PROBLEM
You have a SharePoint Publishing site with anonymous access enabled. Users are able to get to most of the pages and document libraries that you have exposed via anonymous access, but you have one or more lists which stubbornly prompt the user to login.
This problem also commonly occurs on anonymous access Blog sites living under a Publishing site where users are prompted to login to post comments. That is because comments are stored in a SharePoint list and this problem is related to SharePoint lists exposed to anonymous users.
SOLUTION
Many solutions to this problem suggest disabling the Site Collection feature ViewFormPagesLockdown as this is enabled by default on Publishing sites. This is a bad idea as it exposes various pages such as /layouts/viewlsts.aspx, more commonly known as Site Contents, that you do not want to give anonymous users access to. ViewFormPagesLockdown on an anonymous site is a good thing, but it does cause us grief with lists we want to expose anonymously.
I have created a PowerShell script below that enables anonymous access on a list living under a publishing site without having to resort to disabling the ViewFormPagesLockdown feature.
#################################################################################################### # # Author.......: Khalid Ansari # Date.........: 17 Jan 2014 # Description..: Allow anonymous access to a list in a publishing site # For details of the problem this script solves go to http://wp.me/p3Cf9P-aL # Parameters...: [Required] SiteUrl = Url of site (not site collection, unless they are the same) # [Required] ListDisplayName = Display name of list # #################################################################################################### param( [parameter(Mandatory=$true)] [string] $SiteUrl , [parameter(Mandatory=$true)] [string] $ListDisplayName ) $spAssignment = Start-SPAssignment $web = Get-SPWeb $SiteUrl -ErrorAction Stop Write-Host -f Green "Found site $($web.Title)" $list = $web.Lists[$ListDisplayName] if ($list) { Write-Host -f Green "Found list $($list.Title)" $list.BreakRoleInheritance($true, $false) $list.AllowEveryoneViewItems = $true Write-Host -f Yellow "Existing permissions: $($list.AnonymousPermMask64)" $list.AnonymousPermMask64 = "ViewPages, OpenItems, ViewVersions, Open, UseClientIntegration, ViewFormPages, ViewListItems"; $list.Update(); Write-Host -f Yellow "Updated permissions.: $($list.AnonymousPermMask64)" Write-Host -f Green "Anonymous access enabled on list" } else { Write-Host -f Red "List $($ListDisplayName) not found" } $web.Dispose() Write-Host Write-Host "Script Completed" Stop-SPAssignment $spAssignment
Running the script above results in output similar to that shown below:
Note that in order to enable these permissions it is necessary for the script to break permission inheritance on the list. After running the above script your list should be accessible anonymously and you didn’t have to disable the ViewFormPagesLockdown feature.