Blog Site in Anonymous Use
Anonymous user cannot enter a blog entry in a SharePoint site if ViewFormPagesLockDown feature is active at site collection level and ViewFormPagesLockDown feature is active if site collection is based on publishing portal. After googling we came accross plenty of resources considering this matter:
- Lockdown Mode in SharePoint 2010
- Anonymous access for blog sites not working in SP2010
- Rich Finn’s Blog
We didn’t want use the solutions suggested in the links above. To disable the ViewFormPagesLockDown “…leaves you wide open from a security perspective…”. To have our blog site in another site collection. Well that’s just not what we want to do to solve this tiny little thing with permissions.
Me and Aapo dug with reflector into ViewFormPagesLockDown feature and found out what the feature receiver does.
The highlighted sections of the feature receiver show what happens to Guest’s permissions at rootweb level when you disable ViewFormPagesLockDown site collection level feature.
So why not just take the solution from where it is and develop a web scoped feature which does the exactly same thing to the blog site but not to all webs in the site collection because that’s not what we want.
Develop a feature receiver as follows:
using Microsoft.SharePoint;
namespace My.Assembly
{
public class FormPagesLockDownReleaseReceiver : SPFeatureReceiver
{
public override void FeatureActivated(SPFeatureReceiverProperties
properties)
{
using (var web = (SPWeb)properties.Feature.Parent)
{
var anonymousState = web.AnonymousState;
// continue only if anonymous use is enabled
if (anonymousState == SPWeb.WebAnonymousState.Disabled)
return;
web.AllowUnsafeUpdates = true;
// break inheritance to set permissions per site
web.RoleDefinitions.BreakInheritance(true, true);
// permission granting from LockDownViewFormPages
var byType = web.RoleDefinitions.GetByType(SPRoleType.Guest);
byType.BasePermissions |= SPBasePermissions.EmptyMask |
SPBasePermissions.ViewFormPages;
byType.BasePermissions |= SPBasePermissions.UseRemoteAPIs;
byType.Update();
// reset the anonymous state programmatically
web.AnonymousState = SPWeb.WebAnonymousState.Disabled;
web.AnonymousState = anonymousState;
web.Update();
web.AllowUnsafeUpdates = false;
}
}
}
}
Resetting the anonymous state is just a thing you would have to do from UI when you toggle permissions. Lockdown Mode in SharePoint 2010: “If anonymous is already setup, you may need to disable\re-enable anonymous on the site.”
Then a web scoped feature that consumes the receiver:
<Feature
Id="{6189C7B4-6FDC-4BAA-95FD-03DD318031E5}"
Title="Blog Anonymous Access Staplee"
Description="Enables Anonymous Access to Blog Entries"
Scope="Web"
ReceiverAssembly="My.Assembly,
Version=1.0.0.0,
Culture=neutral,
PublicKeyToken=e3e48257ada349c4"
ReceiverClass="My.Assembly.FormPagesLockDownReleaseReceiver"
Hidden="FALSE"
xmlns="http://schemas.microsoft.com/sharepoint/">
</Feature>
You could set the feature hidden to avoid accidental feature activations.
Then a stapling mechanism at site collection level to staple the feature to Blog sites by default.
<?xml version="1.0" encoding="utf-8" ?>
<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
<!--BLOG#0-->
<!--Staple FormPagesLockDownReleaseReceiver to Blog sites -->
<FeatureSiteTemplateAssociation
Id="6189C7B4-6FDC-4BAA-95FD-03DD318031E5"
TemplateName="BLOG#0" />
</Elements>
<Feature
Id="{7DF309A4-7E3B-488A-9D2A-F3B88D656465}"
Title="Blog Anonymous Enabling Stapler"
Description="Staples Anonymous Access to Created Blog Sites"
Version="1.0.0.0"
Scope="Site"
xmlns="http://schemas.microsoft.com/sharepoint/"
ActivateOnDefault="FALSE">
<ElementManifests>
<ElementManifest Location="Stapling.xml" />
</ElementManifests>
</Feature>
Voila, you have a mechanism to allow viewing form pages only in blog sites when you activate the stapler feature at site collection level. Of course, if you want, you could even set the needed permissions at list level in the Blog site, I suppose, but that’s not what we’ve done here.
Popularity: 4% [?]
Albany tow truck. Our Dispatch center will communicate with you once our assistance is on site and at the end of the call to confirm that the job is complete and that you are completely satisfied with our service and professionalism.
Thanks for the information. Keep up the great work.
Trans utvecklades speciellt för transpersoner och är en av de mest intressanta dejtingsidorna för transsexuella på internet. Många transpersoner anser att det är den bästa dejtingsajten för transpersoner. På den här webbplatsen kan du hitta alla typer av transsexuella partners för engagemang, relation, vänskap, kärlek eller till och med äktenskap.
