.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Microsoft.SharePoint.WebControls.Welcome Not security trimmed

Posted By:      Posted Date: September 16, 2010    Points: 0   Category :SharePoint
https://my.sharepoint.com/_layouts/userdisp.aspx, displays access denied when User permission set to not display /_layout/... Application Pages, this redirect should have never been allowed. How can one report Microsoft.SharePoint.WebControls.Welcome control to the Connect web site?

View Complete Post

More Related Resource Links

Using the Acceleration Toolkit for Microsoft Forefront Security for SharePoint

Learn how to supply full-fidelity FSSP enablement to a SharePoint environment, regardless of deployment phase with this acceleration toolkit.

ASP.NET Security Vulnerability and SharePoint 2007 (Microsoft Security Advisory (2416728))


With the recent security advisory issued by Microsoft for all ASP.NET applications it was highlighted by Scott Gu that SharePoint applications are at risk also. Scott provided a link to a script which would run on your web-server  to determine if there are ASP.NET applications installed on it and if it was vulnerable or not. I ran this script on my SharePoint server and noticed the following web.config files highlighted as being vulnerable:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\template\layouts\web.config
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\template\images\web.config
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\isapi\web.config
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\wpresources\web.config

Could I follow the instructions provide by Microsoft in the alert and modify these files? If not, how do I protect my web applications from this threat or are they at risk at all?

Security trimmed links in sharepoint



I was wondering how sharepoint implements this security trimmed links ie what is the architecture that supports it..i googled but could not find useful stuff..can someone please tell me or point me to some resource that shows how SP implements this functionailty.



Operation is not valid due to the current state of the object at Microsoft.SharePoint.WebControls.S

I have this  problem. When I run this piece of code all I get is

1. I get this error at SPWebApplication webApp = webAppBld.Create();

2. {"Operation is not valid due to the current state of the object."}

3. Stack gets here "   at Microsoft.SharePoint.WebControls.SPControl.SPWebEnsureSPControl(HttpContext context)

                SPFarm objSpfarm = SPWebService.AdministrationService.Farm;
                SPWebApplicationBuilder webAppBld = null;

                webAppBld = new SPWebApplicationBuilder(objSpfarm);
                webAppBld.Port = 33665;
                webAppBld.Id = System.Guid.NewGuid();

                webAppBld.AllowAnonymousAccess = false;
                webAppBld.UseNTLMExclusively = true;
                webAppBld.UseSecureSocketsLayer = false;

                webAppBld.ApplicationPoolId = "SharePointAppPoolId-33665";
                webAppBld.ApplicationPoolUsername = @"testsvr02\testadmin";

                // build the password as a secure string
                SecureString appPoolPwd = new SecureString();

SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Microsoft SharePoint Online Standard Developer Guide

Developers Guide for SharePoint Online (Standard Offer). Microsoft® Office SharePoint® Online is a collection of Web-based tools and technologies built on Microsoft Office SharePoint Server 2007 that help you store, share, and manage digital information within your company. This white paper describes the customization (or extensibility) capabilities that are supported with the Standard offering of SharePoint Online

SharePoint Security: Trim SharePoint Search Results for Better Security


SharePoint search may return too much information, causing data security problems. Learn how to use the custom security trimmer to ensure users see only the documents they have permission to view.

Ashley Elenjickal, Pooja Harjani

MSDN Magazine July 2010

Security Briefs: Add a Security Bug Bar to Microsoft Team Foundation Server 2010


Take a peek inside Microsoft's strict development security structure as Bryan Sullivan describes the objective security bug classification system?the "bug bar"?used by internal product and online services teams. He will show you how to incorporate this classification system into your own development environment using Microsoft Team Foundation Server 2010.

Bryan Sullivan

MSDN Magazine March 2010

Office Space: Security Programming in SharePoint 2007


This month Ted Pattison presents an overview of programming security and permissions for Windows SharePoint Services 3.0.

Ted Pattison

MSDN Magazine February 2008

How Do They Do It?: A Look Inside the Security Development Lifecycle at Microsoft


In this article, Microsoft security expert Michael Howard outlines how to apply the Security Development Lifecycle to your own software development processes. He explains how you can take some of the lessons learned at Microsoft when implementing SDL and use them in your own development process.

Michael Howard

MSDN Magazine November 2005

ISA Server 2004: Developing an Application Filter for Microsoft Internet Security and Acceleration S


The beta version of Internet Security and Acceleration (ISA) Server 2004 is now publicly available. It includes a rich SDK with several extensibility mechanisms that allow third parties to integrate their specialized solutions on top of the ISA platform. In this article, the author explores the application filter extensibility mechanism, which enables you to add high-level application layer filtering capabilities to ISA Server and to provide rich content filtering solutions. He also highlights the new features of the ISA Server 2004 SDK, then moves on to describe how to develop a basic application filter that monitors all data going through the ISA Server, and how to integrate a filter into the ISA Server management console to create a seamless interface experience for your users.

Yigal Edery

MSDN Magazine March 2004

Security trimmed URL throws an error if not logged in

On a Moss 2007 site, using FBA - I have an issue with security trimmed items within Lists.   There is not a problem with direct url links to non-list items.  
For list items - here is the problem, when a user is not logged in and follows a direct url link from an email or newsletter to security trimmed items within a list - it throws an error instead of offering a redirect to login?

More info:  This is only occurring for individually security trimmed list items that have had anonymous access removed.  When a whole list or library has had anonymous removed, the links work fine (login page appears, log in, taken to original link).

Why is that and is there a way to avoid the error?

If it is of help, this is the error. Thanks in advance.

Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information
about the error and where it originated in the code.

Exception Details: System.NullReferenceException: Object reference not
set to an insta

Problem when installing Microsoft SQL Server 2005 Reporting Services Add-in for Microsoft SharePoint


I have configured the SharePoint Production Server(Standalone) with WS 2008 64 bit version, SQL Server 2005 with SP3 , Visual Studio 2008 and MOSS 2007(SP3). I have configured SSRS 2005 in SharePoint integration mode. Everything works fine till the last step. Now, i am trying to install Microsoft SQL Server 2005 Reporting Services Add-in for Microsoft SharePoint Technologies feature and failed. I am getting below error message.

Product: Microsoft SQL Server 2005 Reporting Services Add-in for Microsoft SharePoint Technologies -- You must first install SharePoint Server before installing SQL Server 2005 Reporting Services Add-in for SharePoint Technologies

Any help will be very appreciated!


SSRS - Where are the Sharepoint Report Usage Reports provided by Microsoft



Microsoft provided 3 example reports for Sharepoint report usage. Does anyone know where they are located? I used them about 2 years ago.




Where to get Microsoft.SharePoint.WebPartPages.Storage.Shared


What reference should I add to use this:


because apparently it cant find it.

Chapter 4: Branding Your SharePoint Site (Professional Microsoft SharePoint 2007 Development Using M

Learn how to create your own custom site pages and insert Silverlight content into these pages, customize SharePoint lists and views, and insert Silverlight content into existing list views and custom views.

Chapter 6: Advanced Custom Web Parts (Professional Microsoft SharePoint 2007 Development Using Silve

This chapter builds on the Web Parts created in the previous chapter, adding more advanced features.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend