The Microsoft.SharePoint.SPSecurity.RunWithElevatedPrivileges method enables you to supply a delegate that runs a subset of code in the context of an account with higher privileges than the current user.
Using SharePoint context with an unauthenticated user does not actually elevate privileges:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
// do something with SPContext.Current.Web
// fails with a HandleAccessDenied Exception
// because SPContext is loaded with the site,
// not within this delegate block.
});So to get actual elevated privileges, you have to reload the context:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(this.Page.Request.Url.ToString()))
{
using (SPWeb thisWeb = site.OpenWeb())
{
// do something with thisWeb
}
}
});See here for a better explanation: http://www.danlarson.com/spsecurity-runwithelevatedpriveleges/