I have a Sharepoint Foundation server 2013 with a Web Application deployed, a root Site Collection and another Site Collection in this Web Application. The Web Application is configured for Anonymous Access, the second Site Collection requires Sharepoint authentication (MS TMG).
I have Application Pages that are deployed to the server (scope = web), these Application Pages are used within the second Site Collection by users and so require authentication, which works as desired. Those Application Pages must also be accessible anonymously, they are of course in the _layouts folder and so are included in the root Site Collections _layout path, this part does not work.
I can access anonymously the root server address https://myserver.mycompany.co.uk/
(maps to https://myserver.mycompany.co.uk/_layouts/15/start.aspx#/SitePages/Home.aspx which is turn maps to https://myserver.mycompany.co.uk/SitePages/Home.aspx). I cannot however get anonymous access to https://myserver.mycompany.co.uk/_layouts/15/mysite.ApplicationPages/MyPage.aspx?QueryString=etc
It requires authentication and of course works when I provide authentication.
Suggestions? More info required?
// This
public partial class DoWithComment : UnsecuredLayoutsPageBase
{
// And this was required as well
protected override bool AllowAnonymousAccess
{
get
{
return true;
}
}
}
If your app pages need to be accessible via anonymous access, your pages should inherit from Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase instead of LayoutsPageBase
See: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.unsecuredlayoutspagebase.aspx
Apart from Colin's answer there is indeed a case when the above does not work (SharePoint 2013 with SP 1).
SharePoint is accessed via Windows Authentication.
User utilizes Chrome (my version is 35) to access page.
User has been logged off from different browser or user's domain login is locked.
User tries to access the anonymous page.
User gets the login popup from Chrome.
My only workaround was to create a HTTP module to remove all the cookies including WSS_KeepSessionAuthenticated cookie on BeginRequest. Most probably removing the WSS_KeepSessionAuthenticated is only required but I'm pasting original code which removed every cookie as the issue is quite hard to reporduce.
public class SPNoAuthModule : IHttpModule
{
public void Dispose(){ }
public void Init(HttpApplication context)
{
context.BeginRequest+=context_BeginRequest;
}
private void context_BeginRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender;
var context = app.Context;
if (context.Request.FilePath.ToUpper().EndsWith("YOURPAGEADDRESS"))
{
var cookieNames = context.Request.Cookies.AllKeys;
foreach (var cookieName in cookieNames)
{
context.Request.Cookies.Remove(cookieName);
}
}
}
}
And of course register it in proper Web.config in c:\inetpub\wwwroot\wss\VirtualDirectories\YOURAPPNAME:
<modules>
<add name="YOURMODULENAME" type="YOURNAMESPACE.SPNoAuthModule, YOURASSSEMBLYNAME, Version=YOURVERSION, Culture=YOURCULTURE, PublicKeyToken=YOURKEYTOKEN" />
</modules>
Related
I have written a fairly straight-forward JavaScript for SharePoint Online that I am deploying as a user custom action into the root site collection using CSOM.
The following code is the block I am using for provisioning the script to the site collection:
public static void ProvisionScriptLinkCustomAction(ClientContext ctx, string name, string url)
{
Site site = ctx.Site;
ctx.Load(site.UserCustomActions);
ctx.ExecuteQuery();
foreach (UserCustomAction action in site.UserCustomActions)
{
if (action.Name == name)
{
action.DeleteObject();
break;
}
}
ctx.ExecuteQuery();
UserCustomAction customAction = site.UserCustomActions.Add();
customAction.Location = "ScriptLink";
customAction.Name = name;
customAction.ScriptSrc = url + "?" + Guid.NewGuid().ToString();
customAction.Update();
ctx.ExecuteQuery();
}
I am logged in as the tenant administrator when deploying and initially testing the custom action. Everything works as expected until I log in as a user that is not the tenant admin. When logged in as any other user that is only a site collection administrator or lower, the custom action does not fire and all of my efforts are for naught.
This feels like a configuration or permissions issue to me but I am at a loss to begin to know where to look to rectify this issue.
Any helpful thoughts would be greatly appreciated!
Turns out I had console.log calls in my JavaScript. Some versions of IE apparently do not know how to log to the console when in browser mode without debug tools which presumably throws an uncaught and unlogged exception. Removing the console.log statements made the issue go away.
I am working on something like this sync e-mail outlook2010 and sharepoint2010 I am looking for a way to log in outlook web parts in sharepoint 2010 automatically using logged in sharepoint user is it possible in C#.. i want to get away from kerberos authentication and configuring exchange server I've tried this one Get Current User Inbox and other similar ones but it didn't work.
any suggestions?
Are the login credentials the same as for windows? If so, have you configured the browser correctly? See browser setup for auto login
To login try the following, inherit from OWAInboxPart and in OnInit create the mailbox name using the current user, for some a simple question mark seems to work:
public class MyInbox : Microsoft.SharePoint.Portal.WebControls.OWAInboxPart
{
protected override void OnInit(object sender, EventArgs e)
{
this.MailboxName = ?;
base.OnInit (sender, e);
}
}
Look at this discussion of how to get the mailbox for the current user.
I have a SharePoint 2010 MySites set up on its own web application. There is the standard site collection at the base level, http://site:80/.
The personal sites for each user is at the managed URL /personal/.
I have a working event handler which add items to the Newsfeed when a user adds something to a picture library.
THE PROBLEM:
The problem is, this only works if they add to a picture library at the base site collection, http://site:80/, and does NOT work if they add to http://site:80/personal/last first/.
Does anyone know why? The event handler feature is site scoped and my understanding is that it should work on all subsites.
