Archive for February, 2011

I’ve just been trying to create an application page which will submit data to a list in another site collection in SharePoint 2010. I went through the usual process of using  SPSecurity.RunWithElevatedPrivileges to add the list item as can be seen in my generic list insertion method below.  

Insert List Item Method
  1. /// <summary>
  2.         /// Inserts the list item.
  3.         /// </summary>
  4.         /// <param name="siteUrl">The site URL.</param>
  5.         /// <param name="listName">Name of the list.</param>
  6.         /// <param name="itemColumns">The item columns.</param>
  7.         /// <param name="itemValues">The item values.</param>
  8.         public static void InsertListItem(string siteUrl, string listName, string[] itemColumns, string[] itemValues)
  9.         {
  10.             SPSecurity.RunWithElevatedPrivileges(
  11.                 delegate
  12.                 {
  13.                     using (var currentSite = new SPSite(siteUrl))
  14.                     {
  15.                         using (var currentWeb = currentSite.OpenWeb())
  16.                         {
  17.                             var item = currentWeb.Lists[listName].Items.Add();
  18.                             for (var i = 0; i < itemColumns.Length; i++)
  19.                             {
  20.                                 item[itemColumns[i]] = itemValues[i];
  21.                             }
  22.  
  23.                             item.Update();
  24.                         }
  25.                     }
  26.                 });
  27.         }

 

However, when I tried to submit the form, I received the following error :

The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again.

Turns out that this is the default behaviour of SharePoint 2010. However, it can be overridden by switching the Web Page Security Validation of the Web Application to off:

In Central Admin navigate to  Application Management –> Manage Web Applications –> Choose the web application you want to change. Then select General Settings from the General Settings dropdown seen in the image below.

image

In the popup window scroll down until you see the section below and set the security validation to off.

image

You’ll find that you can now submit across site collection. At present I’m not entirely sure of the security ramifications here, but as the site i’ve done this on is an intranet site it not as bad if its exposed. Anyway, I sure someone out there will let me know if there’s a better way!!

Advertisements