All,
OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things that
the current user isn't supposed to see?? 8  1526 
Have you tried to using the roles attribute in the site map file?
<siteMap>
<siteMapNode title="Home" description="" url="default.aspx">
<siteMapNode title="Announcements" url="Announcements.aspx"
description="Information for all employees" roles="*" />
<siteMapNode title="Salaries" url="Salaries.aspx"
description="Salary data" roles="Managers,CEOs" />
<siteMapNode>
</siteMap>
I hope this helps
RedEye
"RCS" <rs****@gmail.com> wrote in message
news:FQ*****************@newssvr33.news.prodigy.co m... All,
OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and
am able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only
trim away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things
that the current user isn't supposed to see??
Well, I'm creating the sitemap on the fly - but yes, this is exactly what
I'm doing.
The problem comes in with telling this sitemap (and the menu or the
treeview) that the currently logged in user does not have access to that
"Salaries" node in your example below.
And the academic solution from Microsoft is to put the users in your
web.config and use an <authorization> section to allow/deny people. But I
have a few thousand dynamic users - so I need to programatically validate
whether a user (and I know their roles) is supposed to see a particular node
item (which has a role associated).
*How* do I accomplish this?
"RedEye" <re*******@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl... Have you tried to using the roles attribute in the site map file?
<siteMap>
<siteMapNode title="Home" description="" url="default.aspx">
<siteMapNode title="Announcements" url="Announcements.aspx"
description="Information for all employees" roles="*" />
<siteMapNode title="Salaries" url="Salaries.aspx"
description="Salary data" roles="Managers,CEOs" />
<siteMapNode>
</siteMap>
I hope this helps
RedEye
"RCS" <rs****@gmail.com> wrote in message
news:FQ*****************@newssvr33.news.prodigy.co m... All,
OK, so I'm working on a template for our new ASP.NET applications. Part
of this, includes using the new menu and breadcrumbs control in ASP.NET
2.0 (I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and
am able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level,
not at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles"
to the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only
trim away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user
may only see literally one item and another user may see a few dozen - or
at least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things
that the current user isn't supposed to see??
Hi RCS:
It's true, you must use securityTrimmingEnabled="true". This works
well.
Ignore the red squiggly line. Unfortunately, the validation in VS 2005
can only take into consideration the settings that are common to all
site map providers. The securityTrimmingEnabled attribute is a setting
specific to the Xml site map provider that ships with asp.net 2.0. It
works, even though the IDE doesn't know about it, the provider does.
It's jus a case of the validation being a little overzealous.
--
Scott http://www.OdeToCode.com/blogs/scott/
On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rs****@gmail.com> wrote: All,
OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things that
the current user isn't supposed to see??
Scott - thanks..
Even if I do do this, A) if I do this in my page_load:
Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) - it
returns false. Then, in my class, I do this, to overwrite the default
implementation:
public new bool SecurityTrimmingEnabled = true;
Still - same result. It's beginning to look like I need to inherit from
higher up the tree - like SiteMapProvider (instead of
StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
But even if I did - and managed to get that to work, I'm not sure it will
solve my problem. Because at this point, I'm almost convinced that MY
sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
know where to begin, to make it support it.
Lastly - I could've solved all of this last week, if I could just build a
sitemap on a per-user basis (instead of per-application). I could handle all
the security in the database and just return the valid menu items for this
user.
Any ideas on how to make a sitemapprovider (and more specifically - a
SiteMapDataSource) - able to be used on a per-user basis???? Thanks again!
"Scott Allen" <sc***@nospam.odetocode.com> wrote in message
news:qi********************************@4ax.com... Hi RCS:
It's true, you must use securityTrimmingEnabled="true". This works
well.
Ignore the red squiggly line. Unfortunately, the validation in VS 2005
can only take into consideration the settings that are common to all
site map providers. The securityTrimmingEnabled attribute is a setting
specific to the Xml site map provider that ships with asp.net 2.0. It
works, even though the IDE doesn't know about it, the provider does.
It's jus a case of the validation being a little overzealous.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rs****@gmail.com> wrote:
All,
OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and
am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only
trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things
that
the current user isn't supposed to see??
Hi Rcs:
You can always plug your own custom site map provider in, although
I've been using security trimming so that should work. It will build
the menu control such that the user only sees what they are allowed to
navigate to.
