1

I'm trying to read the web.config for a web app from the code-behind DLL of an aspx page. However, all I'm getting back to the browser is 403 Forbidden.

First I was trying this deploying the DLL to the web app's bin folder. To begin with, I got a FileIOPermission exception. I was able to get around this by adding a FileIOPermission attribute to the class in the aspx.cs. However, with that solved, all I get now is 403 Forbidden. I am testing this whilst logged in as the site administrator.

The code I'm using is:

SPWeb spWeb = SPContext.Current.Web; SPWebApplication webApp = spWeb.Site.WebApplication; Configuration config = WebConfigurationManager.OpenWebConfiguration("/", webApp.Name);

I'm using WSPBuilder and this creates the necessary Code Access Security policies for my DLL as far as I can see:

<NamedPermissionSets> ... <PermissionSet class="NamedPermissionSet" version="1" Description="WSPBuilder generated permissionSet" Name="mysolution.wsp-575f9c91-53d5-4a70-825b-b9a025c24427-1"> ... <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" /> ... </PermissionSet> ... </NamedPermissionSets>

These are in a custom trust file in 12/CONFIG, which is referenced by the web app's web.config.

I also tried deploying the DLL to the GAC instead of bin, but exactly the same error - 403 Forbidden. I wonder what I'm missing?

Improve this question
1
  • I've just noticed that if I alter the web.config file permissions through the filesystem, and give Everyone 'Read' access, I no longer get the 403 Forbidden. I don't really want to do this, not just for security, but because I'd have to do it every time I deploy the wsp to a new web app. Must be another way around this? Commented Mar 2, 2011 at 14:01

1 Answer 1

Reset to default
1

You added the FileIOPermission exception but did you add the CAS policy rule?

Have a look at this: http://www.bluedoglimited.com/SharePointThoughts/ViewPost.aspx?ID=249

Improve this answer
3
  • Thanks James, I'm using WSPBuilder, which seems to create the CAS rules for you. I'll edit my original question with the details of what is in my custom trust file after deployment of the solution. Just as an aside, I also get the 403 Forbidden when the DLL is deployed to the GAC -- which as far as I understand wouldn't require CAS policies? Commented Mar 2, 2011 at 13:30
  • Yup. DLL in GAC won'tneed CAS. Tried using Elevated Privileges? msdn.microsoft.com/en-us/library/… Commented Mar 2, 2011 at 14:20
  • Yep, it does indeed work if I run with elevated privileges -- thanks James! Commented Mar 2, 2011 at 16:12

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.