Nick Hadlee's Blog on SharePoint and Other Occasional Rants…


Anonymous Access, Windows Authentication and ‘Forcing’ an Automatic Sign In
July 7, 2009, 10:35 pm
Filed under: Authentication, SharePoint

If for what ever reason (read disclaimer at end) you need anonymous access enabled on a SharePoint site that is using windows authentication, you will notice that even as an authorised user you are not signed in automatically. The anonymous ‘experience’ will always take precedence over the users credentials [1]. This is the way the HTTP protocol works so IIS and SharePoint are off the hook for this issue.

If you do want to be a recognised user then you will  need to click on the ‘Sign In’ link at the top of the site. Depending on your browser security settings you will either be signed in automatically or prompted for credentials. 

Solution

This is less of a solution and more of a work around but it will achieve the desired result. To force an auto-sign in under SharePoint you need a page that has unique permissionsto force the challenge/response for credentials. This can then be provided to the authenticated users as the ‘authenticated’ homepage url.

There are a few limitions with this method:

  • Anonymous users will not be able to access this page
  • To be more useful the page will probably need some redirection, i.e. To pass the user back to a global home page, and this provides its own set of challenges
  • Unless the authenticated user hit this page first, i.e. They follow direct links to somewhere else in the site, they will not be signed in 

Disclaimer: This was a work around to an issue I recently had to face because anonymous users and authenticated users needed to access SharePoint via the same url. There are much better ways to provide multiple authentication methods which are recommended as the preferred option.

References: [1] To be completely safe I confirmed this behavior is expected with Paul Stork at his ‘Anonymous Access: Everything you always wanted to know, but didn’t know to ask’ session while at the New Zealand SharePoint Conference.

Advertisements

1 Comment so far
Leave a comment

[…] Anonymous Access, Windows Authentication and ‘Forcing’ an Automatic Sign In […]

Pingback by Search Service, Anonymous Access and 401s « Nick Hadlee's Blog on SharePoint, web stuff, development and other unrelated drivle…




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s



%d bloggers like this: