Feb 21 2019 12:40 AM
I have built a public website via SharePoint 2016 and have enabled anonymous user access to it. But the issue is, if an anonymous user tries to access an admin link a login prompt pops up. How could i only show the login prompt if the request comes only with in an intranet. I have tried many solutions from google results but with no success. Any help would be greatly appreciated.
Feb 21 2019 03:22 AM
Feb 21 2019 04:08 PM
Hi @nawazpa_
What would be the desired effect?
What would you like to happen at the click of one of these links?
Could you please give us an example of a link that generates the authentication popup?
_layouts/15/settings.aspx?
Cheers
Federico
Feb 23 2019 10:15 PM
Yes, you are right. If a user tries Sharepoint admin URL like _layouts and tries to access it, then the login prompt comes. But i don't want the popup to be displayed if a user tries to access the admin URL's from internet. I hope i am clear enough.
Feb 23 2019 10:17 PM
Hi @Fed
Yes exactly , if an anonymous user tries a link like '_layouts/15/settings.aspx?' an authentication popup shows. I need it to be hidden if tried from internet and only want windows authenticated users to access those links. I hope i am clear enough.
Feb 24 2019 02:03 AM
Hi @nawazpa_ perfect :)
You can't prevent to show authentication popup, but you can hide links from masterpage (ie ribbon, settings) or from page layout.
You need to use SPSecurityTrimmedControl class
https://docs.microsoft.com/en-us/previous-versions/office/sharepoint-server/ms476454(v=office.15)
Make a copy of the MasterPage, or modify your current MasterPage, and wrap all parts you need to "hide" to Anonymous users with this snippet
<SharePoint:SpSecurityTrimmedControl runat=”server” AuthenticationResctriction="AuthenticateUsersOnly">
[here there are features you need to show only for Authenticated people]
</SharePoint:SpSecurityTrimmedControl>
You can already put some feature you need only for Anonymous users
<SharePoint:SpSecurityTrimmedControl runat=”server” AuthenticationResctriction="AnonymousUsersOnly ">
[here there are features you need to show only for Authenticated people]
</SharePoint:SpSecurityTrimmedControl>
Cheers,
Federico
Feb 24 2019 06:52 AM
Hi @Federico Porceddu ,
Thanks a lot for your help. These guys (http://dubai.ae/_layouts/15/people.aspx) seem to have done it some how - showing 'unauthorized' page directly without the login prompt. Any idea how they have done it. It would be a great help.
Regards,
Shanavas
Feb 24 2019 07:46 AM
Hi @nawazpa_
welcome :)
In this case, it is a production environement with a publishing site, more likely a cross publishing sites, without needs of authentication for users (es document library, etc).
You need to remove Windows Authentication from authentication providers of your Webapplication, but in this way, you can't access as authenticated user in no case.
Every time you need to modify your site, you must change authentication providers.
Let me know.
Cheers,
Federico