Blog Site in Anonymous Use

December 22 2010 69 comments

Anonymous user cannot enter a blog entry in a SharePoint site if ViewFormPagesLockDown feature is active at site collection level and ViewFormPagesLockDown feature is active if site collection is based on publishing portal. After googling we came accross plenty of resources considering this matter:

We didn’t want use the solutions suggested in the links above. To disable the ViewFormPagesLockDown “…leaves you wide open from a security perspective…”. To have our blog site in another site collection. Well that’s just not what we want to do to solve this tiny little thing with permissions.

Me and Aapo dug with reflector into ViewFormPagesLockDown feature and found out what the feature receiver does.

The highlighted sections of the feature receiver show what happens to Guest’s permissions at rootweb level when you disable ViewFormPagesLockDown site collection level feature.

So why not just take the solution from where it is and develop a web scoped feature which does the exactly same thing to the blog site but not to all webs in the site collection because that’s not what we want.

Develop a feature receiver as follows:

using System;
using Microsoft.SharePoint;

namespace My.Assembly
    public class FormPagesLockDownReleaseReceiver : SPFeatureReceiver
        public override void FeatureActivated(SPFeatureReceiverProperties
            using (var web = (SPWeb)properties.Feature.Parent)
                var anonymousState = web.AnonymousState;
                // continue only if anonymous use is enabled
                if (anonymousState == SPWeb.WebAnonymousState.Disabled)
                web.AllowUnsafeUpdates = true;
                 // break inheritance to set permissions per site
                web.RoleDefinitions.BreakInheritance(true, true);
                // permission granting from LockDownViewFormPages
                var byType = web.RoleDefinitions.GetByType(SPRoleType.Guest);
                byType.BasePermissions |= SPBasePermissions.EmptyMask |
                byType.BasePermissions |= SPBasePermissions.UseRemoteAPIs;
                // reset the anonymous state programmatically
                web.AnonymousState = SPWeb.WebAnonymousState.Disabled;
                web.AnonymousState = anonymousState;
                web.AllowUnsafeUpdates = false;

Resetting the anonymous state is just a thing you would have to do from UI when you toggle permissions. Lockdown Mode in SharePoint 2010: “If anonymous is already setup, you may need to disable\re-enable anonymous on the site.”

Then a web scoped feature that consumes the receiver:

<?xml version="1.0" encoding="utf-8" ?>
  Title="Blog Anonymous Access Staplee"
  Description="Enables Anonymous Access to Blog Entries"


You could set the feature hidden to avoid accidental feature activations.

Then a stapling mechanism at site collection level to staple the feature to Blog sites by default.


<?xml version="1.0" encoding="utf-8" ?>
<Elements xmlns="">
      <!--Staple FormPagesLockDownReleaseReceiver to Blog sites -->
    TemplateName="BLOG#0" />
<?xml version="1.0" encoding="utf-8" ?>
    Title="Blog Anonymous Enabling Stapler"
    Description="Staples Anonymous Access to Created Blog Sites"
        <ElementManifest Location="Stapling.xml" />

Voila, you have a mechanism to allow viewing form pages only in blog sites when you activate the stapler feature at site collection level. Of course, if you want, you could even set the needed permissions at list level in the Blog site, I suppose, but that’s not what we’ve done here.

Popularity: 4% [?]

69 comments to “Blog Site in Anonymous Use”

  1. Anne says:

    Great content, excellent! towing service

  2. James A says:

    I went through this website and found it very impressive. Keep sharing. Middle River Tow Truck

  3. Calum S says:

    Well written content. Thank you for sharing. tow truck

  4. Katy says:

    Interesting piece, thanks for sharing! tow truck

  5. Andrew says:

    Well done on this post towing service

  6. Taylor says:

    This is an interesting article. tow truck

  7. mshahid says:

    You might comment on the order system of the blog. You should chat it’s splendid. Your blog audit would be swell up your visitors. I was very pleased to find this site. Scott Dietrich Gainesville VA

  8. Roanoke says:

    You did a great job on this excellent site tow truck

  9. Staunton says:

    I am glad seeing this nice website. towing service

  10. Keep sharing great post, I like them. tow truck

  11. Waynesboro says:

    I personally like your post towing service

  12. Winchester says:

    I’m really impressed with your article tow truck

  13. Kissimmee says:

    Thanks for sharing this! This looks pretty informative! towing service

  14. Orlando says:

    This is an impressive and informative site. Keep it up tow truck

  15. Sanford says:

    Thanks for sharing this! This is very insightful! towing service

  16. Thanks for this information. I appreciate it tow truck

  17. Chesapeake says:

    Content is really nice, it is well written. towing service

  18. Hampton says:

    To me this a is very nice site. tow truck

  19. Glad to see this awesome post here.

Leave a Reply