http://www.sharepointsecurity.com/blog Securing SharePoint 2007 -- By Adam Buenz [WSS MVP] Tue, 12 May 2009 13:43:37 +0000 http://backend.userland.com/rss092 en One code modification Resharper 4.0 will suggest is that if a public constructor is located in an abstract class, it should be adjusted to use the protected access modifier if currently public: So, from this: [csharp] public abstract class AbstractClass { public AbstractClass() { } } [/csharp] To this: [csharp] public abstract class AbstractClass { protected AbstractClass() { } } [/csharp] So, why is this a good code edit? Well, ... http://www.sharepointsecurity.com/blog/sharepoint/protected-constructors-for-abstract-classes/ While SPList objects do not sustain true relational integrity due to the inherent nature of unstructured SharePoint data storage (in the current version at least), it is common within business applications to use Lookup field types are leveraged to build weak references between SharePoint lists. As such, typed collection queries ... http://www.sharepointsecurity.com/blog/sharepoint/multiple-splistitemcollection-query-with-spfieldlookupvalue/ By: Noni Hernandez Enterprise Architect If you worked/have worked or plan on working within the DoD environment, security will be a subject that haunts your dreams. Not that security isn't prevalent in the private sector, but given the nature of our work security is a top priority if not the number one ... http://www.sharepointsecurity.com/blog/sharepoint/cac-enabled-anonymous-sharepoint-sites/ So, I recently got solicited for feedback and comment from Infragistics because I was for some time heavily into using their control set. Regardless of some of the unwieldy operations to sustain the nifty functions, I think they are neat and a lot of the times clients have a pre-existing ... http://www.sharepointsecurity.com/blog/sharepoint/the-infragistics-sharepoint-demo-is-funny-but-depressing/ Often times it is required to get a reference to the SPList that contains the site directory information, this is an important task when you are considering construction of navigation solutions or when building holistic reporting tools in order to support governance of site sprawl (which is easy to have ... http://www.sharepointsecurity.com/blog/sharepoint/returning-site-directory-splist/ Role assignments can be exposed ala ISecurableObject and pretty much everything, in order to support Securable Objects (for item level security,etc.), is an ISecurableObject in SharePoint 2007. So, to begin with, we are going to use ISecurableObject to get assignments in combination with a SPPrincipal (representing a user or group)  ... http://www.sharepointsecurity.com/blog/sharepoint/removing-role-definitions-from-a-role-assignment/ I will be presenting the keynote and a breakout session at Techfuse (NOT TechEd) on Tuesday, March 17, 2009 in Brooklyn Park, MN. My keynote sessions synopsis is (taking into account I despise esoteric keynotes that are full of marketing, I choose a more pragmatic path :) ) Title: Building a Commissionable, Development ... http://www.sharepointsecurity.com/blog/sharepoint/presenting-the-keynote-and-breakout-at-techfuse-2009/ I will be presenting at the North Central District Business Intelligence SIG on March 12th, which is actually today so I am a little late in announcing it on the site. I will be presenting a SharePoint security session, so if you are around we will be at the Microsoft ... http://www.sharepointsecurity.com/blog/sharepoint/presenting-at-bisig-on-the-12th/ The code itself is pretty self explanatory and is very unamazing. Taking the values that are available from the System.Web.Security.MembershipCreateStatus enumeration that specifies the result of the CreateUser operation, here is a switch/case to go through all of them to save you some time when testing the result. Honestly, I ... http://www.sharepointsecurity.com/blog/sharepoint/membersipcreatestatus-switchcase-with-undefined-actions/ This error occurs promptly after a user logins via FBA (regardless of provider), and will materialize after indiscriminate time increments that are challenging to wrap with any empirical values. I looked all over the place to see if anyone else had hit this error, and while they had none had ... http://www.sharepointsecurity.com/blog/sharepoint/sharepoint-2007-development/fixing-the-elusive-%e2%80%9cvalue-cannot-be-null%e2%80%9d-fba-authentication-error/