There are two good solutions here (which can be combined).
The first is to set up roles in the sitemap file. You have to set roles at
all levels for this to work (not sure why), but roles="*" is valid.
If you set up the SiteMap Provider to use the security trimmings, you will
end up with it respecting security in web.config files at different levels.
Set up your secure bits deeper (in folders) and set a web.config that only
allows specified roles. With security trimmings on, it will not allow the
menu to see the pages if the user is not in role(s).
So, here it is:
1. Most secure: Set web.configs with proper security and turn security
trimmings on in the main web.config under the SiteMap provider
2. Can work in most situations: Add roles to sitemap file
One caveat:
Have to use the Microsoft Membership bits, even if a custom provider, unless
you want to build the entire security model yourself.
--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA
Subscribe to my blog
http://gregorybeamer.spaces.live.com/lists/feed.rss
or just read it:
http://gregorybeamer.spaces.live.com/
*************************************************
| Think outside the box!
|
*************************************************
"John Devlon" <Jo********@hotmail.comwrote in message
news:OJ******************************@dommel.com.. .
Hi,
I've created a small application with some user-authentication and roles.
I would like to show/hide some navigation parts based on the users role.
Could someone please tell me what the best solution is?
Do I have to create different pages for each role and check the users
role when logged in?
Thanx
Kind regards
John