Security validation error receiving only in a single server in a farm
- Hi,
Error Received - "Microsoft.SharePoint.SPException: The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again. ---> System.Runtime.InteropServices.COMException (0x8102006D): The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again."
I am receiving the above error when I try to update a list item. But the error doesnt happen always.
Other Datails:
- My environment is a Sharepoint farm with 8 servers.
- I have included Allowunsafeupdates in the code where updation is happening.
Now recently I went through log files in each servers, and I came to know that Securtiy Validation error happens only in the Server 3.
So this is my conclusion and the question in it - Whenever I update a list item, if it hits the Server 3 then I receive the Security Validation error and updation of list item doesnt happen and if it hits some other servers then the updation will go fine.
So why I am receiving the error only in Server 3 and not in other, wherein the code is all the same in each of the servers. Does it have to do something with the settings in the Central Admin? Please advise.
All Replies
- Other then settings in the web.config, I can't think of any administrative reason for your error. It may be worth checking your config files to be sure that they're the same (although I'm pretty sure they will be)
What does your code do? Can you attach a debugger to find out wher ethe error is occuring?
- Edited byMike Walsh MVPMVP, ModeratorFriday, October 30, 2009 10:53 AMshould have been: sig removed. Don't ask people to mark your post as answered
- Edited byMike Walsh MVPMVP, ModeratorFriday, October 30, 2009 10:52 AMCh. - My Blog if this post answers your question please mark it as answered
Yes the error happens when I am trying to add an user into a User field of a list item. But like I said error doesnt occur all time, it occurs only when my updation hits the Server 3.
So my initial doubt is that some settings of Server 3 is different from the other servers. But cant figure out wats it. Any help??- Can you post your code? Is it possible that your server has a different version of the dll in the GAC?
Is there anything useful in the SharePoint Logs?
- Edited byMike Walsh MVPMVP, ModeratorFriday, October 30, 2009 10:52 AMCh. - My Blog if this post answers your question please mark it as answered
- Edited byMike Walsh MVPMVP, ModeratorFriday, October 30, 2009 10:53 AMshould have been: sig removed. Don't ask people to mark your post as answered
Yes version of GAC in each servers are the same. I checked that.
I couldnt find anything in the logs apart from the error message.
Any help to solve my problem???
Thanks in AdvanceI can't think of anything. Can you post your code? maybe there's something in there that'll help debug.
- Edited byMike Walsh MVPMVP, ModeratorFriday, October 30, 2009 10:53 AMsig removed. Don't ask people to mark your post as answered
- Charlie,Will you please amend your sig back to what it seems to have been in much earlier posts by removing the section of it that requests people to mark your post as answer.This is unfair on everyone else who provide equally good responses but who don't request in every post that the post is marked as an answer.(Moderator)
- Thats a fair point Mike, I've made the necessary change.
Ch. - My Blog - Many thanks, Charlie.Mike
FAQ sites: (SP 2010) http://wssv4faq.mindsharp.com; (v3) http://wssv3faq.mindsharp.com and (WSS 2.0) http://wssv2faq.mindsharp.com
Complete Book Lists (incl. foreign language) on each site. - Its kind of wierd why only one server is causing this problem. Anyway if you are running your code with elevated privilege then my suggestion is to include this line on your post back or before running your code within SPSecurity.RunWithElevatedPrivileges(delegate()
SPUtility.ValidateFormDigest();
Let me know if this work or not.
Thanks,
Suhaib Khan - Do you have any third party software like siteminder running on that server and not on the other ?
Twitter: @SharePointLife - No, there is no third party software running on my server.
Also I have already included SPSecurity.RunWithElevatedPrivileges(delegate() in my code.
But I didn include SPUtility.ValidateFormDigest(); . Please tell me what this piece of code will do???
Using SPUtility.ValidateFormDigest(); will validate your request using the credential of current logged in user and SPRequest object will allow you run your code with different user context. When you use SPSecurity.RunWithElevatedPrivileges it changes the context of the user and that causes the securty validation of the page to fail. On one of my project my code was working fine on a single machine but started giving me problems when deployed it in a FARM environment, then using SPUtility.ValidateFormDigest(); solved my problem.
You can also disable security validation from Central Admin but it's not a good practice.
Let me know if it works for you or not. Again you need to use SPUtility.ValidateFormDigest(); before running your code with elevated privileges.
FYI -
Validates the form digest control that is used in the current request.Return Value
If true, the form digest control is valid; otherwise, false.
Thanks to Reflector, internally this is what it calls.
public bool ValidateFormDigest() { HttpContext current = HttpContext.Current; if (current != null) { if (HttpContext.Current.Items["FormDigestValidated"] == null) { if (!this.Request.ValidateFormDigest(this.Url, null)) { return false; } current.Items["FormDigestValidated"] = true; // this does the trick return true; } return true; } return true; }
Thanks,
Suhaib Khan
