User Information Page (Userdisp.aspx vs person.aspx)

I hope with this post to clarify why in Sharepoint the User Information Page is rendered sometimes with userdisp.aspx and sometimes with person.aspx.

In WSS, when you click on a profile link you are redirected to the User Information Page used by WSS to display WSS profile informations, this page is userdisp.aspx and is located in the same web.

In MOSS (with profile services enabled), instead, when you click on a profile link you are redirected to a different User Information Page, person.aspx. This page is the page showing the public profile of a user and is located under mysite site collection.

Sometimes happens that in MOSS (with profile services enabled), when you click on a profile link you are redirected to userdisp.aspx instead of person.aspx and this page doesn’t permit you to change user profile attributes. I will give you in a moment a reason for this behaviour.

When you are in MOSS and click on a profile link, you are always redirected to userdisp.aspx. This page loads ProfileRedirect control which uses MySiteRedirectionUserControl to redirect to public profile page on mysite. For security reasons, this redirection is made only if the public profile page url is safe.

What does it mean safe? Ok, right question!

The following URLs are considered safe in redirection:

  1. Same host name as the original URL (portal at http://mycompany:80, and my site under http://mycompany:8080).
  2. The URL to be redirected is a Portal URL. That is, if we set Portal site connection (from site actions -> site settings -> Portal site connection) to be
    http://mysite.[hostheader], http://mysite... will then be considered as a safe URL.
  3. Loop back addresses like http://localhost,



Technorati Tag:
Comments (5)
  1. Eric T says:

    Thanks for clear explaination of the expected behavior.  Are there any workarounds to make this work when you have mysites using a different hostname than your team sites?

  2. You can set Portal site connection to mysite url and customize the navigation to not show it.

    Just a workaround…

  3. PANoone says:

    Thanks for the explanation to something that has been driving me spare for days!

    What a joke. Surely we’re not the first company in the world who chose to host our My Site collection on a subdomain??

    The workaround above requires modifying every master page (including default.master). This is not supported.

    Sadly there’s no way to do it using CSS either because the first link isn;t identified with a unique class or ID.

    Surely there’s another way to make a web app or URL safe? Something in IIS perhaps? [Fingers crossed]

  4. Sorry but, as far I know, it is hard coded.

  5. your article is very good nice post thank you, keep posting

Comments are closed.

Skip to main content