Users with only the reader role are getting login prompts to a
particular page with a custom coded web part. If I add the user to the
"Contributor" role, the password prompt goes away. (Member also has
password prompt....)

If I change the reader role to be exactly the same as the contributor
role, then there is still a
password prompt. That doesn't make any sense to me. What other
rights does the contributor role give them, if the rights are not all
explicitly listed? I am really confused!

At any rate, I have narrowed it down to this line of code:

web.Lists.IncludeRootFolder=true;

Removing that single line causes the permissions/password prompt issue
to go away. Of course, I then can't get the rootfolder, which I need
to iterate through the document library to get through all subfolders.

What permissions do I need for getting the RootFolder?? Can anyone
shed light on this topic? We are set to roll this out in two weeks...
thanks in advance!

I found this blog entry:

http://www.dotnetjunkies.com/WebLog/...27/128505.aspx

It suggests that permission issues can be avoided by creating your own
instance of the SPWeb objects... and I think that might be on the right
trail but I need help, and forgive me that I don't understand this
better, I'm still new and learning...

I thought I was creating the SPWeb objects properly by doing a "using"
so that they are properly disposed of... how else can I create an SPWeb
object that I'm currently doing with area.Web?

Here are partial snippets of code:

//====================
ctx = PortalContext.Current;
SPSite mySite = new SPSite(SPControl.GetContextWeb(Context).Url);
using (SPWeb web = mySite.OpenWeb())
{
currentArea = AreaManager.GetArea(ctx, web.ID);
Guid id = AreaManager.GetSystemAreaGuid(ctx, SystemArea.Home);
Area home = AreaManager.GetArea(ctx, id);
SortedList areas = new SortedList();

//first add the areas and subareas to the sorted list "areas"
for (uint i=0; i<home.Areas.Count; i++)
{
Area sub = home.Areas[i];
areas.Add("_" + sub.Title + sub.ID, sub);
bool hasSubs = (sub.Areas.Count>0);
if (hasSubs)
for (uint j=0; j<sub.Areas.Count; j++)
{
Area subarea = sub.Areas[j];
areas.Add(subarea.Title + subarea.ID, subarea);
}
}

//then go through the sorted list "areas" and get the lists within each
area//
foreach (string key in areas.Keys)
{
Area sub = areas[key] as Area;
RenderList(sub, output);
allItems.TrimToSize();
if(allItems.Count>0)
{
output.Write("<BR><A HREF='" + sub.WebUrl + "'>" + sub.Title.ToString()
+ "</A>");
foreach (string key1 in allItems.Keys)
{
output.Write("<BR>" + allItems[key1]);
}
}

//==========================

private void RenderList(Area area, HtmlTextWriter output)
{
allItems.Clear();
//check to see if they have view rights to the area//
if (area==null || area.Navigation==AreaNavigation.Hide ||
area.WebUrl.Length==0 || !HasViewRights(area.ID)) return;

using (SPWeb web = area.Web)
{
////////////////this is the line giving me permissions
problems///////////
web.Lists.IncludeRootFolder=true;

//go through each list in the sub area//
foreach(SPList list in web.Lists)
{
if(list.BaseTemplate.ToString()=="DocumentLibrary" )
{
SPDocumentLibrary docLibrary1 = (SPDocumentLibrary)list;
ListSubFolders(docLibrary1.RootFolder, thisArea, 0);
}

}
//==============================

private void ListSubFolders(SPFolder Folder, string thisArea, int
level)
{...................}

It doesn't seem to matter how I create this object I still get a
password prompt as reader.

I have also tried impersonation using the RevertToAppPool nifty class
provided by Todd Bleeker here:

http://mindsharpblogs.com/todd/archi...05/03/467.aspx


STILL getting a password prompt. Even though I have it writing out the
name of the user and it is impersonating correctly. What in the world
is the problem??? I fail to understand what the security issue is in
setting it to use root folders of a document library a user already has
access to??? Is it because it then includes the "Forms" folder, which
is the template forms???

Maybe I need to take a different tactic. Is there a way to iterate
through all documents in all subfolders of a library without needing to
use RootFolder?

My head hurts. :->

I think it is safe to say that I know only enough to make me dangerous.

After 10 hours, I have finally figured out a workaround. The problem
line was not

web.Lists.IncludeRootFolder=true;

remarking that just caused my recursive funtion to not be called and to
fail. The password prompt issue was actually happening in my recursive
function to iterate through all subfolders in a library, and the
problem line was actually:

if (Folder.ParentFolder.Name.Length!=0)

My function is keeping track of the "level" of the folders so instead I
am just going to check to see if we are not at level 0, then display
the name of the sub-folder.

I still fail to understand why getting the name of the parent folder
would be a security issue, but at this point, I just needed it to
work...