authorization Element for personalization for webParts (ASP.NET Settings Schema)

Sets the Web Parts personalization authorizations for the current Web application.

<authorization>
    <allow.../>
    <deny.../>
</authorization>

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

None.

Child Elements

Element Description

allow

Optional String element.

Adds an authorization rule allowing Web Parts controls access to the mapping of authorization rules. The only allowable values are:

Value Description

enterSharedScope

Indicates if a user or role can enter shared scope.

modifyState

Indicates if a user or role can modify personalization data for the currently active scope.

deny

Optional String element.

Adds an authorization rule denying Web Parts controls access to the mapping of authorization rules. The only allowable values are:

Value Description

enterSharedScope

Denies a user or role the ability to enter shared scope.

modifyState

Denies a user or role the ability to modify personalization data for the currently active scope.

Parent Elements

Element Description

configuration

The required root element in every configuration file used by the common language runtime and .NET Framework applications.

system.web

Specifies the root element for the ASP.NET configuration settings in a configuration file. Contains configuration elements that configure ASP.NET Web applications and control how the applications behave.

webParts

Allows you to specify a Web Parts personalization provider, set personalization authorizations, and add custom classes that extend the Transformer class for use by Web Parts connections.

personalization

Specifies the Web Parts personalization provider and sets Web Parts personalization authorizations.

Remarks

Default Configuration

The following default authorization element is configured in the root Web.config file in the .NET Framework version 2.0.

<authorization>
  <deny users="*" verbs="enterSharedScope" />
  <allow users="*" verbs="modifyState" />
</authorization>

Example

The following example shows how to configure authorization settings for a Web Parts control.

<authorization>
  <deny users="*" verbs="enterSharedScope" />
  <allow users="*" verbs="modifyState" />
</authorization>

Element Information

Configuration Section Handler

System.Web.Configuration.WebPartsSection

Configuration Member

System.Web.Configuration.WebPartsPersonalization.Authorization

Configurable Locations

Machine.config

Root level Web.config

Application level Web.config

Virtual or physical directory level Web.config

Requirements

IIS 5.0, 5.1 and 6.0

.NET Framework 2.0

Visual Studio 2005

See Also

Tasks

How to: Configure Specific Directories Using Location Settings
How to: Lock ASP.NET Configuration Settings

Reference

system.web Element (ASP.NET Settings Schema)
configuration Element (General Settings Schema)
allow Element for authorization for webParts (ASP.NET Settings Schema)
deny Element for authorization for webParts (ASP.NET Settings Schema)
WebPartsSection
WebPartsPersonalization
WebPartsPersonalizationAuthorization
System.Configuration
System.Web.Configuration

Concepts

ASP.NET Configuration Overview
ASP.NET Configuration Scenarios
Securing ASP.NET Configuration

Other Resources

General Configuration Settings (ASP.NET)
ASP.NET Configuration Settings
Configuring ASP.NET Applications
ASP.NET Configuration API