SharePoint - Anonymous Access and Sharepoint Objects

Asked By Willia

27-Mar-07 06:00 PM

Hi All

I'm having a problem granting access to a web part to read the Sharepoint
objects. What I've done to initially create the environment:

1.Create a new Web Application and name it Intranet and put it on a port
other than 80 â€“ say 6666. Set NTLM, no Anonymous Access and do not use SSL.
Also, configure the App Pool to run under a specific domain account and use
Windows Authentication for DB access. OK to create it
2.Do an IISRESET /NOFORCE
3.Extend the new web application and create a new IIS website. Call it
Internet and change the port to 80. Set itâ€™s host header (e.g.
www.internettest.com ). Set NTLM, Yes to Anonymous Access and do not use SSL.
Change the zone to Internet and OK to create.
4.Do an IISRESET /NOFORCE
5.Create a new Site Collection on the Intranet:6666 web application and use
the Collaboration/Blank Site template
6.Do an IISRESET /NOFORCE
7.Setup the host headers in the hosts file
8.Open the internet site. It should open using the system account. This is
OK as we havenâ€™t allowed the anon access user to do anything yet. Open People
and Groups and select Site Permissions. Under Settings select Manage
Anonymous Access and then give permission to see All and OK.
9.In Central Admin open the Authentication Providers and the Internet Zone
and switch off the Windows Authentication.
10.Do an IISRESET /NOFORCE

I have a webpart that reads the top level site's subsites and lists them. I
build it and drop the dll in the bin directories for my intranet and internet
sites and I add it to the SafeControls list in both sites' web.config files
and I grant WSS_Meduim trust level on both sites. I get 401 errors on the
anon access site when I try to do:

SPSite site = new SPSite(SPContext.Current.Site.ID);
SPWeb web2 = site.OpenWeb();
SPWebCollection webs = web2.Webs;

//error on next line
int _count = webs.Count;

If I comment out all the code in the web part and add the following two lines:

output.Write(this.Context.User.Identity.Name + "<br>");
output.Write(System.Security.Principal.WindowsIdentity.GetCurrent().Name);

and run the site in Windows Authentication mode i get

(as expected)

returned. However, on the internet site i get:


this.Context.User.Identity.Name is an empty string and different from the
AnonAccess account that's been setup in ISS

Has anyone else tried/had trouble accessing the SPS objects while in Anon
Access - am I missing web.config settings or do I need to use
SPSecurity.RunWithElevatedPrivileges to get at them?

Thanks in advance for any help
William

SharePoint Development Discussions

SPWebCollection
(1)

SPContext
(1)

SPSite
(1)

SPSecurity
(1)

SPWeb
(1)

SPS
(1)

IIS
(1)

SharePoint
(1)

VincentRothwel replied...

27-Mar-07 06:56 PM

William,

You definitly do not have to run with elevated privileges.

A few things to try/check really...

Is the IUSR_ or other Anonymous account you are using a member of the
Visitors group in SharePoint?

Is there a reason why you are creating a new SPSite? Could you try using
SPContext.Current.Web.Webs to get the SPWebCollection?

It would also be worth checking to see if there any errors using SQL
trace...there could be a permission problem there.

Have you changes anything using IIS Admin or have you done everything
through SharePoint?

Is this a standard OOB publishing site?

Vince

--
http://blog.thekid.me.uk

Willia replied...

29-Mar-07 06:36 AM

Hi Vince

Thanks for your suggestions:

I hadn't got the IUSR_ account setup with visitor rights so I did that

I changed back to SPContext.Current.Web.Webs - I was only using the other
method in the example as I'd changed the code so that I could surround it
with the RunWithElevatedPriviledges call

I hadn't changed anything in IIS - I made all changes via the Sharepoint
interfaces

The site I was using had been created with the Blank Site templates,
however, I've also tried it with the Publishing and Collaboration site
templates

I checked SQL server trace but don't see anything obvious

After all this I'm still getting the same issue. I've opened a call with MS
support so I'll post up what they find - I'm hoping it's something stupid
that I'm missing

William

Willia replied...

