In a SharePoint project we’ve enable to anonymous users to create new elements in a list. This requiere to allow public access to the list forms, but as you will guess this is an important hole in the SharePoint security, so what we can do?
In our case we have used the control SPSecurityTrimmedCOntrol, so we modified the form pages where the webpart in cuestion were used. The code used is similar to the following:
<SharePoint:SPSecurityTrimmedControl runat="server" AuthenticationRestrictions="AuthenticatedUsersOnly">
<WebPartPages:WebPartZone>"Your WEbParts zone"</WebPartPages:WebPartZone></SharePoint:SPSecurityTrimmedControl><SharePoint:SPSecurityTrimmedControl runat="server" AuthenticationRestrictions="AnonymousUsersOnly"><div class="alert alert-danger" role="alert"><strong>ERROR: </strong>Accesodenegado</div></SharePoint:SPSecurityTrimmedControl>By using this procedure it is necessary to repeat it in all the aspx that you have in the form, including the forms that correspond to personalised view. For example, in our case we had a personalized webpart to the new elements, so we needed to insert the code in this new webpart.
As a result to implement this code, when a anonymous user try to access to any page in the administration list, receive the following error:
In this case, it is possible to personalise the style of the message. In our case we were using Bootstrap, if you need the CSS code, here we go:
.alert-danger {color: #a94442;background-color: #f2dede;border-color: #ebccd1;}.alert {padding: 15px;margin-bottom: 20px;border: 1px solid transparent;border-radius: 4px;}Hope it helps!
Albandrod's Memory 