开发者

SiteMap control based on user roles doesn't works

问答 作者: 
  <siteMapNode roles="*">

    <siteMapNode url="~/Default.aspx" title=" Main"开发者_运维百科 description="Main" roles="*"/>

    <siteMapNode url="~/Items.aspx" title=" Adv" description="Adv" roles="Administrator"/>

....

any user can see Adv page. That is a trouble and a qustion : why and how to hide out of role sitenodes.

but if I do HttpContext.Current.User.IsInRole("Administrator") it shows me if user in Administrator role or not.

web config :

<authentication mode="Forms"/>
<membership defaultProvider="SqlProvider" userIsOnlineTimeWindow="20">
  <providers>
    <add connectionStringName="FlowWebSQL" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" passwordFormat="Hashed" applicationName="/" name="SqlProvider" type="System.Web.Security.SqlMembershipProvider"/>
  </providers>
</membership>
<roleManager enabled="true" defaultProvider="SqlProvider">
  <providers>
    <add connectionStringName="FlowWebSQL" name="SqlProvider" type="System.Web.Security.SqlRoleProvider" />
  </providers>
</roleManager>

Enable security trimming Security trimming is not enabled by default, and it cannot be enabled programmatically; it can only be set in the Web.config file

http://msdn.microsoft.com/en-us/library/ms178428.aspx

You need to use location tag in web.config.

<location path ="Items.aspx" >

   <system.web>

     <authorization>

       <allow roles ="Administrator"/>
       <deny users="*"/>
     </authorization>

   </system.web>

 </location>

See following for step by step custom role implementation
http://urenjoy.blogspot.com/2010/03/custom-role-provider-sitemap-navigation.html

继续阅读:asp.netrole-basedrolessitemap

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9