If you have worked with Sharepoint 2003 development, you probably already familiar with this problem. The site is accessible only by the Administrator – but not ordinary users (visitors). If ordinary users try to access, then he redrected to Access Denied page.
In all version, this can be caused by improper access exception handling in one of installed web part in web page. For example, web part that access special property for previledge users (say, Groups property in SPUsers, etc). In WSS 3.0 / MOSS 2007, I have found at least two more reason that prevents visitor from accessing the site.
- Un-published / un-approved web page component
WSS 3.0 is using master page, page layout and content page to define the whole page outlook. So, a web part page is actually composed by those three components.
WSS 3.0 also combine the concept of simple web publishing, where any changes to the page component must follow check-in/out, approval and publishing process. So, changing web page (add or remove web part, content etc) won’t be reflected – unless you publish it.
Since a web part page composed by three components, then web publishing procedure also applicable to the other page component. Thus for instance, if you forget to publish a master page then all web part page which use that master page will become inaccessible – except for current editor. In this condition, even the site owner won’t be able to access it.
- Improper sub folder permissions
WSS 3.0 has redefined how the factory handle web request. Its now implemented as HTTP Module – so no more “Managed” – “Unmanaged” path anymore.
This in fact bring greater flexibility for the developer to put their own supporting files – such as custom style; controls; script folder. However, inappropriate NTFS security for those folder could also prevent users from accessing web part pages.
Usually, you must allow read NTFS permission to everyone – before the web part page become accessible again.