Step by Step: How to enable anonymous access in a SharePoint Foundation 2010 site

Written by Denis Stadler on . Posted in SharePoint 2010

I wanted to create a SharePoint Foundation 2010 site and use it to publish different SharePoint 2010 development examples.

As it can be seen in the picture above I have defined an additional internet zone for my SharePoint web application, with the address: http://sharepoint.stadler.pro.

In order to be able to enable anonymous access we need to check the allow anonymous option when creating the site collection.

And, from the Permissions page (click on the Site Actions -> Permissions) we can enable the anonymous access, by choosing one of the options: entire web site, list and libraries.

Entire web site

This is the easiest path to take, in order to accomplish the goal. Just thick this option and any anonymous user can access the web site. The only issue is that any user can access the view all site content page too.

To hide this button there are at some options, but in order to achieve this, we have to edit the master page in SharePoint Designer.

Hide SharePoint Ribbon using Java Script and CSS

The fastest way to hide the ribbon for the anonymous users is to hide the ribbon row. This can be done by adding the following java script into the v4.master file (just replace sharepoint.stadler.pro with you own URL), above the closing head tag.

<script type="text/javascript" language="javascript">

var currentUrl = document.location.href;

if(currentUrl.match("sharepoint.stadler.pro") != null) 
{

document.write('<style type="text/css">body #s4-ribbonrow { display: none; }</style>');

$('#s4-workspace').removeAttr('id');
$('body').removeAttr('scroll');
$('body').css('overflow', 'auto');    	

}
</script>

The script checks if we are on the internet zone (in this case the URL should contain http://sharepoint.stadler.pro) and if so, it hides the ribbon row.

The only disadvantage is that if somebody uses the direct URL of the View all site content page ( _layouts/viewlsts.aspx ), he (or she) can still see the page.

Sharepoint:SPSecurityTrimmedControl

The other easy option would be to insert the ribbon control into a SPSecurityTrimmedControl control.

<Sharepoint:SPSecurityTrimmedControl runat="server" Permissions="EditListItems">
<div id="s4-ribbonrow" class="s4-pr s4-ribbonrowhidetitle">
<!-- On the master page, here in between there is the ribbon -->
</div>
</Sharepoint:SPSecurityTrimmedControl>
<!-- In this div there is the page content -->
<!-- I included this only for positioning purposes -->
<div id="s4-workspace">

In this case if the user tries to navigate to any URL under the “_layouts” folder, he would be prompted to insert credentials.

The reason why I’ve chosen “EditListItems” as permissions required to display the content inside the SPSecurityTrimmedControl control, can be found on the MSDN site: SPBasePermissions Enumeration.

Basically “EditListItems” states for the following permissions: “Edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries.”

List and libraries

If you choose this option you will have the possibility to choose individually on every list if the anonymous users will have access rights to read this.

There is thought a catch. Let’s assume that you provide access to the Site Pages library for the anonymous users.

In this case they will be able to access your web site by using the full address of the home page (in my case – http://sharepoint.stadler.pro/SitePages/Home.aspx), but they won’t be able to access the site if they use the default address of the SharePoint site (in my case – http://sharepoint.stadler.pro).

To fix this just run the following PowerShell against your site:

# Replace http://sharepoint.stadler.pro with your own web site
$web = Get-SPWeb http://sharepoint.stadler.pro

$web.AnonymousState = [Microsoft.SharePoint.SPWeb+WebAnonymousState]::Enabled
$web.AnonymousPermMask64 = "Open, ViewPages"

$web.Update()

Even if under Site Permissions, it will say Entire Web Site for the Anonymous access, you will still need to explicitly specify which lists and libraries have anonymous access.

Tags: , , , ,

Trackback from your site.

Denis Stadler

I'm a technology enthusiast, with more than 10 years of experience in SharePoint and Dynamics CRM projects. To find more details about, please visit the about me page.

Leave a comment

*