SharePoint Bending: Forefront Forbids Programmatically File Uploads

I had a custom page that needed to be deployed inside a MOSS 2007 site’s document library. The problem was, there were more than 100 sites in the site collection. Manually uploading the file was so time-consuming, so I decided to write a simple console application to upload the file to each site’s document library.

The application simply made use of the Microsoft.SharePoint.SPFileCollection.Add() method to upload the file programmatically to the desired document library. In my development environment, it worked flawlessly. So happily I went to the client and ran the application in the production server. Almost immediately, the application exited without any message. It’s strange because I made it to output the upload status as well as the exception message.

Then I tried to add a more verbose exception handling, by printing out the exception stack as well as the exception type, and I got this following output:

Exception class: Microsoft.SharePoint.SPException
Exception message:
Stack Trace:
at Microsoft.SharePoint.SPFileCollection.Add(String urlOfFile, Byte[] file, Boolean overwrite, String checkInComment, Boolean checkRequiredFields)
at Microsoft.SharePoint.SPFileCollection.Add(String urlOfFile, Byte[] file, Boolean overwrite)

See? No exception message. How the heck would I know what happened then? Well, at least I got the idea that the failure was at the Microsoft.SharePoint.SPFileCollection.Add() method execution. I ran the code under the administrator account, the same account used as the site’s administrator, so it shouldn’t be the account problem. I fired up the browser, tried to upload the file manually to the document library using the same administrator account, and it also worked. So definitely this was not a problem related to the permission.

After messing around with the site’s settings and permissions, rewrote my application’s code many times, as well as googled for solutions, I finally found out the real problem. It’s not the code or the permission problem. But it seemed that the production server had Microsoft Forefront Server Security installed. It was configured to scan for viruses on every file uploads and downloads.

So what I did to fix the issue is:

  • Open SharePoint Central Administration
  • Open the Operations tab
  • Click on the Antivirus link under the Security Configuration section
  • Turn off the Scan documents on upload setting

Then I could successfully executed my application to upload the file to every sites.

This is a mere workaround to resolve this problem temporarily. I still need to find a more proper solution so my application can work with Forefront.

  • chanaka

    (1) put your method into runWithElevatedPrivelages

  • denni

    Hi chanaka,

    It was a console application running under the same System Account’s credential. Do I still need to elevate the privilege?

  • FrancisTL

    What’s up?

  • Lars Nielsen

    Could you have done this instead via feature provisioning? Provision the file via a feature and then activate that feature on each of the sites -= you’d still need to write a console app to activate the feature but I don’t think you would get security problems that way.

    • denni

      Yes, it worked with feature provisioning since I used custom features in the site. But there was just a need from my client to upload a bunch of documents to the site and sub sites. Creating a feature just to do that I thought would be overkill and produce unnecessary artifacts on the server.

      Of course if the files were part of the site customization code, I would have packaged and provisioned them with a feature.