Tag Archives: anonymous access

Pro Tip: Allowing Anonymous Access For A SharePoint Application Page

A short and sweet one – if you’re looking at creating an application page that’s accessible to anonymous users of your SharePoint site, there’s two things you need to do:

  1. Switch the base class of your application page from LayoutsPageBase to UnsecuredLayoutsPageBase
  2. Make sure you implement an override for the AllowAnonymousAccess property, and have it always return “true” (or some other condition of your choosing)

To be extra clear, you need to add the following code to your Application Page codebehind:

[sourcecode language="c-sharp"]

protected override bool AllowAnonymousAccess
get { return true; }


Sharepoint – Anonymous Access and Publishing Web Default Page

Here’s a big gotcha that I came across recently – if you’re developing a public facing Sharepoint site which will be using anonymous access, check your code for any references to PublishingWeb.DefaultPage. Because direct access to the Defaultpage / home page of a Publishing Web requires the “Browse Directories” permission which isn’t part of the Limited Access role which anonymous users get by default, unauthenticated users will come across 401 Unauthorized exceptions once they hit the code that looks for the Publishing Web’s default page.

The best way to fix this is to run code that refers to the DefaultPage using SPSecurity.RunWithElevatedPrivileges() – but here’s another gotcha! You can’t use SPContext.Current.Web within RunWithElevatedPrivileges, as it will still be running under the current user’s credentials, and not the system account that you need. Therefore, you need to reopen a reference to the SPWeb/SPSite within the RunWithElevatedPrivileges call.

Some sample code follows below…

[sourcecode language="csharp"]
SPSite site = SPContext.Current.Site;
SPWeb web = SPContext.Current.Web;

if (PublishingWeb.IsPublishingWeb(SPContext.Current.Web))
//reopen the web to get it under the elevated privileges – otherwise you can’t access pweb.defaultpage
SPSecurity.RunWithElevatedPrivileges(() =>
using (SPSite elevatedSite = new SPSite(site.ID))
using (SPWeb elevatedWeb = elevatedSite.OpenWeb(web.ID))
PublishingWeb pWeb = PublishingWeb.GetPublishingWeb(elevatedWeb);
SPItem defaultPageItem = pWeb.DefaultPage.Item;


Search Results For Anonymous Users in Sharepoint 2010

If you’re using SharePoint for any public facing websites and are integrating search and are wondering why search results are not coming up when you’re not logged in to the site, you aren’t alone! Try performing the following simple steps:

In your Sharepoint site, head to Site Settings –> Site Administration –> Search and Offline Availability, and change the Indexing ASPX Page Content setting to “Always index all Webparts on this site”.

Then, head to Central Administration and re-run a search crawl for the appropriate content source.

Once the content has been crawled, you should now be able to get search results when running queries as an anonymous user.

More information on the search visibility settings can be found here.