Wrox Programmer Forums
Go Back   Wrox Programmer Forums > ASP.NET and ASP > ASP.NET 2.0 > ASP.NET 2.0 Professional
Reload this Page cannot hide page in sitemap using roles
|
ASP.NET 2.0 Professional If you are an experienced ASP.NET programmer, this is the forum for your 2.0 questions. Please also see the Visual Web Developer 2005 forum.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the ASP.NET 2.0 Professional section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old June 19th, 2007, 11:06 AM
Friend of Wrox
  
Join Date: Apr 2006
Posts: 160
Thanks: 0
Thanked 0 Times in 0 Posts
Default cannot hide page in sitemap using roles
Hi,

i have a problem with the visibility of the sitemap.
there is one role defined: manager
There are two users: user1 (member of role manager) and user2 (not member).
The login.aspx redirects to a page with a menu control associated to a SiteMapDataSource.

I want to hide pg1 for all non-members of role manager (=user2).

I did this in:

web.sitemap:
------------
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
   <siteMapNode url="page1.aspx" title="pg1" roles="manager" >
        <siteMapNode url="page2.aspx" title="pg2" >
        </siteMapNode>
        <siteMapNode url="page3.aspx" title="pg3" >
           </siteMapNode>
      </siteMapNode>
</siteMap>

in web.config:
------------
  <roleManager enabled="true" />

  <siteMap defaultProvider="AspXmlSiteMapProvider" enabled="true">
        <providers>
          <clear/>
          <add name="AspXmlSiteMapProvider" type="System.Web.XmlSiteMapProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
            siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
        </providers>
      </siteMap>

My problem: when logging with any user, that user (user2) sees all the pages, included pg1.

How to make pg1 invisible for user2 using this sitemap?
Thanks
Hertendreef
 
Old August 21st, 2007, 12:42 PM
Registered User
  
Join Date: Aug 2007
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Hi,

I am having exactly the same problem. Inspite of two users having separate role, (and web.sitemap clearly defines two separate items), after login, both the users get same menu.

While other menu items work fine as per role.
 
Old August 21st, 2007, 12:56 PM
Imar's Avatar
Wrox Author
  
Join Date: Jun 2003
Posts: 17,089
Thanks: 80
Thanked 1,576 Times in 1,552 Posts
Default
Hi there,

You may be misunderstanding the use of the roles attribute in the sitemap. It's used to *extend* the items beyond the roles you're in, not limit it. That is, it allows you to show items to users to which they normally don't have access.

Instead, add a <location> tag to your web.config with its path set to the file you want to protect. Then change the security settings to the correct roles.

For example:

<location path="SomeFile.aspx">
    <system.web>
     <authorization>
        <allow roles="Managers, Administrators" />
        <deny users="*"/>
     </authorization>
    </system.web>
</location>

Hope this helps.

Imar

---------------------------------------
Imar Spaanjaars
http://Imar.Spaanjaars.Com
Everyone is unique, except for me.
Author of ASP.NET 2.0 Instant Results and Beginning Dreamweaver MX / MX 2004





Similar Threads
Thread Thread Starter Forum Replies Last Post
Roles and SiteMap Problem mashour BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 3 November 18th, 2008 02:10 PM
Sitemap melania ASP.NET 3.5 Basics 0 October 27th, 2008 01:20 PM
Master Page Control/Web.Sitemap Questions kwilliams ASP.NET 2.0 Professional 2 January 14th, 2007 09:32 PM
How to hide Extension of Page in URL ? savan_thakkar ASP.NET 1.0 and 1.1 Professional 9 February 24th, 2006 10:31 AM
Conditional Hide Report Page Header SGL Access VBA 0 August 30th, 2004 02:36 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.