Facepalm of the Week: UnsecuredLayoutsPageBase

Someday, you may find yourself building a public-facing web site using SharePoint. Odds are pretty strong that when that day comes you are going to be creating at least one or two custom Application Pages which anonymous visitors must be able to access. You may already know that one way to achieve this is to have your custom page inherit from the aptly named UnsecuredLayoutsPageBase class.

What you may not know is that even when christened with a name like that, anonymous access for this type’s descendants doesn’t just work out of the box. If that were the case, I would have had a solid chunk of yesterday back to do the real work, we wouldn’t be having this little chat right now.

For some exotic purpose currently unbeknownst to this humble blogger, there are a pair of Boolean properties on this class that you have to override to always return true if you wish for the unwashed masses to gain an audience with your special page. They are AllowAnonymousAccess and AllowNullWeb:

protected override bool AllowAnonymousAccess
    get { return true; }
protected override bool AllowNullWeb 
    get { return true; } 

Provided you haven’t gummed up the works in some other obnoxiously subtle way, this little snippet should save the day for your pages that wish to service the unauthenticated.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s