The information in this article applies to:
Product: Metastorm BPM
Version: 7.6.2
Issue
When trying to access a SharePoint page that contains Metastorm web parts, the user receives Error 403 Forbidden. The Windows event log on the SharePoint server contains an error similar to the following:
Access to the path 'C:\\Inetpub\\wwwroot\\wss\\VirtualDirectories\\MBPMWebParts\\bin\\Metastorm.Web.WebControls.dll' is denied.
Resolution
Some Metastorm web parts DLLs (stored in the bin directory) contain embedded resources such as JavaScripts, which are used by the ScriptManager(AJAX) control on the master page of the Metastorm web parts application. AJAX makes the request under the user account accessing the page(s) and not under the IIS application pool identity. However, once a user with the required permissions has accessed the page, the DLLs are cached until the worker processes are recycled and the cache expires. During this time, users without the required permissions to the DLLs can access the SharePoint page and web parts. After the cache expires, these users will receive Error 403 until another user with the required permissions accesses the page and the DLLs are again cached.
To prevent Error 403, users (or a group to which the users belong) accessing the Metastorm web parts for SharePoint should have Read & Execute permission for the following files located in the Metastorm web parts application bin folder (for example, C:\\Inetpub\\wwwroot\\wss\\VirtualDirectories\\\\bin\\):
Metastorm.Web.WebControls.dll
Telerik.Web.UI.dll
