none
SPWeb.WebTemplate Access Denied RRS feed

  • Question

  • I am having a Console App and a WCF service which have the same piece of code which is SPWeb.WebTemplate. This piece of code works for a non Farm Admin in a Console Application, whereas it doesn't work in the WCF service, until and unless, the service runs as a Farm admin. Unfortunately, MSDN documentation doesn't specify any permission requirement for this. Can anyone please help with some reference links and code samples? I even tried elevating privileges, but still no luck.

    Ven

    Tuesday, March 21, 2017 11:49 AM

All replies

  • Hi Ven,

    Please check the following article with steps to create a custom WCF rest service.

    SharePoint 2013: Create a Custom WCF REST Service Hosted in SharePoint and Deployed in a WSP

    https://social.technet.microsoft.com/wiki/contents/articles/24194.sharepoint-2013-create-a-custom-wcf-rest-service-hosted-in-sharepoint-and-deployed-in-a-wsp.aspx

    Or try to use Fiddler to check your WCF service and see more information.

    Or please provide more details(complete code in use if possible) about how to reproduce this issue, others would get easier to research on it.

    Best Regards,

    Dennis


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, March 22, 2017 2:25 AM
    Moderator
  • Unfortunately, I cannot create any WCF service to be deployed within SharePoint. The WCF service that I create needs to read information right from Farm level and will be called by a Windows Service. The sole purpose is to make sure, it can work for any SP deployment irrespective of version. So, first option is ruled out for me, though I had considered it earlier also. With that said, PFB the code, where it fails.
    SPWebServiceCollection webServices = new SPWebServiceCollection(SPFarm.Local);
    foreach (SPWebService webService in webServices)
    {
      var allWebApps = webService
                       .WebApplications
                       .Where(webApp => !webApp.IsAdministrationWebApplication);
      foreach (SPWebApplication webApp in allWebApps)
      {
        foreach (SPSite siteColln in webApp.Sites)
        {
          try
          {
            var webTemplate = siteColln.RootWeb.WebTemplate; //<-- This line fails                           
          }
          finally
          {
            if (siteColln != null)
            {
              siteColln.Dispose();
            }
          }
        }
      }
    }

    It fails at the highlighted line, if the calling user is not a Farm Admin.


    Ven


    • Edited by Venh Wednesday, March 22, 2017 6:36 AM
    Wednesday, March 22, 2017 6:32 AM
  • Hi Ven,

    Please add the code into SPSecurity.RunWithElevatedPrivileges.

    SPSecurity.RunWithElevatedPrivileges(delegate(){
    
    	SPServiceCollection webServices = SPFarm.Local.Services;
    	foreach (SPWebService webService in webServices)
    	{
    		var allWebApps = webService.WebApplications.Where(webApp => !webApp.IsAdministrationWebApplication);
    
    		foreach (SPWebApplication webApp in allWebApps)
    		{
    			foreach (SPSite siteColln in webApp.Sites)
    			{
    				try
    				{
    					var webTemplate = siteColln.RootWeb.WebTemplate; //<-- This line fails                           
    				}
    				finally
    				{
    					if (siteColln != null)
    					{
    						siteColln.Dispose();
    					}
    				}
    			}
    		}
    	}
    });

    If you deploy your WCF service into IIS in SharePoint server, please try to select SharePoint application pool for this application.

    Best Regards,

    Dennis


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, March 22, 2017 7:16 AM
    Moderator
  • Already tried these, but still no luck. It works only if the App Pool account of the WCF service hosted in IIS is the Farm admin. But the same code works within a console application, even if the user running it is not a Farm Admin.

    Ven

    Wednesday, March 22, 2017 7:23 AM