SharePoint with Attitude…

That’s the error that users were experiencing with an InfoPath form in production. The error started to appear with no apparent reason. The form had been working for months, no changes had been applied to it and it didn’t have any custom code. It was a “simple” form with controls and rules to manage the business logic.

Doing some research I found that SP1 and Cumulative Updates were installed on the SharePoint server; also I found some blogs talking about a bug with SP1/CU and Form Services (Giles blog, Joel’s blog)

Scenario:

• SharePoint 2010 SP1 and June Cumulative Updates for Office Server installed on the Server.
• InfoPath 2010 Form deployed to SharePoint 2010 Form Services.
• No custom code
• Form contains attachment controls and Person/Group picker controls (among others)

Behavior:

• When attaching a file to the form (using the InfoPath attachment control), a post back occurs and the following error is thrown:

Description of error:

• June CU introduces a new event for InfoPath forms: OnLoad(), this event causes a Postback to the server and if the form has a PeoplePicker or an Attatchments control, then it will throw a security exception. What needs to happen is to have a security validation both on initial page load as well as Post Back; currently the Form page does not implement a security validation control needed in the postback.

Solution:

As of September 9th 2011, Microsoft has not released any fix to this bug, and the response from the Microsoft support team is that they’re not planning to release a fix anytime soon. The possible workarounds to solve this issue are:

1. Disable Security Validation. The Web Page Security Validation feature helps enhance security by imposing a time limit on Web pages when a user submits information to the server. When a user tries to submit information to the server after the validation time-out expires, the user receives an error message. This option is not recommended for security reasons; most of the SharePoint functionality uses Security Validation, and disable it can cause unexpected behaviors.
2. Add a security control to the page. As explained above, a security validation has to happen after the postback; to accomplish this we need to update the server page: FormServer.aspx to include the code for the security validation control.

Since Microsoft doesn’t have any solution to this problem yet, we got their approval to implement solution #2:

• Go to the layouts folder under the 14 hive
• Before making any change, do a backup of the page FormServer.aspx
• Open the FormServer.aspx page and location the body tag with the Id PageBody:  <body runat=”server” id=”PageBody”>
• Right after this line, insert the following line of code:

<SharePoint:FormDigest runat=”server”/>

• Save file and close

That fixes the issue and now the form is working as expected.

To be able to view the actual error messages in SharePoint the following settings have to be changed in the web application web.config file:

• Set custom error to Off
• Set compilation debug to True
• Set CallStack to True

The web.config file is located under the web application folder in drive:\inetpub\wwwroot\wss\VirtualDirectories.

That worked fine for SharePoint 2007, however for SharePoint 2010, there is one additional configuration file that has to be modified:

• The web.config file located in drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\TEMPLATE\LAYOUTS
• On this file, the customErrors section  has to be set to Off.

Basically this error refers to a permissions issue in the SharePoint server files (12 or 14 hive). Read your SharePoint logs and you’ll see some “Access Denied” entries like this one:

The server extensions were unable to access the file “schema.xml”. Please check the file permissions.

To fix this error, go to the SharePoint files (C:\Program Files\Common Files\Microsoft Shared\web server extensions\(12/14)), right click on the “Features” folder and in the advance properties from the security tab check the “Allow inheritable permissions…”. This will give all subfolders the appropiate permissions.

Phil Wicklund has a detailed description about this error.

K

I’m working on a Silverlight application that makes calls to WCF services to work with data, and today I ran into this error:

System.ServiceModel.CommunicationException: An error occurred while trying to make a request to URI ‘http://SharePointDev:4444/_wcf/WCF_Services.svc’.
This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services.
You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent.
This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute.
Please see the inner exception for more details.
—> System.Security.SecurityException —> System.Security.SecurityException: Security error.

I remembered I had this issue some time ago and nonetheless I didn’t remember what the problem was or what the solution was, even thought the error is self explanatory…
So after wasting time researching I found on the internet the solution, so this time I’m writing about it for my records. Dang! I’m a 25 year old with a memory of a 60 year old (with all the respect for the 60 year old people out there …) hehe, I don’t like to waste time on these little errors, specially when I’m as busy as today.

Anyway, the solution is the “clientaccesspolicy.xml” file. The error has to do with the cross-domain policy. We have to explicitly grant cross domain access to Silverlight (even if you are working with local apps), and the way to do it is by adding the “clientaccesspolicy.xml” file to the root level of the WCF service.

Since my WCF is hosted in SharePoint and it is using a virtual path, Silverlight was looking for the file at the root level and not at the virtual path level, so you also have to take this in consideration. This is the blog that helped me with this issue for a better reference

K