How to: Enable Shared Personalization of Web Parts Pages

Web Parts personalization is enabled by default, and authenticated users of a Web Parts page are able to personalize pages for themselves without any special configuration. However, individual or user-scoped personalization changes are visible only to the user who made them. If you want to provide a selected user (such as a site manager) or users with the ability to make personalization changes in shared scope so that the changes to a page are visible to all users, you must add a setting to the Web site's configuration file. This topic demonstrates how to update a configuration file to enable a specific user to personalize a Web Parts page in shared scope, so that the changes are visible to all users.

Important noteImportant Note:

Enabling shared personalization creates some potential for security issues. For more information, see Securing Web Parts Pages.

To update the configuration file using a text editor

  1. Navigate to the root directory for your Web site, and open the Web.config file in a text editor. If your site does not already have a Web.config file, you must first create a new configuration file. For more information about configuration files, see Administering ASP.NET Web Sites.

  2. Within the <system.web> section of the configuration file, add an <authorization> section, and within that, add an <allow> element to specify which user or users have access to shared personalization scope. The markup you add should look like the following example markup, except that you should assign a valid local or domain user account, or a group account, to the users attribute. The user or users specified will have the ability to edit a page in shared personalization scope, so that the changes they make will be visible to all users. For more information about the authorization element, see authorization Element (ASP.NET Settings Schema).

    <authorization>
      <allow verbs="enterSharedScope" users="SomeUserAccount" 
        roles="admin"  />
    </authorization>
    
  3. Save and close the Web.config file.

To update the configuration file in IIS Manager

  1. Rather than editing the configuration file directly, if your site is running under Microsoft Internet Information Services (IIS) and if you are an administrator on the computer hosting your site, you can use IIS Manager to update the configuration file. First, you need to start IIS Manager. On the Start menu, click Run.

    Important noteImportant Note:

    You must be logged on as a member of the Administrators group on the local computer to perform the following procedure (or procedures), or you must have been delegated the appropriate authority.

  2. In the Open box, type inetmgr and click OK.

  3. In IIS Manager, expand the local computer node, expand the Web Sites node, and select your site.

  4. Right-click and select Properties, and then click the ASP.NET Configuration tab.

  5. Click the Edit Configuration button, and then click the Authorization tab.

  6. Click the Add button to add a new local authorization rule.

  7. Select Allow for the rule type.

  8. Select Specific Verbs in the Verbs section, and type enterSharedScope in the text box.

  9. In the Users and Roles section, select Users, and then type the name of a user account in the text box.

    Important noteImportant Note:

    This could be a local user account, a user group, or a domain account, which would require you to enter it in the form domain\user.

  10. Select the Roles check box, and then type admin in the text box.

  11. Click OK to close each of the three consecutive windows, and close IIS Manager.

  12. Open the Web.config file in the root directory of your Web site. In the <system.web> section of the file, there should now be an entry to enable the user you specified to enter shared personalization scope. When the user or users specified in the users attribute access a page that enables editing of Web Parts controls, they will have the option to enter into shared personalization scope and make changes that will be visible to all users. The entry in Web.config should look similar to the following code.

    <authorization>
      <allow verbs="enterSharedScope" users="SomeUserAccount" 
        roles="admin"  />
    </authorization>
    

See Also

Concepts

Web Parts Personalization Overview

Securing Web Parts Pages

Other Resources

ASP.NET Configuration Settings

Administering ASP.NET Web Sites