此页面的安全验证无效”异常实际上来自 Web 应用程序中每个表单页面中的 Form Digest 组件。这个想法是为每个表单生成一个唯一的 ID,并在表单提交时在服务器上验证它。

有时,为了解决这个问题,值得侵入 HTTPContext.Current 并将“FormDigestValidated”字段设置为 true。像这样:HttpContext.Current.Items["FormDigestValidated"]=true;

编辑 有人说调用SPUtility.ValidateFormDigest()做同样的事情(见http://stephenkaye.blogspot.com/2008/03/form-digest-and-spsecurityrunwithelevat.html)。这听起来比在 HttpContext 中设置字段要少一些“hackish”

我还发现了一篇关于安全验证等的解释性文章:http: //hristapavlov.wordpress.com/2008/05/21/what-you-need-to-know-about-allowunsafeupdates-part-2/

于 2010-01-12T21:28:53.953 回答
0

请试试这个:

Guid webId = Guid.Empty;
SPSecurity.RunWithElevatedPrivileges(delegate() // it's required?
{
    using (SPSite site = new SPSite(SPContext.Current.Site.ID))
    {
        try
        {
            site.AllowUnsafeUpdates = true;
            using(SPWeb web = site.AllWebs.Add(RelativeITTURL, projectCode, 
                SiteDescription, LocaleID, siteDefinitionTemplate, false, false))
            {
                web.AllowUnsafeUpdates = true;
                web.Navigation.UseShared = true;
                web.BreakRoleInheritance(true);
                web.AllowUnsafeUpdates = true;
                web.Update();
                webId = new Guid(NewWeb3.ID.ToString());
            }
        }
        catch (Exception ex3)
        {
            // error handler
        }
    }
 });

如果这不起作用,请告诉我(我这里没有 WSS)

于 2010-01-16T02:34:12.093 回答
0

验证下一行

web.AllowUnsafeUpdates = true;

这一行是之前:

SPSite siteCol = new SPSite(YourSiteURL);
SPWeb web = siteCol.OpenWeb();
SPList list = web.Lists[YourListName];

**web.AllowUnsafeUpdates = true;**
于 2013-11-04T17:15:57.110 回答