Security tuning for publishing sites

In publishing sites, "Restricted Users" cannot query web services, which is necessary for jQuery.SPItemsRotator plug-in to function properly.
This can be changed easily as described below, but keep in mind that allowing Restricted Users to query web services has an impact on security of the SharePoint server, and on the performance in the client browser.
For this reason, I don't recommand using this plug-in in internet facing sites. Use a DataViewWebPart to retrieve and format data and tune the script to obtain the same result.
For intranet sites however, the simplicity of integration of the plug-in, the average volume of users and the quality of the network makes using this script an logical choice.

How to modify Restricted Readers's permissions to web-services queries
  • Navigate to your SharePoint site
  • In the "Site Settings", click "Advanced Permissions"
  • In the "Settings" menu, click "Permission Levels"
  • Click "Restricted Read" to edit the "Restricted Read" permission level
  • Check the "User Remote Interfaces" permission, and submit.

Users from the Restricted Users group can now view rotating items built wih jQuery.SPItemsRotator.

Last edited Oct 18, 2009 at 8:38 PM by anouvel, version 2


No comments yet.