Anonymous access to a SharePoint site root

Question

I have configured anonymous access on a SharePoint site for "Lists and Libraries". I then enable anonymous access to the individual lists/libraries as per my requirements.

This works great, but I cannot access the root site URL where I expect to be redirected to the welcome page:

1. Access to http://servername fails with Access Denied
2. Access to http://servername/Pages/Default.aspx succeeds

If I set the web permissions to "Entire Web Site", I can access the root URL, but I don't want to do this.

I am provisioning my site with a site definition and modifying the site through the object model during feature activation e.g.

web.AnonymousPermMask64 = SPBasePermissions.Open;
web.AnonymousState = SPWeb.WebAnonymousState.Enabled;
web.Update();

... this is the code I'm already using with success.

Does anyone know how to allow anonymous access to http://servername?

Answer 1

You need to enable Anonymous access on the Pages library so that you have access to the default.aspx page.

Answer 2

It turns out you need to grant the following permission mask on the web object:

web.AnonymousState = SPWeb.WebAnonymousState.Enabled;
web.AnonymousPermMask64 = SPBasePermissions.Open | SPBasePermissions.ViewPages;    
web.Update();

Simple really! Anonymous users can now navigate to http://servername and get redirected to the welcome page.

Note: the order of these two properties being set is important. Setting the AnonymousState property to Enabled, sets the permission mask to SPBasePermissions.Open only. This would remove the SPBasePermissions.ViewPages flag if you switched the order of the two properties as shown above.