Cannot use SPCollection.Add when using claims based authentication and FBA
Sometimes simple things that you thought you could realize in seconds cause you hours of headaches. Last week we ran into another of those examples. We had defined a SharePoint ContentType that actually describes a SiteCollection. We then created a custom list using the ContentType with an EventReceiver that creates the SiteCollection when an new Item is added to the list. As I said before, so far things were really simple and we didn’t expect any difficulties. Maybe I should mention at this point that this list would be used in the RootWeb of the RootSiteCollection of a WebApplication using claims based authentication. This was a necessary requirement as we also needed the Forms Based Authentication (FBA) enabled. Obviously we used SPSiteCollection.Add to create the new SiteCollection. Upon testing it soon turned out that we would be facing a couple of hours of headaches, as we ran into an Access Denied error. As it turns out, the SPSiteCollection.Add method simply cannot be used when using claims based authentication and FBA. Thanks to this post we found that we could work around this issue by falling back to SelfServiceCreateSite. For this we needed to enable Self Service Site Creation for the WebApplication and subsequently hide this function for Site Visitors.
Don’t forget to visit the SharePoint App Market