Consider a situation where you want to allow a user to upload a large document in your SharePoint application, however the user does not have contribute permission to the Document Library. This can be for several reasons. You don't want the user to see/modify other content and only provide an interface to submit documents.
We will use the app-only policy of provider hosted apps to upload the documents to the HOST web. This article assumes you understand the basics of the procedure to setup the environment and develop Provider-Hosted apps. If not, here is a technet article to follow.
I have created a provider hosted app with a client web part. The client webpart will be added to a page in the host web that will show a File upload control. The page that the client webpart shows will be deployed to the remote web of the provider hosted app. In this case, it is FileUpload.aspx.
![]()
Now, we need to tell the app to use the app-only policy when calling into SharePoint. With the app-only policy, irrespective of what level of permission the user has on the SharePoint site, only the app's permissions will be considered for authorization of the call. So, we set the value in the AppManifest.xml file of the provider hosted app.
Also, since we are uploading a file in Document Library, the app needs to have the correct permissions on the SharePoint site. This is also set in the AppManifest.xml file.
![]()
In the FileUpload.aspx page, I have designed a simple UI with a file upload control and a button to upload the document. We write the code to upload the file to a SharePoint Document Library on the event handler of the button click event.
We will use the SharePointContextProvider to get the SharePoint context and the CreateAppOnlyClientContextForSPHost since we are using the app-only policy and uploading the file to the Host web.
![]()
Using the "ContentStrem" property, we can upload files of large size in the SP Document Library. Refer to:
https://msdn.microsoft.com/en-us/library/office/dn904536.aspx
Now I have packaged and deployed my remote web in IIS and uploaded the app to my app catalog. I have also added the app to my SharePoint site. Edit the page and insert the client web part to a page in the Host Web.
![]()
And the client webpart shows the upload control and button. Please excuse the alignment of the controls. :-)
![]()
I will now try to upload a large document (approx 80 MB), but it encounters the error:
"The request filtering module is configured to deny a request that exceeds the request content length"
This is because the IIS is configured to handle requests of only a specific size and since we are uploading a file of about 80 MB, it fails. We can change that using the web.config file. In the web.config of our remote web application, set the following values:
![]()
There is one more setting required. Open IIS then navigate to your remote web site. Click on "Request Filtering" . Click on "Edit Feature Settings" and change the value of "Maximum allowed content length".
![]()
Now we are all set. Select a document in the file upload control and hit Upload. Our file is uploaded and is modified by the APP because we are using the App-only policy.
![]()
Reference
https://msdn.microsoft.com/en-us/library/office/dn904536.aspx
http://www.shubho.net/2011/01/http-error-40413-not-found-request.html