Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

How to secure pages on a publishing site with Anonymous Access

  Asked By: Ralph    Date: Mar 07    Category: Sharepoint    Views: 2797

We have a publishing site with anonymous access and FBA. We have
certain pages that we only want available when someone has
authenticated. I know how to do that with standard ASPX sites, but
how can this be done within sharepoint publishing?



7 Answers Found

Answer #1    Answered By: Mansi Revenkar     Answered On: Mar 07

I don't have access  to a system at the moment, but what if you were to put
those specific pages  into a different library and then not allow anonymous
access to the library?

Answer #2    Answered By: Lizette Mcconnell     Answered On: Mar 07

It is also very simple to control security at the item level...

From the pages  library view, you can Manage Permissions of the page, break
security inheritance, and only allow access  by the user(s)/group(s) you wish.

Answer #3    Answered By: Rosanna Parrish     Answered On: Mar 07

The trouble is that anonymous  access in SharePoint is not handled in the
user/group interface, its separate and doesn't go to all the way down to
the itemlevel.

Answer #4    Answered By: Kalash Karmakar     Answered On: Mar 07

I have a dual auth provider site  on MOSS. I just removed the default '***Site
Visitors' after breaking inheritance on a single page, and that page is no
longer accessible anonymously... In fact, if I try and paste the URL and go
directly to the page, I get prompted for authentication...

Am I seeing behavior that is non-standard?

Answer #5    Answered By: Mauricio Tanner     Answered On: Mar 07

That's very interesting. You may be on to something. My comments were
in reference to adding or removing authorization from IUSR_computername
to try to do something with Annonymous Access. I've never tried
removing the site  Visitors group. Only issue would be that you also
removed access  for authenticated read only users. But they could be
re-added if necessary.

Answer #6    Answered By: Gina Freeman     Answered On: Mar 07

I had a chance to play some more with your situation tonight while
waiting for a plane and I found a solution for your problem. It's
actually so obvious none of us saw it. You don't have to even remove
Site visitors, just break inheritance. Try this and see if it doesn't
do what you want.

1) Turn on anonymous  Access for the Web Application

2) Set Anonymous access  for the site  that you want to be Anonymous
Access as Entire Web. The entire site is now Anonymous Access.

3) Go to the pages  document library and manage the permissions on
the page that you want to require permissions. Break inheritance on
that page and let it establish all the default permissions.

Navigate to the site and you will find that it is still Anonymous
Access. Navigate to the page where you broke inheritance and you will
find that it requires Logon. Evidently when you break inheritance it
establishes all the default permissions but doesn't carry over the
anonymous permissions. Since it now has permissions unique from the
Pages library it requires authentication. While all other pages don't.
All you have to do is Break Inheritance on the pages you want to prompt.
Don't establish any extra permission settings.

Answer #7    Answered By: Tyrell Nash     Answered On: Mar 07

Since we run dual zone and only the extended has anonymous, I logged
into that zone with an ADAM site  collection admin account and was
able to override security (nice article from Andrew C. on how to
configure dual zone and have SP reconginze both AD and ADAM). It
works at the individual account level just great. I now need to go
back and see if ADAM supports an all authenticated users setting.