Whenever dealing with a public facing web site in SharePoint, my typical approach is to first set up the application using Windows authentication only, and then extend the application to an internet zone that would use the public URL, and allow anonymous authentication. Once I make the requisite site collection changes necessary for anonymous access, I actually go and remove NT Authentication from the Internet zone. This has benefits from both a security and testing standpoint.
This always worked like a charm in SharePoint 2007, but with SharePoint 2010, there’s a slight change in behaviour that affects search results. Typically, you will index the default zone URL, and when results are shown, they are translated into the correct zone’s URL. They are also security trimmed according to your credentials.
When I first started doing this with 2010 however, I observed that public (anonymous) users would get no search results whatsoever. A quick scan of the resources out there turn up a number of articles related to this behaviour such as this one, that indicate a change in the search visibility settings are in order. However, this didn’t seem to help my situation, and I suspect that that approach is pertinent to Team sites, not publishing sites.
A little more experimenting revealed the answer. As it turns out, it was my approach that was messing me up. It appears that anonymous visibility is now stored in the index as the content is indexed, instead of when the results are being rendered. Because the application that the indexer is reading from didn’t allow anonymous access, it assumed that the content wasn’t available to anonymous users generally.
The fix for this is simply to turn on anonymous access for your internal zone. This is actually a bit of a pain for internal users because they will not automatically be logged in to the site when they access it, but there are ways around that. Once anonymous access is enabled, all that you need to do is to run a full crawl on your content source, and you’re off to the races.
Hope this helps someone.