The SPSecurityTrimmedControl control in SharePoint is incomplete and buggy.Information about the bugs in this control are not provided by MSDN either.
In this post, I will try to explain the bug in the SPSecurityTrimmedControl and a solution to get over it.
The SPSecurityTrimmedControl allows us to display/hide the content using a few different criteria, like authentication (for anonymous/authenticated users only), page mode (page in display or edit mode) or current user’s permissions.
So what's wrong?
The control doesn’t work the way you would expect it.It does a good job with displaying content based on permissions but fails to conditionally display content based on authentication(anonymous/authenticated users).
That means using this control, you can hide an element from users who do not have the appropriate permissions.Srini Sistla has a good post explaining all the available permissions here
This control also has the so called ability to show/hide content based on authentication(anonymous/authenticated users).
You would need to use the property "AuthenticationRestrictions" which can take any of these values:
<SharePoint:SPSecurityTrimmedControl runat="server" id="stc" AuthenticationRestrictions="AnonymousUsersOnly"> <p>User is not logged in</p></SharePoint:SPSecurityTrimmedControl>
In case if you try to use this control in the above manner, it wont give you the desired results.
Examine the below screen shots and you understand it better.
Test 1: Tried with "AnonymousUsersOnly"
I tried to access the page as an anonymous user and below is the output. So test failed
Test 2: Tried with "AuthenticatedUsersOnly"
I tried to access the page as an authenticated user and below is the output. So test passed
- AnonymousTemplate - Controls to show to anonymous users only
- LoggedInTemplate - Controls to show to authenticated users only
Test 3: Tried both AnonymousTemplate & LoggedInTemplate
I tried to access the page as an authenticated user and below is the output. Test passed