Kentico 10 Install SecurityException: Invalid SQL query was used

Russell Vanek asked on May 5, 2017 23:00

Using Windows Server 2016, SQL Server 2016, Kentico 10, and connecting to SQL Server with Windows Authentication.

This happens the very first time we try to connect to the default Kentico setup.

Getting the following error:

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: An invalid SQL query was used.

Stack Trace:

[SecurityException: An invalid SQL query was used.] CMS.PortalEngine.Web.UI.CMSAbstractWebPart.GetValueInternal(String propertyName, Boolean resolveMacros) +1781 CMSWebParts_Viewers_Documents_cmsrepeater.get_OrderBy() +90 CMSWebParts_Viewers_Documents_cmsrepeater.SetupControl() +1029 CMSWebParts_Viewers_Documents_cmsrepeater.OnContentLoaded() +54 CMS.PortalEngine.Web.UI.CMSWebPartZone.OnContentLoaded() +162 CMS.PortalEngine.Web.UI.CMSAbstractLayout.OnContentLoaded() +166 CMS.PortalEngine.Web.UI.CMSAbstractLayout.LoadWebPartsContent(Boolean reloadData) +291 CMS.PortalEngine.Web.UI.CMSAbstractLayout.LoadContent(PageInfo pageInfo, Boolean reloadData, Boolean allowOrphanedZones) +978 CMS.PortalEngine.Web.UI.CMSPagePlaceholder.LoadContent(PageInfo pageInfo, Boolean reloadData) +1930 CMS.PortalEngine.Web.UI.CMSPagePlaceholder.LoadContent(PageInfo pageInfo, Boolean reloadData) +2784 CMS.PortalEngine.Web.UI.CMSPortalManager.LoadPage(Boolean reloadData) +264 CMS.PortalEngine.Web.UI.CMSPortalManager.PageHelper_InitComplete(Object sender, EventArgs e) +29 CMS.Base.Web.UI.PageContext.CurrentPage_InitComplete(Object sender, EventArgs e) +298 System.EventHandler.Invoke(Object sender, EventArgs e) +0 System.Web.UI.Page.OnInitComplete(EventArgs e) +11892713 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +10425 System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +361 System.Web.UI.Page.ProcessRequest() +76 System.Web.UI.Page.ProcessRequest(HttpContext context) +70 ASP.cmspages_portaltemplate_aspx.ProcessRequest(HttpContext context) +52 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +508 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +92

Correct Answer

Russell Vanek answered on May 11, 2017 16:31

Quick update on this item.

After lots installs / uninstalls, the issue appears to be with the Dancing Goat demo. The other demos work fine, but that one keeps giving this error.

Thanks for the help, issue resolved.

0 votesVote for this answer Unmark Correct answer

Recent Answers

Brenden Kehren answered on May 5, 2017 23:22

Does your SQL user or group have DBO owner permissions?

Did you set the user running the application pool in IIS read/write permissions on the local install?

0 votesVote for this answer Mark as a Correct answer

Russell Vanek answered on May 8, 2017 16:31

Thanks for the reply.

Yes, SQL user has SA rights at the moment for this initial setup.

I am running the application pool under the same SQL account with windows authentication turned on. This user account didn't have read/write access to the local IIS install. I've given the rights but still no go, getting the same error.

0 votesVote for this answer Mark as a Correct answer

Ali Shahrokhi answered on June 7, 2017 09:48 (last edited on June 7, 2017 09:50)

I'm using IIS EXPRESS and getting the same error. Any fix for this issue ? does it mean the "dancing goat" is not working ? I can login to admin area but not local home site!

0 votesVote for this answer Mark as a Correct answer

Brenden Kehren answered on June 7, 2017 13:56

Ali, then log in to admin and delete the Dancing Goat site. Start from scratch with a blank site

0 votesVote for this answer Mark as a Correct answer

Ali Shahrokhi answered on June 8, 2017 00:21

Hi Brenden, Thanks for the solution but I need the template. any ideas ?

0 votesVote for this answer Mark as a Correct answer

Brenden Kehren answered on June 8, 2017 00:56

So you're basing your website off of the Dancing Goat website? If so not a good practoce. Id use the Kentico debug logs to check your SQL queries.

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.