locked
Pages List returns 401 RRS feed

  • Question

  • Hello world..

    I have an anymous accesible SharePoint 2007 publishing portal. The authentication provider is set to NT authentication. When i try to access an url which shows directly on the pages library i get a 401, requesting username/pwd.

    F.ex

    http://www.domain.tld/site1/site2/pages returns 401

    http://www.domain.tld/site1/site2/ redirects correctly to the welcome page of this site

    In the "frontend" the issue is not as critical, because the navigation always points to the page in the library.

    The problem is on the search results. In the search results there are plenty of link which points to the pages library

    http://www.domain.tld/site1/site2/pages and so, the user get's a 401 by clicking on the link.

    the welcome page of these pages libraries is not included in the search resulsts.

    The search is configured to do a Websearch

    Any ideas? hints?

    TIA

    patrick

     

    Tuesday, November 23, 2010 10:31 AM

Answers

  • With anonymous access configured, a non authenticated user can access and get to any pages (not individually secured) in the Pages library.  If however you try and browse to http://www.domain/tld/site1/site2/pages you will find that SharePoint tries to redirect the browser to the "/Forms/AllPages.aspx" page of the library.  This is a management page that lists all the available pages which is why the user is prompted for credentials.

    If your search results contains links to the /pages location directly, I would suggest removing /pages itself from the search result sets.  That way users won't be able to accidentally click it and if someone intentionally tries to navigate to it, they either have credentials to enter or don't belong there in the first place. :-)

     


    I trust that answers your question...

    Thanks
    C

    http://www.cjvandyk.com/blog
    • Proposed as answer by sadomovalexMVP Tuesday, November 23, 2010 2:06 PM
    • Marked as answer by Mike Walsh FIN Tuesday, November 23, 2010 2:07 PM
    Tuesday, November 23, 2010 1:36 PM
    Answerer

All replies

  • With anonymous access configured, a non authenticated user can access and get to any pages (not individually secured) in the Pages library.  If however you try and browse to http://www.domain/tld/site1/site2/pages you will find that SharePoint tries to redirect the browser to the "/Forms/AllPages.aspx" page of the library.  This is a management page that lists all the available pages which is why the user is prompted for credentials.

    If your search results contains links to the /pages location directly, I would suggest removing /pages itself from the search result sets.  That way users won't be able to accidentally click it and if someone intentionally tries to navigate to it, they either have credentials to enter or don't belong there in the first place. :-)

     


    I trust that answers your question...

    Thanks
    C

    http://www.cjvandyk.com/blog
    • Proposed as answer by sadomovalexMVP Tuesday, November 23, 2010 2:06 PM
    • Marked as answer by Mike Walsh FIN Tuesday, November 23, 2010 2:07 PM
    Tuesday, November 23, 2010 1:36 PM
    Answerer
  •  

    hmmm..

    Thanks for you answer

    The workaround with the replacement of "/pages/" is a possible solution

    But i want to know technically, why does this happens only with the given configuration. I have other Websites where the don't have this issue, and these websites work with FBA.

    Why does a FBA based website not redirects the request to Forms/AllPages.aspx ?

    regards

    patrick

    Wednesday, November 24, 2010 7:29 AM