This documentation is archived and is not being maintained.

How to: Avoid Page Validation Errors using SharePoint APIs in Web Applications

Windows SharePoint Services 3

This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Web applications in Windows SharePoint Services run under the Application Pool identity. For security reasons, most of the Windows SharePoint Services APIs have restrictions when they are accessed from a Web application. Therefore, these APIs can throw a variety of page validation errors. To avoid this problem, update your Web application as described below.

To update your Web application to avoid page validation errors, perform the following steps:

1. Run the Web application in the SharePoint context

To do this, create a virtual directory inside the _layouts directory of any SharePoint site and host the Web application under it.

2. Ensure consolidation of application pool

Make sure that the Web application is running under the same application pool as the SharePoint Central Administration. This ensures that the Windows SharePoint Services administration functionalities such as Content Deployment, User Profile Management, and others are accessed through the Central Administration application pool identity.

3. Add a Form Digest control to your ASPX page

Most of the APIs can be accessed through the Web application after completing steps one and two above. However, some Windows SharePoint Services APIs and functionalities may require even greater security validation. If you still get a security validation error after implementing the above steps, you must add a Windows SharePoint Services Form Digest Web control in your ASPX page. The Form Digest control validates the Web application when it attempts to access the Windows SharePoint Services APIs. Therefore, the Web application is considered a secure application and can access Windows SharePoint Services. To use the Form Digest Web control you must register a tag prefix for Windows SharePoint Services and then add the Form Digest control in the ASPX page.

Following is a code sample that demonstrates how to register the tag prefix:.

<%@ Register Tagprefix="SharePoint" 
   Namespace="Microsoft.SharePoint.WebControls" 
   Assembly="Microsoft.SharePoint 
   Version=12.0.0.0
   Culture=neutral, 
   PublicKeyToken=71e9bce111e9429c" %>

Now, add the Windows SharePoint Services Form Digest control to the page:

<SharePoint:FormDigest ID="fd" runat="server" PageUri=""/>

You must set the PageURI property on the Form Digest control to the page where it is located. If you do not do this, you will receive a null object reference error.

Show: