none
Public Access to My Site

    Question

  • I am in desperate need of a way to make the My Site public view accessible to anonymous users.  I have enabled anonymous in all the various parts of sharepoint, but it is my understanding that this is not accessible by default because of the active directory profiles that the my site template pulls. 
    • Moved by Mike Walsh FIN Monday, November 17, 2008 5:57 PM MySite q (Moved from SharePoint - Setup, Upgrade, Administration and Operation to SharePoint - Social Computing)
    Wednesday, June 11, 2008 6:00 PM

Answers

  • Wow. Sorry to hear about all this. I came here on a search to confirm my suspicions--that you can't serve up the out-of-the-box person.aspx page to an anonymous user--and have found a lot of grousing around the problem and a lot of half-answers.

    Andrea, yes, as you mentioned the first time, it looks like anonymous users cannot access the out-of-the-box person.aspx page. I'm in the same situation today, that's how I got here.

    The answer is, you have to write something that looks like the person.aspx page, or somehow get elevated privileges in order to be able to see it. Since we're just doing this for load-testing (i.e. for production we're okay with requiring authentication,) I can simply say "yeah we can't test that page." But for you, you'll probably have to rewrite the page such that all server controls run under elevated privileges.

    Ugh.
    Friday, May 08, 2009 3:49 PM

All replies

  • This doesn't seem to be a programming issue so I'm moving it to the Admin forum which seems more likely to get you a response.
    Wednesday, June 11, 2008 6:11 PM
  • So, it takes a few places to set it up.

     

    First, you must enable it under:

     

    Central Administration > Application Management > Authentication Providers > Edit Authentication

     

    Whichever application needs anonymous, needs this set up.

     

    After that, you need to go into the SP Site and enable anonymous on the various items to which they will need access. The problem can be if you have tweaked and fiddled with permissions, you can have some image or style sheet that is in a directory that anonymous does not have access to (if you set that particular gallery not to inherit permissions). Anyway, you just have to work through the issues one at a time...

     

    If I am not describing what you need done, could you post the error message that the users receive as well as the log file when they try and fail to log in?

    Wednesday, June 11, 2008 7:30 PM
  • I have already done all of that.  I believe that the issue is that since the Person.aspx page calls the ProfilePropertyLoader, and a profile cannot be loaded for an anonymous user, the access to the site is denied unless a user logs in.  I think what I need to do is some how pass a set of impersonated credentials to the ProfileCurrentUser (the profile for the browsing user) , but only  if the current user is anonymous.  I just have absolutely no idea how to go about that.
    Wednesday, June 11, 2008 7:40 PM
  • Is the Web Site set up to use anonymous access in IIS? What do you get in the log file when a user tries to log in anonymously?

    Wednesday, June 11, 2008 7:44 PM
  • Yes it is set up for anonymous access and I can access everything anonymously except for My Site and the people search tab.  I don't have any errors in the log, it just wont display the page unless I provide credentials at the login prompt.
    Wednesday, June 11, 2008 7:50 PM
  • OK, I understand now, sorry about that. Let me dig around and see what I can find for you...

     

    Wednesday, June 11, 2008 7:55 PM
  • Hi Guys,

     

    Any luck with finding a solution for this?

     

    Friday, July 11, 2008 4:00 PM
  • Not yet.  I am supposed to have a developer start writing some custom code this week, but I would much rather find a cheaper solution.
    Tuesday, July 15, 2008 12:45 PM
  • Let me try to understand your problem first, please confirm if it is correct:

     

    Option#1: You are trying to 'Grant' access to Anonymous users for accessing an internal user's my site, which is created already (say using Intranet Zone and Windows Authentication)

    Solution: If this is your requirement: you need to ask your anonymous user's to directly access user's my site using, say: http://mysites.contoso.com/user/userlogonid

     

    If you'd like publish the list of My Sites availalble, then:

    1. Create a custom application page

    2. In that page access User Profiles using UserProfileManager class' GetEnumerator method.

    3. check if the user has a My Site defined using UserProfile.PersonalSite property and create a link to the page.

    Note: You have execute the above logic in elevated mode. As anonymous user will not have access to user profile related information.

    Note: This is in addition to what you have done to enable 'Anonymous Access' to your web application that hosts 'My Sites'.

     

    Option#2: You are planning to 'Host' my sites for Anonymous users, i.e. anyone and everyone on the Internet can come to your SharePoint site and host their content.

    I dont think this is possible with SharePoint and is not advisable. At minimum, you have to use Forms Authentication to know who is logging in so that a my site can be created.

     

    Hope this helps.

     

    Thanks,

    Subbu

    Tuesday, July 15, 2008 1:35 PM
  • My guess is that custom code might be your unfortunate answer. I came across this in Goeran Husman's Beginning SharePoint 2007 Administration:

     

    "It is easy to assume that all users have their own public [My] site, just like the personal view, since it contains personal information. But that is not true. There is only one single website for the public view, and this site is shared among all users. However, its content will depend on which person's public view you are looking at." (p.228)

     

    That tells me that the public site view depends on who's accessing it, and SharePoint won't know how to access an anonymous user's My Site. That explains the login prompt.

     

    The only other way I could conceivably think about workarounding this would be to create a custom site containing the loadable web parts that you'd need that could be filtered based on the person someone is looking for. For example, you could set it up so that a web part could filter a document library by the person who modified the document, another web part could filter the image of the person, and so on. You could also create a single list which a SharePoint list filter could pull from that contains relevant user information: phone, email, whatever. That could, in theory, mimic what a public view My Site would do. The downside to this would be constantly updating what others are putting in and making sure it was current. I suppose you could institute workflows to fire when users change any personal information--but it's a lot of work, so I'm not sure it's really doable.

     

    Good luck!

    Tuesday, July 15, 2008 5:18 PM
  • The direct link does not work either.  The devloper that I had working on the issue could not seem to grasp the actual issue, so now I am back at square one.  Does anyone have any ideas on how I would go about writing some custom code that would allow the anonymous user to access the My Site page?
    Tuesday, August 26, 2008 3:01 AM
  • Hi Andrea,

    Please try the following setting

    Go to Mysite SSP ->Personalization Services Permissions -> Add this group (NT AUTHORITY\Authenticated Users) - give it access right

    Thanks with Regards,
    Long Nguyen

    Tuesday, August 26, 2008 3:18 AM
  • I had already added those permissions. 

    The issue is that the UserProfileManager class on the person.aspx will not load without a set of credentials supplied to it.  I need some way to pass a set of windows credentials to this object if the user is anonymous.

    If I go into Sharepoint designer and delete everything on the person.aspx page then I can view it anonymously.  This tells me that all my permissions are set up correctly.  I know I am in way over my head here, but I have to get this working.  I am open for any and all ideas.
    Tuesday, August 26, 2008 7:38 PM
  • Have you tried to extending the application, with a web application that allows anonymous access?
    Darren JR
    Monday, November 17, 2008 1:34 PM
  • Nowadays MySite questions always go to the Social Computing forum.

    Moving it to be along the rest.
    Monday, November 17, 2008 5:57 PM
  • Wow. Sorry to hear about all this. I came here on a search to confirm my suspicions--that you can't serve up the out-of-the-box person.aspx page to an anonymous user--and have found a lot of grousing around the problem and a lot of half-answers.

    Andrea, yes, as you mentioned the first time, it looks like anonymous users cannot access the out-of-the-box person.aspx page. I'm in the same situation today, that's how I got here.

    The answer is, you have to write something that looks like the person.aspx page, or somehow get elevated privileges in order to be able to see it. Since we're just doing this for load-testing (i.e. for production we're okay with requiring authentication,) I can simply say "yeah we can't test that page." But for you, you'll probably have to rewrite the page such that all server controls run under elevated privileges.

    Ugh.
    Friday, May 08, 2009 3:49 PM
  • Is there any article by Microsoft that discribe the recommendation for not making the MySite for public users? I'm searching for something like that but no result.
    • Edited by Osama Mourad Saturday, July 25, 2009 11:04 AM spelling
    Saturday, July 25, 2009 11:04 AM
  • I need the same thing...

    Does anybody have at least partial solution to this?

    Tuesday, June 25, 2013 1:57 PM