Started: 6/18/2008 1:41 PM | |  | |
|
| Hiding files from the _layouts directory For example:
It is technically fine that a user can get to that page, but I would like to prevent the users of my Intranet from getting there.
I probably cannot change the system.master easily, and short of making my own custom navigation, what other methods are out there for keeping the users with the confines of the master page I created? |
|
Posted: 6/19/2008 7:46 AM | | | |
|
| Couple of options --
1) use stsadm and activate page lockdown feature
2) ASP.NET web.config change for the site collection
You can use ASP.NET's authorization functionality to deny anonymous users access to pages. Adding entries like the following to the web.config file (next to the other <location > entries) will deny access for anonymous users:
<location path="_layouts/viewlsts.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
This approach can be used to restrict anonymous user access to only those pages that you want them to access.
You would also need to copy the web.config file change across all front-end servers in a farm scenario.
-- Tony
Sr. SharePoint Developer, Aivea - Beaverton, OR
http://www.aivea.com/sharepoint-training.htm |
|
Posted: 6/19/2008 7:54 AM | | | |
|
| btw, you can specify the type of user's you want to deny acccess here... <deny users="?" />
|
|
Posted: 6/19/2008 8:53 AM | | | |
|
| Excellent. Thank you.
We have the unfortunate scenario as of this moment that Share Point Designer is the only interface beyond the web UI I can use. But this info will help me make the case for a proper VPC dev environment.
For now I can get an admin to set this up for me.
I know I don't want to, but could the path be specified as "_layouts" instead of the specific files?
Do the permissions work like windows, where a deny overrules an allow? |
|
Posted: 6/20/2008 9:52 AM | | | |
|
| You can use VS 2008/VS 2005. At Aivea, we use SPD for very minimal design or layout work. We use VS 2008 for most all SharePoint 2007 development.
you could do "_layouts/*.aspx" for examples, yes.
If there is enough interest in the Portland SharePoing group, I'm fine with doing a 1 hour brown bag about VS 2008 based SharePoint 2007 development at our office in Beaverton.
-- Tony
|
|
Posted: 9/30/2008 9:42 AM | | | |
|
| To lock down your SharePoint 2007 application pages, issue the stsadm command as follows:
stsadm -o activatefeature -url -filename ViewFormPagesLockDown\feature.xml
This can be reversed (unlocked) by issuing the following command:
stsadm -o deactivatefeature -url -filename ViewFormPagesLockDown\feature.xml
Note: By default, this SharePoint 2007 feature is deactivated, unless the site was created using the “Publishing Site” template. Additionally, if you have anonymous access enabled prior to activating this feature, you need to disable anonymous access and then re-enable anonymous access again.
Another similar capability is available for removing people picker AD lookups.
stsadm -o setproperty peoplepicker-nowindowsaccountsfornonwindowsauthenticationmode
|
|
Posted: 11/2/2008 1:17 AM | | | |
|
| Wondering if this was tried out?
|
|
Posted: 10/21/2009 10:27 AM | | | |
|
| Awesome. This worked for us. By the way, there are two mechanisms for disabling anonymous, through Central Admin and through the Site Collection, Site Settings, "User and Permissions" area. We found for us that it was only necessary to disable and re-enable at the "User Permissions" area and we didn't need to go into Central Admin. See my post for more info.
Talbott Crowell
SharePoint Architect |
|
Posted: 10/21/2009 10:29 AM | | | |
|
| Awesome. This worked for us. By the way, there are two mechanisms for disabling anonymous, through Central Admin and through the Site Collection, Site Settings, "User and Permissions" area. We found for us that it was only necessary to disable and re-enable at the "User Permissions" area and we didn't need to go into Central Admin. See my post for more info on my blog at http://talbottc.spaces.live.com
Talbott Crowell
SharePoint Architect |
|