SiteMap SecurityTrimming
Kamon | Posted 6:49pm 22. March 2006 Server Time |
This is just a quick question on security trimming the urls in a site map.
To get the securty trimming to work, I have to add the Roles attribute to each siteMapNode. I was watching the membership and roles video from asp.net and the guy didn't add them. I got to reading and .net is supposed to be smart enough to travers your web.configs and do it automatically, but it wont do it for me. Any ideas? |
Informant | Posted 7:05pm 22. March 2006 Server Time |
http://aspnet.4guysfromrolla.com/articles/122805-1.aspx
Kamon | Posted 4:54am 23. March 2006 Server Time |
I have read that several times already. On part three he says this. "You can bypass this check for those nodes you want to show to all users (such as Home and About, in the above example) by adding roles="*". By adding this attribute you will shortcut the normal authorization check, thereby improving the security trimming". To me that is saying the .net checks the webconfig security to see what the user is allowed to visit. When I try it NOTHING will show unless I specify roles="*", roles="Users", and roles="Admins in the site map.
Is something wrong in my web config, or am I reading that wrong?
Informant | Posted 11:09am 23. March 2006 Server Time |
well do you have deny all in your web.config?
Kamon | Posted 1:54pm 23. March 2006 Server Time |
In the folder "Admins", for example, the web.config denys all and allows aministrators
Reply to Post SiteMap SecurityTrimming
|
|
|