The problem is that personal sites are not subsites of My Site host. In fact each user's personal site is a site collection on its own. So basically you need to register your event receiver not only for My SIte host, but also for each user's personal site.
Ok. Because you can only 'staple' features to site definitions which will be provisioned in the future, you need a way to activate new features on existing sites.
So, the fix I discovered and used follows:
The default page for the newsfeed is http://site:80/default.aspx. If you create an event receiver and scope it for 'site' and deploy it globally or to that web application, then it will work on the base site collection. Each personal site is a site collection and has the feature but it needs to be activated on each personal site collection.
So, in the default.aspx page, you place the following which will activate the feature if it has not yet been activated.
<script runat="server" type="text/c#">
protected override void OnLoad(EventArgs e) {
base.OnLoad(e);
String sAccount = (((SPWeb)((SPSite)SPContext.Current.Site).OpenWeb()).CurrentUser.LoginName).Split('\\')[1];
String basePersonalURL = "http://site:80/personal/";
String eventReceiverFeatureId = "12345678-1234-1234-1234-1234567890ab";
using(SPSite site = new SPSite(basePersonalURL + sAccount)) {
site.AllowUnsafeUpdates = true;
using(SPWeb web = site.RootWeb) {
web.AllowUnsafeUpdates = true;
try { site.Features.Add(new Guid(eventReceiverFeatureId)); } catch {}
web.AllowUnsafeUpdates = false;
}
site.AllowUnsafeUpdates = false;
}
}
</script>
You also need to edit the web.config file in order to allow inline code to run for this page. Hope this helps.
I am running a CMS web site on WSS 3.0.
I would like to have a custom sign-in page for the publishers. Do I have any other alternative other than the Welcome control? (For example, could I use ASP.NET Login control?
Thank you for your help.
That would depend on the authentication mechanism that you use. If you're using Active Directory, you're pretty much tied to the Welcome control.
If however you're using Forms Based Authentication, you can control to login page more completely.
FBA can be tricky to configure and I'd recommend staying with AD if you can, but if you have to go FBA, here's a good guide:
http://technet.microsoft.com/en-us/library/cc262201(office.12).aspx
This is really not much difficult.
It can only be happen if you have Forms based authenticated site not windows based, then you must have to modify login.aspx page.
this relies in _layouts folder of 12 hive. so you have to modify it.
Best way to do is, fo to _layouts folder, make a copy of it and paste it in somewhere in the disk and then change the location in IIS properties for the site of the _layouts folder to your copied one. and make the changes of that login page.
Points to remember.: It uses a master page and there are 5 or 6 customplaceholders requires. so do have them in your new masterpage.
Next is about the code behing for login control to work.
If you are customizing your login code. then you have to modify
this is an example :
using System;
using System.Web.Security;
using System.Web.UI.WebControls;
namespace CustomLoginPage
{
public class Login :
Microsoft.SharePoint.WebControls.UnsecuredLayoutsPageBase
{
protected System.Web.UI.WebControls.Login loginBox;
protected override bool AllowAnonymousAccess { get { return true; }
}
protected override bool AllowNullWeb { get { return true; } }
protected void Login_Click(object sender, EventArgs e)
{
if (AuthenticateUser(loginBox.UserName, loginBox.Password))
return;
}
protected bool AuthenticateUser(string emailAddr,
string password)
{
string userName = emailAddr;
MembershipUserCollection coll =
Membership.FindUsersByEmail(emailAddr);
if (coll != null && coll.Count == 1)
{
// We're doing this to force the enumerator to give us the
// one and only item because there is no by int indexer
foreach (MembershipUser user in coll)
{
userName = user.UserName;
}
}
if (Membership.ValidateUser(userName, password))
{
FormsAuthentication.RedirectFromLoginPage(userName, true);
return true;
}
return false;
}
}
}
so please do modify it.
The one Url which i follow to perform this is :
http://www.devx.com/enterprise/Article/35068/1954
Go ahead and if you face any issues. feel free to contact me : ankurmadaan2787#live.in
The answers below are really helpful -but I'm afraid my environment is limited (WSS 3.0, shared hosting).
So I simply added this link which opens up the authentication dialog:
Sign in
(Where the Source parameter indicates the URL to redirect to upon authentication.)
Thank you.
In the Site Collection level there is a Page library, which has been created along with the whole site. I didn't touch it for long time until recently I added new content types, modified some page layouts and master pages using a solution file. When accessing the home page using the site configured for anonymouse user it failed with "401 UNAUTHORIZED" error on the web page. I noticed the URL was /_layouts/AccessDenied.aspx?Source=...&Type=list&name={...} Then I copy this string to the site for authenticated user, it appears as "Error: Access Denied". I also checked the guid of name={...}. It's the page library list ID.
It seemed the page library permission is not correctly set. However the other page libraries of sub sites are all working well under anonymous user, using the same new content type, master page and page layouts. Their permission are identical on the settings page (all inherit from parent) and all have "allow anonymous" enabled.
I also tried create pages with other page layouts in that page library, clean up content types, all didn't help.
It's not the permission issue of the page library, rather it is related to the code I modified. SPContext.Current.Site.RootWeb is the the refernce by anonymous user. That user do not have privilege to access root folder. I assumed that SPContext.Current.Site.RootWeb.RootFolder.WelcomePage would work with elevated privilege, but after some reading I realized it's not elevate the privilege as I thought. Here's an explanation.
bool rtn = false;
SPWeb rootWeb = SPContext.Current.Site.RootWeb;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(rootWeb.Site.Url))
{
using (SPWeb web = site.OpenWeb())
{
rtn = web.Url + "/" + web.RootFolder.WelcomePage
== this.Page.Request.Url.AbsoluteUri;
}
}
});
return rtn;