Blog Archives

Prevent CSRF (Cross Site Request Forgery) Attacks in SharePoint Application Pages.

Cross-Site Request Forgery (CSRF) is an attack outlined in the OWASP Top 10 whereby a malicious website will send a request to a web application that a user is already authenticated against from a different website.  Much detailed & better

Posted in C#, Sharepoint 2010

Deploying referenced project assemblies to GAC through sharepoint WSP

To deploy referenced project assemblies to GAC through SharePoint WSP: 1. Open the Package designer in the SharePoint project. 2. Select the Advanced tab. 3. Click the Add button. 4. Select the Add Assembly from Project Output menu item. 5.

Posted in Sharepoint 2010

“Please close SPWeb objects when you are done with all objects obtained from them, but not before”

DO NOT use SPList directly from methods in webparts & application pages. SPList is a sharepoint object & will instantiate a new SPWeb Object, if used outside of its parent SPweb object. Always perform operation on SPObjects with in the

Posted in Sharepoint 2010

Anonymous Custom Application Pages in SharePoint Sites.

We sometimes want custom application pages in SharePoint solution , which needs to be enabled for anonymous access, for example: SiteLogin.aspx or AppError.aspx. By default, when we create an custom application page in visual studio in a SharePoint 2010 solution,

Posted in C#, Sharepoint 2010

Recycle IIS Application Pool’: 0x80070005Access denied

While deploying SharePoint 2010 solution from Visual Studio 2010, we often stumble upon the below deployment error: Recycle IIS Application Pool’: <nativehr>0x80070005</nativehr><nativestack></nativestack>Access denied Solution: The Deploy Solution user that is running the visual Studio needs to be site collection Admin

Posted in Sharepoint 2010, Visual Studio

Extending the Active Directory User Schema

Active Directory user schema has enough properties/attributes to cover most user profile information, but in some cases , we might need to extend this schema to add our own custom attributes. Microsoft Active Directory provides this capability to customize the

Posted in Active Directory, Sharepoint 2010

Getting the Current Logged in user in SharePoint 2010

We all know the below way to get the current logged in user in SharePoint: but this actually returns the user account running the application pool identity for that site.(if the application pool is configured to run as a standalone/service

Posted in Sharepoint 2010