Easy way to test the ViewFormPagesLockdown - open a browser and hit your anonymous site with:
http://www.yousite.com.au/_layouts/viewlsts.aspx You would be surprised how many Internet facing MOSS sites there are where this is allowed. For example: For example - this Pakistan Government site: http://www.hec.gov.pk Allows you to get to: http://www.hec.gov.pk/_layouts/viewlsts.aspx Which shows you all sorts of un-intended information, author names and dates etc. You don't want that happen to your site. Cheers, James. From: [email protected] [mailto:[email protected]] On Behalf Of Chris Howell Sent: Saturday, 20 November 2010 10:51 AM To: ozMOSS Subject: Re: Help with 401 errors on public site James, Thanks for the response. AFAIK we are using the ViewFormPagesLockDown feature. Some work was done previously with permissions but as I understand it, that only resolved issues for internal staff accessing the site; the problem still remained for external anonymous users. Cheers, Chris From: James Boman <[email protected]<mailto:[email protected]>> Reply-To: ozMOSS <[email protected]<mailto:[email protected]>> Date: Thu, 18 Nov 2010 23:53:57 +0000 To: ozMOSS <[email protected]<mailto:[email protected]>> Subject: RE: Help with 401 errors on public site I know it might not be immediately helpful, but on the topic of 401's in Internet facing sites there is something to be to be aware of that might be contributing to your 401 woes... If you use the ViewFormPagesLockDown feature (as all public facing MOSS sites should) it has security ramifications such that if you break security inheritance at the list or item level, Anonymous Internet users will lose access (regardless of the permissions granted), and be presented with 401 errors. It doesn't matter if you specifically grant access to the items/lists, and toggle the Anonymous setting - Internet users will lose access if the Special Permission level is not inherited. So for Internet sites you must choose between * Enabling the ViewFormPagesLockDown feature and living with web level security only * Not using ViewFormPagesLockDown and having all your system forms available (like View All Site Content) I logged an incident with Microsoft Support - and got the "By Design" resolution. Cheers, James. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Chris Howell Sent: Thursday, 18 November 2010 3:19 PM To: ozMOSS Subject: Help with 401 errors on public site Hi, We have a public facing internet site and we're seeing a lot of 401 errors in Web Trends. The errors are occuring for links such as: http://www.oursiteurl.au/Pages/ We've got a couple of questions that we're looking to resolve so was hoping to get some input from the list. 1. How do we find any links that exist within the site that are linking directly to a /pages/ link as it appears that somehow people are being taken to this from a link but we're not aware of them; all links we can find are to a specific page within the library. 2. How have people implemented work arounds at the /Pages/ level to redirect to the default.aspx page in the library and avoid a 401 error? I've found some sites; the WA one being a very good example (http://www.westernaustralia.com/au/Pages/Welcome_to_Western_Australia.aspx) where this is done. Anyone on the list had any involvement with that site or others and could share info or point to resources? Thanks in advance. Chris _______________________________________________ ozmoss mailing list [email protected]<mailto:[email protected]>http://prdlxvm0001.codify.net/mailman/listinfo/ozmoss
_______________________________________________ ozmoss mailing list [email protected] http://prdlxvm0001.codify.net/mailman/listinfo/ozmoss
