Creating a SharePoint Application Page for Anonymous Access


From time to time, you may need to create a few SharePoint application pages for anonymous users. Like log on page, the page to recover or reset passwords, a page to guide through the registration processes, etc. Besides to set up you SharePoint site to allow anonymous access, the key here is that you cannot use the default LayoutsPageBase base class for your page because it would trigger SharePoint to prompt anonymous users to log on.


Instead, you need to use another base class for your anonymous application page called UnsecuredLayoutsPageBase. You can find its MSDN reference at: http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.unsecuredlayoutspagebase.aspx


Your page class would look like this:


public partial class ApplicationPage1 : UnsecuredLayoutsPageBase
{
    protected void Page_Load(object sender, EventArgs e)
    {
    }
}


Zewei Song, Ph.D.


MCPD, MCTS: .NET 3.5, MOSS AppDev, Configuration


Enterprise Services, Microsoft Corporation 

Comments (20)

  1. Gary says:

    Thanks, Zewei.

    Should the .aspx.cs file be deployed to GAC with a SN?

    Gary

  2. Dr. Z says:

    Yes, it should be compiled with a strong name and deployed to GAC on all web servers.

  3. Kevin Chen says:

    Zewei,

    have not seen you  for a long time.. Hope all is well.

    I happened to have to do this today and here is your post. However, it did not work after I changed the base class. After some additional researches, I found that the UnsecuredLayoutsPageBase class has a property called AllowAnonymousAccess (msdn.microsoft.com/…/microsoft.sharepoint.webcontrols.unsecuredlayoutspagebase.allowanonymousaccess.aspx). The default implementation of this method returns false therefore I need to override this property to return true.

    The code would look something like this:

    protected override bool AllowAnonymousAccess

    {

       get

       {

           return true;

       }

    }

    After adding this code to the class, everything works.

    Kevin

  4. Shawn Russell says:

    Thank you for this post! Works like a charm with Kven Chen's mention on over riding the AllowAnonymousAccess field.

  5. Siva says:

    It works like a charm Kevin

    Thanks a bunch

  6. Ritesh says:

    Hi,

    I have a web application with FBA configured.

    I was required to create a page for forget password.

    Hence, I created a empty share point project and created an application page.

    and my class looks like this:

    namespace ContactUS.Layouts.ContactUS

    {

       public partial class ContactUs : UnsecuredLayoutsPageBase

       {

           protected void Page_Load(object sender, EventArgs e)

           {

           }

           protected void btnSubmit_Click(object sender, EventArgs e)

           {

               SmtpClient client = new SmtpClient("mail.jktech.com", 25);

               MailMessage msg = new MailMessage(txtFrom.Text, txtTo.Text, txtSubject.Text, txtBody.Text);

               client.Send(msg);

           }

           protected void btnCancel_Click(object sender, EventArgs e)

           {

               Response.Redirect(SPContext.Current.Web.Url);

           }

           protected override bool AllowAnonymousAccess

           {

               get

               {

                   return true;

               }

           }

       }

    }

    I enabled anonymous authentication for my web application as well.

    also I made entry in my Web.config file :

    <location path="_layouts/ContactUS/ContactUs.aspx">

       <system.web>

         <authorization>

           <allow users="?" />

         </authorization>

       </system.web>

     </location>

    But, still When I try to open this page I am redirected to the sign in page,

    also if I enter the credentials and log in, I get 403 forbidden error.

    Plz, any Help/guidance would be very great as I am stucked in this issue for last one month.

  7. Manar says:

    Still asking for login credentials……

    Any help please…

    Thank you,

    Manar

  8. Dilip Nikam says:

    Its is Necessary to enable anonymous access for the Site ?

  9. Chris says:

    @Ritesh and @Manar, are any images and masterpages that you reference from your page published?  IF they aren't you'll be prompted for credentials.

  10. Diana says:

    Inheriting UnsecuredLayoutsPageBase AND overriding AllowAnonymousAccess works wonderfully! Thanks so much!

  11. Mateusz says:

    @Manar, make sure you don't use DynamicMasterPageFile="~/masterurl/default.maste"

    change it to MasterPageFile="~/_layouts/simple.master

  12. Usman Afzal says:

    Hi there,

    Good article, and comments both helped me to have unsecured Application Page.

    I created an Application Page, inheriting from UnsecuredPagebaseLayout and then refer to

    MasterPageFile="~/_layouts/simple.master" by setting the AllowAnonymousAccess property to true.

    It works as expected and I got my Application Page Without Login in. BUT

    What If I need use the same Master Page as for whole webApplication ?

    My requirement is to show HomePage with some Info to users(unauthenticated), and then allow users to signIn from a link. I need to use my Custome Master page.

    Please help, I need to fix this on urgent basis, thanks in Advance.

  13. Ram says:

    hi,

    its working fine..but how to set the access without changing the masterpage

    thanks

    ram

  14. Andrew M says:

    Perfect, just what I was looking for. My thanks.

  15. Fabian K says:

    Thank you for this information, it helped me alot 🙂

    Great thanks!

  16. Vignesh says:

    I did this and I am not prompted. However, the page displayed in the browser shows the error icon panel. Is there something else I need to do get the page to display normally?

  17. Vignesh says:

    I did this and I am not prompted. However, the page displayed in the browser shows the error icon panel. Is there something else I need to do get the page to display normally?

    regards,

    Vignesh

  18. Prateek says:

    I have replaced Layouts with Unsecured and also added AllowAnonymous  in aspx.cs file. It still doesn't works.

    Here is my code.

    public partial class EditSupplierInformation : UnsecuredLayoutsPageBase

       {

           protected void Page_Load(object sender, EventArgs e)

           {

           }

           protected override bool AllowAnonymousAccess

           {

               get

               {

                   return true;

               }

           }

       }

    Any help.

  19. Shrikant Gavade says:

    Hello,

    I enabled anonymous access on site and i want to know if user is accessing application page " [_layout page] " from outside domain.

    I don't want login prompt for anonymous user for application pages,how to solve it.

    waiting for your reply..

  20. CMHWorks says:

    Awesome. Works on 2013 as well. Thanks for the post.

Skip to main content