The problem was further complicated by the fact that users were able to access the page once any admin users log in and access the page. after sometime, they were used to complain about 403 error.
If i reset the IIS or restart the server, once again all users were started receiving 403 error again. So something was terribly wrong!!!
We had Ajax enabled custom sharepoint smart part(webpart with user control) on the page and when i have removed the part from page everything was working fine. But, that's not the solution. But, one thing i could conclude that something is wrong with the webpart. But what, let us investigate!!!
(Webpart debugging in sharepoint becomes complex when Ajax and user controls are part of it.)
In my case the response was following:
but it can be in nay of following form:
1.
You are not authorized to view this page
You do not have permission to view this directory or page using the credentials that you supplied.
--------------------------------------------------------------------------------
2.
Please try the following:
Contact the Web site administrator if you believe you should be able to view this directory or page.
Click the Refresh button to try again with different credentials.
HTTP Error 403 - Forbidden: Access is denied.
Internet Information Services (IIS)
--------------------------------------------------------------------------------
3.
Technical Information (for support personnel)
Go to Microsoft Product Support Services and perform a title search for the words HTTP and 403.
Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled About Security, Authentication, and About Custom Error Messages.
Solution:
As the error message clearly indicates that you are not authorized to access some resource. It could be page itself, image, css, xml files, web service files(.asmx files), assembly(yes, assembly!!!) , resource Assembly(satellite assembly) or any other resource you can think of.
I started debugging with HTTP error logs and IIS logs in order to identify the resource forwhich HTTP 403 was thrown.
1. First i found that the users are getting 403 errors for some XML files that we were consuming in our webpart. As we didnt assign Read permission and users's identity is used to access the resource by default,access was denied to non-admin user.
in this case, we have two solutions:
1. Grant "Read" permissions for every authenticated user.
2. Use elevated permissions(SPElevatedPermission)in code while accessing the files.
I opted second solution.
2. Then after we found that, 403 is being thrown on webservice.asmx/js file. We were using lot of ajax in webpart. this particular webpart was contacting autocompleteservice.asmx to get the suggestions for autocomplete textbox. When asp.net ajax make call to webservice through client, it creates javascript proxy on the file. You can view this java script proxy by appending /js afte webservice url.
(For instance, if your webservice is available at http://somehost/webservice.asmx, you can view it's java script proxy by typing http://somehost/webservice.asmx/js in ur browser address bar.But make sure that your webservice are marked with [ScriptService] in your code otherwise the java script proxy won't be generated.)
More Coming in next post soon....
4 comments:
We've hit this exact same scenario running a custom web part that loads a user control. The user control uses the AJAX extensions for ASP.NET 2.0, and the control toolkit is deployed to the site's bin directory along with the custom web part and user control assemblies.
You begin to mention an issue with the JS proxy (asmx/js) and remind folks to provide the [ScriptService] attribute on the web method.
However, in my case, I'm not calling any of my own custom web services.. I do use the partial page UpdatePanel control, a ModalPopupExtender, and a DropDownExtender .. that's it.
Once an admin connects to the page, we're OK for a while. Then later on, the 403 errors return for non-admins. Any help or suggestions? Thanks!
OK, I've solved the issue thanks to VictorV's post, here:
http://objectmix.com/sharepoint/298556-users-receive-intermittent-forbidden-errors-event-id-1314-a-3.html
And thanks to this post as well, since the solution really was here too.
Nice article. Many thanks...
Post a Comment