Sean Holmesby

.NET and Sitecore Developer

May
21

By

Sitecore Access Denied Exception in the Content Editor

Category: Sitecore Tags: 2 Comments

Recently I noticed a lot of the following errors coming through from our Sitecore content entry server.

System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Sitecore.Exceptions.AccessDeniedException: Application access denied.
at Sitecore.Diagnostics.Assert.HasAccess(Boolean accessAllowed, String message)
at Sitecore.Shell.Applications.Analytics.TrackingField.TrackingFieldDetailsPage.OnLoad(EventArgs e)
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Sitecore.Exceptions.AccessDeniedException: Application access denied.
at Sitecore.Diagnostics.Assert.HasAccess(Boolean accessAllowed, String message)
at Sitecore.Shell.Applications.Security.SecurityDetails.SecurityDetailsPage.OnLoad(EventArgs e)

It’s fairly obvious that these exceptions are coming from the Tracking field in the Advanced section, and the Security field in the Security section. Both of which are Standard fields on items.
I found that this always seemed to occur for the one user in our system.

Looking into the Sitecore code I found that these errors were coming from Asserts in calls to CanRunApplication().

Assert.CanRunApplication("Content Editor/Ribbons/Chunks/Security");
Assert.CanRunApplication("Content Editor/Ribbons/Chunks/Analytics - View/Details");

By locating these under /sitecore/content/Applications in the core database, I can see that the items have security assigned to them, allowing only certain roles the ‘Read’ privilege.

AccessDeniedException - 01

AccessDeniedException - 02

Now, to stop these errors from coming through, you can:-
1. Grant the user the required roles shown above.
2. Turn off standard fields for this user.

After reviewing the user’s access requirements, I decided simply to switch off Standard Fields in the content editor for them, as they had no need for them.

In the View ribbon, deselect the ‘Standard Fields’ checkbox in the View chunk.

AccessDeniedException - 03

By doing this, not only does the error go away, but the content editor loads a lot quicker for the user.

2 Responses to Sitecore Access Denied Exception in the Content Editor

  2. Francesco Gallarotti says:
    April 21, 2015 at 10:29 am
    Reply

    In general I don’t like messing at this low level, so I found a different solution: add the role the user belongs to to the sitecore\Sitecore Client Securing role.

Leave a Reply

Your email address will not be published. Required fields are marked *