The security validation for this page is invalid in SharePoint

Sometimes, when a user with least permissions in the SharePoint site, creates or updates an item, then the following error will be shown:
“The security validation for this page is invalid. Click Back in your Web browser, refresh the page, and try your operation again”

When you are creating a custom web parts or creating custom solutions, your code will run with your credentials.

Not everybody has full control in the SharePoint site, so when a user has read only rights and try to update an item in the list or SharePoint Document library, then the code will throw an access denied error. This happens, when the code needs access to objects that are not in the scope of the user credentials.
Here comes the concept called impersonation (ability to control the identity under which code is executed) in ASP.Net. This will allow you to run your code with the help of a user who has correct permissions to run it.

Namespace: Microsoft.SharePoint
Assembly   : Microsoft.SharePoint (in Microsoft.SharePoint.dll)

In SharePoint we have built-in function to accomplish this: SPSecurity.RunWithElevatedPrivileges, it runs with the System Account User.

Solutions:
1. Add the “SPSecurity.RunWithElevatedPrivileges = True” in the code as shown in the example below:

2. Or in the Central Administration -> Application Management -> Web Application General Settings -> Select web application
In Web Page Security Validation, change security validation is off.
Note: The 2nd solution is should not be followed as per the best practices of SharePoint.

Comments

Popular posts from this blog

CAML Query tutorial for SharePoint

Cascading dropdown (or) Filtered Values in Lookup Columns in SharePoint

Programmatically get SharePoint Users with Group Name