Sometimes, when a user with least permissions in the
SharePoint site, creates or updates an item, then the following error will be
shown:
“The security validation for this page is invalid. Click
Back in your Web browser, refresh the page, and try your operation again”
When you are creating a custom web parts or
creating custom solutions, your code will run
with your credentials.
Not everybody has full control in the SharePoint site, so when a user has read
only rights and try to update an item in
the list or SharePoint Document library, then the code will throw an access
denied error. This happens, when the code
needs access to objects that are not in the scope of the user credentials.
Here comes the concept called impersonation (ability
to control the identity under which code is executed) in
ASP.Net. This will allow you to run your code with the help of a user who has
correct permissions to run it.
In SharePoint we have built-in function to accomplish
this: SPSecurity.RunWithElevatedPrivileges, it
runs with the System Account User.
Solutions:
1. Add the “SPSecurity.RunWithElevatedPrivileges =
True” in the code as shown in the example below:
Check the full code usage in this post http://sharepoint-works.blogspot.com/2011/12/programmatically-creating-site-backup.html
2. Or in the Central Administration -> Application Management
-> Web Application General Settings -> Select web application
In Web Page Security Validation, change security validation is off.
In Web Page Security Validation, change security validation is off.
Note: The 2nd solution is should
not be followed as per the best practices of SharePoint.