Creating a SharePoint Application Page for Anonymous Access

  • Article

From time to time, you may need to create a few SharePoint application pages for anonymous users. Like log on page, the page to recover or reset passwords, a page to guide through the registration processes, etc. Besides to set up you SharePoint site to allow anonymous access, the key here is that you cannot use the default LayoutsPageBase base class for your page because it would trigger SharePoint to prompt anonymous users to log on.

Instead, you need to use another base class for your anonymous application page called UnsecuredLayoutsPageBase. You can find its MSDN reference at: https://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.unsecuredlayoutspagebase.aspx

Your page class would look like this:

public partial class ApplicationPage1 : UnsecuredLayoutsPageBase
{
protected void Page_Load(object sender, EventArgs e)
{
}
}

Zewei Song, Ph.D.

MCPD, MCTS: .NET 3.5, MOSS AppDev, Configuration

Enterprise Services, Microsoft Corporation

Comments

  • Anonymous
    June 02, 2010
    Thanks, Zewei. Should the .aspx.cs file be deployed to GAC with a SN? Gary

  • Anonymous
    June 08, 2010
    Yes, it should be compiled with a strong name and deployed to GAC on all web servers.

  • Anonymous
    July 29, 2010
    Zewei, have not seen you  for a long time.. Hope all is well. I happened to have to do this today and here is your post. However, it did not work after I changed the base class. After some additional researches, I found that the UnsecuredLayoutsPageBase class has a property called AllowAnonymousAccess (msdn.microsoft.com/.../microsoft.sharepoint.webcontrols.unsecuredlayoutspagebase.allowanonymousaccess.aspx). The default implementation of this method returns false therefore I need to override this property to return true. The code would look something like this: protected override bool AllowAnonymousAccess {    get    {        return true;    } } After adding this code to the class, everything works. Kevin

  • Anonymous
    October 21, 2010
    Thank you for this post! Works like a charm with Kven Chen's mention on over riding the AllowAnonymousAccess field.

  • Anonymous
    November 05, 2010
    It works like a charm Kevin Thanks a bunch

  • Anonymous
    November 08, 2010
    Hi, I have a web application with FBA configured. I was required to create a page for forget password. Hence, I created a empty share point project and created an application page. and my class looks like this: namespace ContactUS.Layouts.ContactUS {    public partial class ContactUs : UnsecuredLayoutsPageBase    {        protected void Page_Load(object sender, EventArgs e)        {        }        protected void btnSubmit_Click(object sender, EventArgs e)        {            SmtpClient client = new SmtpClient("mail.jktech.com", 25);            MailMessage msg = new MailMessage(txtFrom.Text, txtTo.Text, txtSubject.Text, txtBody.Text);            client.Send(msg);        }        protected void btnCancel_Click(object sender, EventArgs e)        {            Response.Redirect(SPContext.Current.Web.Url);        }        protected override bool AllowAnonymousAccess        {            get            {                return true;            }        }    } } I enabled anonymous authentication for my web application as well. also I made entry in my Web.config file : <location path="_layouts/ContactUS/ContactUs.aspx">    <system.web>      <authorization>        <allow users="?" />      </authorization>    </system.web>  </location> But, still When I try to open this page I am redirected to the sign in page, also if I enter the credentials and log in, I get 403 forbidden error. Plz, any Help/guidance would be very great as I am stucked in this issue for last one month.

  • Anonymous
    November 21, 2010
    Still asking for login credentials...... Any help please... Thank you, Manar

  • Anonymous
    November 21, 2010
    Its is Necessary to enable anonymous access for the Site ?

  • Anonymous
    January 06, 2011
    @Ritesh and @Manar, are any images and masterpages that you reference from your page published?  IF they aren't you'll be prompted for credentials.

  • Anonymous
    January 17, 2011
    Inheriting UnsecuredLayoutsPageBase AND overriding AllowAnonymousAccess works wonderfully! Thanks so much!

  • Anonymous
    February 22, 2011
    @Manar, make sure you don't use DynamicMasterPageFile="~/masterurl/default.maste" change it to MasterPageFile="~/_layouts/simple.master

  • Anonymous
    April 11, 2011
    Hi there, Good article, and comments both helped me to have unsecured Application Page. I created an Application Page, inheriting from UnsecuredPagebaseLayout and then refer to MasterPageFile="~/_layouts/simple.master" by setting the AllowAnonymousAccess property to true. It works as expected and I got my Application Page Without Login in. BUT What If I need use the same Master Page as for whole webApplication ? My requirement is to show HomePage with some Info to users(unauthenticated), and then allow users to signIn from a link. I need to use my Custome Master page. Please help, I need to fix this on urgent basis, thanks in Advance.

  • Anonymous
    June 10, 2012
    hi, its working fine..but how to set the access without changing the masterpage thanks ram

  • Anonymous
    June 27, 2012
    Perfect, just what I was looking for. My thanks.

  • Anonymous
    March 06, 2013
    Thank you for this information, it helped me alot :) Great thanks!

  • Anonymous
    September 26, 2013
    I did this and I am not prompted. However, the page displayed in the browser shows the error icon panel. Is there something else I need to do get the page to display normally?

  • Anonymous
    September 26, 2013
    I did this and I am not prompted. However, the page displayed in the browser shows the error icon panel. Is there something else I need to do get the page to display normally? regards, Vignesh

  • Anonymous
    November 05, 2013
    I have replaced Layouts with Unsecured and also added AllowAnonymous  in aspx.cs file. It still doesn't works. Here is my code. public partial class EditSupplierInformation : UnsecuredLayoutsPageBase    {        protected void Page_Load(object sender, EventArgs e)        {        }        protected override bool AllowAnonymousAccess        {            get            {                return true;            }        }    } Any help.

  • Anonymous
    December 11, 2013
    Hello, I enabled anonymous access on site and i want to know if user is accessing application page " [_layout page] " from outside domain. I don't want login prompt for anonymous user for application pages,how to solve it. waiting for your reply..

  • Anonymous
    August 29, 2014
    Awesome. Works on 2013 as well. Thanks for the post.