In the providers section, did you have a <remove> element in to make
sure it's not using the default configuration?
--
Scott http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 17:27:50 GMT, "RCS" <rs****@gmail.com> wrote: Scott - thanks..
Even if I do do this, A) if I do this in my page_load:
Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) - it
returns false. Then, in my class, I do this, to overwrite the default
implementation:
public new bool SecurityTrimmingEnabled = true;
Still - same result. It's beginning to look like I need to inherit from
higher up the tree - like SiteMapProvider (instead of
StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
But even if I did - and managed to get that to work, I'm not sure it will
solve my problem. Because at this point, I'm almost convinced that MY
sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
know where to begin, to make it support it.
Lastly - I could've solved all of this last week, if I could just build a
sitemap on a per-user basis (instead of per-application). I could handle all
the security in the database and just return the valid menu items for this
user.
Any ideas on how to make a sitemapprovider (and more specifically - a
SiteMapDataSource) - able to be used on a per-user basis???? Thanks again!
"Scott Allen" <sc***@nospam.odetocode.com> wrote in message
news:qi********************************@4ax.com.. . Hi RCS:
It's true, you must use securityTrimmingEnabled="true". This works
well.
Ignore the red squiggly line. Unfortunately, the validation in VS 2005
can only take into consideration the settings that are common to all
site map providers. The securityTrimmingEnabled attribute is a setting
specific to the Xml site map provider that ships with asp.net 2.0. It
works, even though the IDE doesn't know about it, the provider does.
It's jus a case of the validation being a little overzealous.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rs****@gmail.com> wrote:
All,
OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and
am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only
trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things
that
the current user isn't supposed to see??
Hiya,
I'm already doing that - I inherited from StaticSiteMapProvider - and the
menu is populated correctly with ALL possible menu options (from a SQL
databsae) - including menu options inappropriate for some users.
Assuming my inherited is named MySiteMapProvider - I have this in my
web.config:
<siteMap defaultProvider="MySiteMapProvider" enabled="true">
<providers>
<clear/>
<add name="MySiteMapProvider" securityTrimmingEnabled="true"
type="MySiteMapProvider"></add>
</providers>
</siteMap>
And again - my provider works perfectly. The problem is, I need to prune
back menu items (or nodes within the provider) so that the current user sees
the appropriate menu items.
I think I've hit the end of the Internet - I've scoured every resource I
know and I'm pretty much at a standstill.
thanks again!
"Scott Allen" <sc***@nospam.odetocode.com> wrote in message
news:s4********************************@4ax.com... Hi Rcs:
You can always plug your own custom site map provider in, although
I've been using security trimming so that should work. It will build
the menu control such that the user only sees what they are allowed to
navigate to.
In the providers section, did you have a <remove> element in to make
sure it's not using the default configuration?
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 17:27:50 GMT, "RCS" <rs****@gmail.com> wrote:
Scott - thanks..
Even if I do do this, A) if I do this in my page_load:
Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) -
it
returns false. Then, in my class, I do this, to overwrite the default
implementation:
public new bool SecurityTrimmingEnabled = true;
Still - same result. It's beginning to look like I need to inherit from
higher up the tree - like SiteMapProvider (instead of
StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
But even if I did - and managed to get that to work, I'm not sure it will
solve my problem. Because at this point, I'm almost convinced that MY
sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
know where to begin, to make it support it.
Lastly - I could've solved all of this last week, if I could just build a
sitemap on a per-user basis (instead of per-application). I could handle
all
the security in the database and just return the valid menu items for this
user.
Any ideas on how to make a sitemapprovider (and more specifically - a
SiteMapDataSource) - able to be used on a per-user basis???? Thanks again!
"Scott Allen" <sc***@nospam.odetocode.com> wrote in message
news:qi********************************@4ax.com. .. Hi RCS:
It's true, you must use securityTrimmingEnabled="true". This works
well.
Ignore the red squiggly line. Unfortunately, the validation in VS 2005
can only take into consideration the settings that are common to all
site map providers. The securityTrimmingEnabled attribute is a setting
specific to the Xml site map provider that ships with asp.net 2.0. It
works, even though the IDE doesn't know about it, the provider does.