Reife Frauen ist eine der beliebtesten Seiten der BDSM-Community, und das aus gutem Grund: Sie bietet eine Reihe nützlicher Funktionen, darunter das Hochladen von Fotos und Videos, und sie verfügt über eine massive Nutzerbasis, die fast eine Million Veranstaltungen weltweit beherbergt.
Interesting content, keep us posted.
equipment transport Vienna VA is a company providing equipment transport services in Vienna, Virginia.
Sex Düsseldorf Früher waren die Menschen etwas überrascht, wenn sie sich auf Online-Dating einließen, aber heute ist das überhaupt nicht mehr ungewöhnlich. Immer mehr Menschen finden es einfach, über das Internet nach einem Sexpartner zu suchen.
Vienna Equipment Transport is a company providing equipment transport services in Vienna, Virginia.
West Palm Beach Towing Service have been working hard to establish our brand within the lower Florida area.
Here at Bel Air Tow Truck, we strive to provide a great towing experience, and we do not settle for less.
Delray Beach Tow Truck is always willing to come to your rescue by providing prompt and efficient towing services.
Durham Tow Truck is the leading source of towing and vehicle recovery services in the fine city of Durham, NC.
For the team at Fayetteville Tow Truck, it all comes down to providing the best towing services possible to our clients. Since we were founded,
Kansas City Towing Service is a towing company operating out of Kansas City, Missouri. The company has been around for some time now, providing towing services to residents in all parts of this city in the Mid-West.
At Kettering Towing Service we are a people first business. We know that we work with your car and all of that, but in reality, our priority is to get people out of those tight spots that can be dangerous on the road.
At Blue Springs Tow Truck, we put the comfort of our clients first. In a bid to make our superior towing service available to the whole of Missouri, we decided to have our tow trucks around the state. Therefore, you can call us if you’re anywhere around Blue Springs, MO, Independence, MO, Sugar Creek, MO, Lee’s Summit, MO, and Buckner, MO.
Greensboro Tow Truck aims to be your one-stop shop for all of your towing, roadside assistance, and automotive emergencies.
The team at Raleigh Tow Truck is our pride and joy, and without them, our company would be a mere shadow of what we have developed. From our established fleet, great drivers and even our dispatchers, the team at Raleigh Tow Truck is the true definition of a professional towing service.
Independence Towing Service has been around for some time now and has a number of professionally trained personnel who are always willing to go out of their way to help customers with stalled vehicles.
At Kansas City Tow Truck we offer the best towing services. You can hire our tow truck at any given time and we will respond fast to offer you the best services.
AO Huren ist а einzigartige Dating-Website, die auf die Bedürfnisse der verschiedenen Menschen bietet. Benutzer wie dieser Service wegen der detaillierten Matchmaking-Algorithmus, der genaue Übereinstimmungen in der Nähe bietet Sie sind garantiert, um ein Datum zu finden, wenn Sie seine Funktionen angemessen zu nutzen.
The team at Savannah Tow Truck has been working hard to ensure our clients enjoy quality towing services.
Sugar Creek Tow Truck is a very big city with different drivers and cars. Every now and then, Sugar Creek Tow Truck receives calls for various roadside assistance, and we always make sure we respond and send our tow trucks to the location of the caller in a swift manner.
Raytown Tow Truck offers the best towing service in Raytown, MO, and in the entire state. We also have enough tow trucks and service stations to go round.
Charlotte Towing Service is a company dedicated to bringing you the best towing experience in the city, and to always being a company that can be relied upon even in the most stressful of situations.
The drivers at Winston-Salem Tow Truck are some of the best in the city. When we were first founded, the team at Winston-Salem Tow Truck was hand-picked.
The team at Charleston Towing Service is here for you. We have been providing towing services to any vehicle for years and are proud to offer our services to everyone from fleet truckers to regular joes.
Sextreffen ermöglicht es Ihnen, sexy erwachsene Nutzer zu suchen und zu finden, die Ihre geheimen Wünsche teilen. Die Seite bietet den Mitgliedern auch Swing, Bondage, Fetische, Dominanz, Unterwerfung und vieles mehr.
Coconut Creek Tow Truck is the answer to all your towing and roadside emergencies. Emergencies are never planned for, and they can end your day prematurely.
TS Escort is also very diverse as you can find transsexuals of all ages and interests on the site. The platform is mostly considered a paradise for heterosexual men, as many transsexuals are looking for intimate relationships or a fuck partner.
This is very helpful information… drywall hole repair grand prairie texas
Sex Basel è per tutti coloro che sono alla ricerca di sesso maturo nella zona.
If you are looking for casual chat contacts in France you must to visit transexuelle lyon
This is new to me. Thanks for sharing!
Can you provide a guide how to send an email alert notification
thank you so much for sharing us about ViewFormPagesLockDown
So why not just take the solution from where it is and develop a web scoped feature which does the exactly same thing to the blog site but not to all webs in the site collection because that’s not what we want.