Wrox Programmer Forums
|
BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0
This is the forum to discuss the Wrox book ASP.NET 2.0 Website Programming: Problem - Design - Solution by Marco Bellinaso; ISBN: 9780764584640
Welcome to the p2p.wrox.com Forums.

You are currently viewing the BOOK: ASP.NET 2.0 Website Programming Problem Design Solution ISBN: 978-0-7645-8464-0 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old March 21st, 2007, 03:41 PM
Registered User
  
Join Date: Mar 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default securityTrimmingEnabled
I can't seem to get the header menu to respect security trimming. I've created a user without any roles; however both the anonymous user and my new user can see the "Admin" link in the header menu. I would have expected this link to be suppressed.

My config file contains the following:

Code:
<siteMap defaultProvider="TBH_SiteMapProvider" enabled="true">
  <providers>
     <add name="TBH_SiteMapProvider" type="System.Web.XmlSiteMapProvider" securityTrimmingEnabled="true" siteMapFile="Web.sitemap"/>
  </providers>
</siteMap>
And my web.sitemap contains:

Code:
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" enableLocalization="true">
  <siteMapNode title="Home" url="~/Default.aspx">
    <siteMapNode title="Store" url="~/Store/Default.aspx">
      <siteMapNode title="Shopping cart" url="~/Store/ShoppingCart.aspx" />
    </siteMapNode>
    <siteMapNode title="Forum" url="~/Forum/Default.aspx" />
    <siteMapNode title="About" url="~/About.aspx" />
    <siteMapNode title="Contact" url="~/Contact.aspx" />
    <siteMapNode title="Admin" url="~/Admin/Default.aspx" roles="Administrators" />
  </siteMapNode>
</siteMap>
My masterpage.master contains:

Code:
<asp:SiteMapDataSource StartingNodeOffset="0" ID="SiteMapDataSource1"  runat="server" />
<asp:Menu ID="mnuHeader" runat="server" CssClass="headermenulink"  DataSourceID="SiteMapDataSource1" Orientation="Horizontal" MaximumDynamicDisplayLevels="0" SkipLinkText="" StaticDisplayLevels="2" />
Is there something obvious I am missing?

Many thanks.

Brett Miller
 
Old March 22nd, 2007, 07:38 AM
Registered User
  
Join Date: Mar 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Ugh. I needed the web.config file for the admin folder. Alternatively, one can add the following block to the top-level config file:

Code:
<location path="Admin">
  <system.web>
    <authorization>
      <allow roles="Administrators" />
      <deny users="*"/>
    </authorization>
  </system.web>
</location>
Brett Miller





Similar Threads
Thread Thread Starter Forum Replies Last Post
Chapter 6 - Problem with securityTrimmingEnabled brandensylv BOOK: Professional ASP.NET 2.0 Design: CSS, Themes, and Master Pages ISBN: 978-0-470-12448-2 2 March 11th, 2008 05:42 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.