It's jus a case of the validation being a little overzealous.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rs****@gmail.com> wrote:
All,
OK, so I'm working on a template for our new ASP.NET applications. Part
of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database,
and
am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level,
not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the
treeview
either, for that matter). I basically check a couple hard-coded "roles"
to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only
trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user
may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things
that
the current user isn't supposed to see??
I know there is not a tremendous amount published yet in this area.
Best of luck.
--
Scott http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 18:27:28 GMT, "RCS" <rs****@gmail.com> wrote: Hiya,
I'm already doing that - I inherited from StaticSiteMapProvider - and the
menu is populated correctly with ALL possible menu options (from a SQL
databsae) - including menu options inappropriate for some users.
Assuming my inherited is named MySiteMapProvider - I have this in my
web.config:
<siteMap defaultProvider="MySiteMapProvider" enabled="true">
<providers>
<clear/>
<add name="MySiteMapProvider" securityTrimmingEnabled="true"
type="MySiteMapProvider"></add>
</providers>
</siteMap>
And again - my provider works perfectly. The problem is, I need to prune
back menu items (or nodes within the provider) so that the current user sees
the appropriate menu items.
I think I've hit the end of the Internet - I've scoured every resource I
know and I'm pretty much at a standstill.
thanks again!
Not much except for here: http://msdn2.microsoft.com/library/e468hxky.aspx
Some good forum posts at http://forums.asp.net/search/SearchR...trimming&f=&u= too.
--JF
"Scott Allen" wrote: I know there is not a tremendous amount published yet in this area.
Best of luck.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 18:27:28 GMT, "RCS" <rs****@gmail.com> wrote:
Hiya,
I'm already doing that - I inherited from StaticSiteMapProvider - and the
menu is populated correctly with ALL possible menu options (from a SQL
databsae) - including menu options inappropriate for some users.
Assuming my inherited is named MySiteMapProvider - I have this in my
web.config:
<siteMap defaultProvider="MySiteMapProvider" enabled="true">
<providers>
<clear/>
<add name="MySiteMapProvider" securityTrimmingEnabled="true"
type="MySiteMapProvider"></add>
</providers>
</siteMap>
And again - my provider works perfectly. The problem is, I need to prune
back menu items (or nodes within the provider) so that the current user sees
the appropriate menu items.
I think I've hit the end of the Internet - I've scoured every resource I
know and I'm pretty much at a standstill.
thanks again!
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: RCS |
last post by:
Does anyone know of a tabbed navigation control that supports
SiteMapProvider (the same way the menu, breadcrumbs and treeview do in
2.0)??
I'm looking for www.amazon.com style tabbed...
|
by: Thomas Bandt |
last post by:
Hi,
I wrote my own SiteMapProvider which fetches the data from
a Sql Database (Navigation hierarchy). But this data
(categories) could contain absolute external Urls (like
http://google.com/)...
|
by: dhurwitz |
last post by:
Hi,
I have written a custom SiteMapProvider to retrieve site map data from a SQL
Server database table. It works fine when used as the data source for a Menu
control, so I am confident that all...
|
by: ashish |
last post by:
hello all,
I am trying to create a custom site map provider and since my site map
is very huge, I am loading the required nodes when the CurrentNode
property is called..
I am wondering if...
|
by: Adrian Sharp |
last post by:
I've got a pretty basic sitemap setup, but am getting a runtime error: "The
SiteMapProvider 'MySiteMap' cannot be found."
This occurs only when I access my website under IIS 5.1. When I run my...
|
by: shapper |
last post by:
Hello,
How to make a SiteMapDataSource to use a SiteMapProvider defined in
Web.Config?
I think I should use something like:
MySiteMapDataSource.Provider = ...
However I don't know what to...
|
by: shapper |
last post by:
Hello,
I need to create a custom SiteMapProvider.
I searched in Google for examples but I am still completly lost.
The custom SiteMapProvider I need to create is exactly the same as the...
|
by: Alex Brown |
last post by:
Is it a problem to attach Non-static site map providers under one that
inherits from StaticSiteMapProvider ?
We are implementing a custom site map provider for a website that is being
converted...
|
by: Steve Harclerode |
last post by:
Hi,
I have implemented a working SiteMapProvider as shown on an msdn page:
http://msdn.microsoft.com/en-us/library/ms178434(VS.80).aspx
My question is: Can I make the TreeView that uses a...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
