locked
Custom Application Page - 403 FORBIDDEN RRS feed

  • Question

  • I have developed a custom application page with a code-behind for MOSS 2007 Standard Edition.  The ASPX form resides in my layouts directory, and the DLL for the code-behind is installed in the GAC.  This page also uses AJAX.  The page works fine in my dev and QA environments; however, I am getting a 403 FORBIDDEN error in production. 

     

    I tried increasing the trust level from WSS_Minimal to Full in the Web.config, and I also put the DLL for the custom page in the web app's bin directory, but neither seemed to have an effect.

    Monday, May 5, 2008 8:36 PM

Answers

  • I have it working now.  In dev/QA, AjaxControlToolkit.dll was in the 80\bin directory under Inetpub, and this works fine.  However, in production, when I installed AjaxControlToolkit.dll into the GAC, it resolved the 403 error.
    Tuesday, May 6, 2008 8:28 PM

All replies

  •  

    To troubleshoot the problem, first make sure that your assembly works if placed in the GAC instead. Can you describe what does your code-behind do in few sentences?
    Monday, May 5, 2008 9:05 PM
  • It does work in the GAC.  The code-behind gets a list of items from a Picture Library and loads them into AJAX AnimationExtenders in the ASPX form.  The AnimationExtenders display information related to the image when the image is clicked.

    This post seems to address the same issue:

    http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=2990606&SiteID=1

    However, my page was always viewable in dev/QA by users who did not have any MOSS privileges beyond Reader.
    Monday, May 5, 2008 11:26 PM
  • I have it working now.  In dev/QA, AjaxControlToolkit.dll was in the 80\bin directory under Inetpub, and this works fine.  However, in production, when I installed AjaxControlToolkit.dll into the GAC, it resolved the 403 error.
    Tuesday, May 6, 2008 8:28 PM
  • I've struggled with similar problems, so I'll post my experiences here aswell. Hopefully it cuts some time for others out there.

    You will experience the same problems on your dev machine if you:
    1. Make the application pool recycle (this will cause the cached AJAX Control Toolkit to be flushed)
    2. Try to access your custom application page from on account that does not have admin permissons.

    One solution (and also the solution I prefer) to the problem is as you did to deploy the AJAX Control Toolkit assembly to the GAC.

    Other solutions I've seen out there are:
    * Create a timerjob that access:en the page on a regular basis (yes, an ugly solution indeed).
    * Add authenticated users right to the group WSS_WPG
    .
    *
    Open an Windows Explorer for the /bin directory of your webapplication and display its properties.
       On the security tab, add the local server group "SERVER\Users" to the list, ("SERVER\Users" usually contains "DOMAIN\Users") and select the following rights for
       "SERVER\Users": "Read & Execute", "List Folder Contents", "Read".
    Click OK to apply the new settings.

    • Proposed as answer by Andy-H Wednesday, May 27, 2009 11:31 AM
    Tuesday, November 18, 2008 10:17 AM
  • Thanks Kevin & Fredrik

    I've tried the WSS_WPG fix on a test environment initially which has solved the problem.  Moving the Ajax Control Toolkit to the GAC gave me some errors which I'll look to fix those when I have time but for now on the test environment the WSS_WPG is working.

    Are there any issues or risks with giving Authenticated User rights to WSS_WPG?
    Wednesday, May 27, 2009 11:59 AM