03-Apr-07 09:56 AM

According to MS, some API function calls need to be run at a higher level of
priviledges and they're saying that webs.Count is one of them (the list isn't
documented). We tried impersonating another user but that only set the
Windows context and not the MOSS user context which remained blank. In the
end they said to use RunWithElevatedPriviledges

My guess is that the code is treated differently because it's in a web part
and not directly on a template. I haven't tried that yet

William

Previous Discussion: WebForm posting to Sharepoint list

MOSS 2007 creating site programatically and adding users SharePoint

get that error. Here is some code: / / Create the site SPSecurity.RunWithElevatedPrivileges(delegate() { SPWeb webContext = SPContext.Current.Web; Guid newSite; using (SPSite site = new SPSite(webContext.Site.ID)) { using (SPWeb web = site.OpenWeb(webContext.ID)) { web.AllowUnsafeUpdates = true; SPWebCollection webCollection = web.Webs; SPWeb newWeb = webCollection.Add(txtPartnerName.Text, txtPartnerName.Text, "", 1033, "DTAP-Partner-Site Add(loginName, email, name, notes); } } } }); - - Vincent Wright SharePoint Portal Server Dev Discussions SPSecurity.RunWithElevatedPrivileges (1) SPContext.Current.Web (1) SPWebCollection (1) SPUser (1) SPSite (1) SPWeb (1) MOSS 2007 (1) Newweb.AllUsers (1) to same nt , I ate() text.Current.Web; SPSite(webContext.Site.ID)) eb web = 3D site.OpenWeb(webContext.ID)) = A0 = A0 web.AllowUnsafeUpdates = 3D

How to programmatically query a lookup type column in doc library? SharePoint

that works I go out to content type and get value array for column Product SPSite siteCollection = new SPSite(SPContext.Current.Site.ID); SPWebCollection collWebsites = siteCollection.AllWebs; foreach (SPWeb oWebsite in collWebsites) { if (oWebsite.Url = = "https: / / tsbusis.tams.com that works I go out to content type and get value array for column Product SPSite siteCollection = new S

Name SPContext is not declared. SharePoint

Name SPContext is not declared. SharePoint I am trying to remotely access a Sharepoint site from a found an example that should do the trick. Only, I get a nasty error: "Name SPContext is not declared." Any idea how I can solve this? I have added Microsoft.Sharepoint as a reference, though. The sample code looks like this: = = = = = = = = = = = Dim mySite As SPWeb = SPContext.Current.Web Dim subSites As SPWebCollection = mySite.Webs Dim currentTemplate As String = mySite.WebTemplate Dim siteUrl As String = TextBox1.Text.ToString subSites.Add(siteUrl, siteTitle, siteDescription, Convert.ToUInt32(1033), currentTemplate, True, False) = = = = = = = = = = = Sharepoint Windows Services Discussions SPContext.Current.Web (1) SPWebCollection (1) SPContext (1) SPSite (1) SPWeb (1) System.Environment.MachineName (1) Convert.ToUInt32 (1) Console.WriteLine (1) If you

Unable to display GridView in webpart SharePoint

also returned as a string for / / debug purposes. public StringBuilder getWebInfo() { StringBuilder sb = new StringBuilder(); SPSite mySite = SPContext.Current.Site; / / Create a new DataTable. table = new DataTable("WebInfo"); / / Declare variables for DataColumn and ReadOnly = true; column.Unique = false; / / Add the Column to the DataColumnCollection. table.Columns.Add(column); SPWebCollection allWebs = mySite.AllWebs; string[] weburls = allWebs.Names; for (int i = 0; i < weburls.Length; i ServerRelativeUrl.ToString()); } / / Add the new DataTable to the DataSet. return sb; } } } - - Thanks SharePoint Development Discussions SPWebCollection (1) SPContext (1) SPSite (1) SharePoint (1) SPWeb (1) I see in your code you are creating a grid