Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sitemap Security and Roles

Status
Not open for further replies.
Peppi

Peppi

Programmer
Apr 9, 2001
205
CA
Hi,

I'm trying to hide one of the links in my site map depending on whether or not the user has been assigned to the appropriate role. I've enabled security trimming in web.config and also added the following section to only allow those users that have the 'CanEditBillableHours' role to access the BillableHours.aspx page:

<location path="BillableHours.aspx">
<system.web>
<authorization>
<allow roles="CanEditBillableHours" />
<deny users="*" />
</authorization>
</system.web>
</location>

Here's the relevant part of my sitemap:

<siteMapNode title="Staff Time" url="" description="" roles="*">
<siteMapNode url="MyStaffTime.aspx" title="My Staff Time" description="" />
<siteMapNode url="EmployeeStaffTime.aspx" title="Employee Staff Time" description="" />
<siteMapNode url="Reporting.aspx" title="Searches and Reports" description="" />
<siteMapNode url="BillableHours.aspx" title="Adjust Billable Hours" description="" roles="CanEditBillableHours" />
</siteMapNode>

Also, my site uses Windows authentication.

Now, this mostly works, except for when an authorized user tries to access BillableHours.aspx. A 'Enter Network Password' dialog box comes up asking the user to enter their credentials. Why is this happening?

My web app is a bit different from the norm in that the user launches it from within a Windows application. The user has already been authenicated in this first application, which is why I've chosen Windows authentication for the web app. I don't want the user to have to authenicate twice. Not sure if that is relevant but thought I'd include it just in case.

Any ideas?

Thx.
 
Sort by date Sort by votes
I'm not sure how to fix your problem using the web.config as you have. I would do this in the code behind by checking if the user is in the specified role, and hide the node accordingly.

Jim
 
Upvote 0 Downvote
I'm having trouble figuring out how to hide that node. It won't let me just hide it since visible isn't a property of SiteMapNode:

SiteMap.Provider.FindSiteMapNode("BillableHours.aspx").visible = false

How to do this?
 
Upvote 0 Downvote
Try:
Code: 
SiteMap.Provider.FindSiteMapNode("BillableHours.aspx")[b].IsAccessibleToUser = False[/b]
Jimb
 
Upvote 0 Downvote
I think that is a readonly property?

"Expression is a value and therefore cannot be the target of an assignment.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Makumbi256
  • Locked
  • Question
How to make days vertical and grid view editable using asp.net vb
Replies
0
Views
853
Makumbi256
Makumbi256
G12Consult
  • Locked
  • Question
Different landing pages for different roles
Replies
0
Views
906
G12Consult
G12Consult
sugu1
  • Locked
  • Question
sound editing in web site to record, cut/trim, paste and save as wav file
Replies
0
Views
833
sugu1
sugu1
engsalah2018
  • Locked
  • Question
How to get label text from table reference on database based on TableName and FieldName
Replies
2
Views
978
jbenson001
jbenson001
ShellyBha
  • Locked
  • Question
Code works fine on localhost and on development server but not on production.
Replies
3
Views
410
MakeItSo
MakeItSo

Part and Inventory Search

Sponsor

Back
Top