OK, so I'm working on a template for our new ASP.NET applications. Part of
this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
(I'm using beta 2).
I put the hierarchy of the applications and navigation in a database, and am
able to pull that into the app by inheriting StaticSiteMapProvider. So
that's set and works great.
So then I realize that it builds the sitemap at the application level, not
at the user level. So I've been looking into how to restrict the menu
items - based on security I will get from the database.
In my inherited class, I override IsAccessibleToUser - and that seems to
work for the breadcrumbs (because it doesn't show anything if I go to an
"invalid" page) - but it doesn't do anything to the menu (or the treeview
either, for that matter). I basically check a couple hard-coded "roles" to
the "roles" that are associated with the current node.
From what I've been piecing together, it looks like the menu will only trim
away the unwanted menu items if the provider has the
securityTrimmingEnabled="true" - but when I try to add that to the
<providers> section in web.config - I get a red-squiggly and a compiler
warning that it's invalid (where it used to be valid in old versions).
BOTTOM LINE:
I need to prune the menu hierarchy based on user permissions. One user may
only see literally one item and another user may see a few dozen - or at
least that's what I need to replicate.
How can I have the menu control (or the treeview) prune away the things that
the current user isn't supposed to see??Have you tried to using the roles attribute in the site map file?
<siteMap>
<siteMapNode title="Home" description="" url="default.aspx">
<siteMapNode title="Announcements" url="Announcements.aspx"
description="Information for all employees" roles="*" />
<siteMapNode title="Salaries" url="Salaries.aspx"
description="Salary data" roles="Managers,CEOs" />
<siteMapNode>
</siteMap
I hope this helps
RedEye
"RCS" <rseder@.gmail.com> wrote in message
news:FQxBe.2901$Ih7.1828@.newssvr33.news.prodigy.co m...
> All,
> OK, so I'm working on a template for our new ASP.NET applications. Part of
> this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
> (I'm using beta 2).
> I put the hierarchy of the applications and navigation in a database, and
> am able to pull that into the app by inheriting StaticSiteMapProvider. So
> that's set and works great.
> So then I realize that it builds the sitemap at the application level, not
> at the user level. So I've been looking into how to restrict the menu
> items - based on security I will get from the database.
> In my inherited class, I override IsAccessibleToUser - and that seems to
> work for the breadcrumbs (because it doesn't show anything if I go to an
> "invalid" page) - but it doesn't do anything to the menu (or the treeview
> either, for that matter). I basically check a couple hard-coded "roles" to
> the "roles" that are associated with the current node.
> From what I've been piecing together, it looks like the menu will only
> trim away the unwanted menu items if the provider has the
> securityTrimmingEnabled="true" - but when I try to add that to the
> <providers> section in web.config - I get a red-squiggly and a compiler
> warning that it's invalid (where it used to be valid in old versions).
> BOTTOM LINE:
> I need to prune the menu hierarchy based on user permissions. One user may
> only see literally one item and another user may see a few dozen - or at
> least that's what I need to replicate.
> How can I have the menu control (or the treeview) prune away the things
> that the current user isn't supposed to see??
Well, I'm creating the sitemap on the fly - but yes, this is exactly what
I'm doing.
The problem comes in with telling this sitemap (and the menu or the
treeview) that the currently logged in user does not have access to that
"Salaries" node in your example below.
And the academic solution from Microsoft is to put the users in your
web.config and use an <authorization> section to allow/deny people. But I
have a few thousand dynamic users - so I need to programatically validate
whether a user (and I know their roles) is supposed to see a particular node
item (which has a role associated).
*How* do I accomplish this?
"RedEye" <redeye_51@.hotmail.com> wrote in message
news:%23nLpLsKiFHA.2180@.TK2MSFTNGP15.phx.gbl...
> Have you tried to using the roles attribute in the site map file?
> <siteMap>
> <siteMapNode title="Home" description="" url="default.aspx">
> <siteMapNode title="Announcements" url="Announcements.aspx"
> description="Information for all employees" roles="*" />
> <siteMapNode title="Salaries" url="Salaries.aspx"
> description="Salary data" roles="Managers,CEOs" />
> <siteMapNode>
> </siteMap>
> I hope this helps
>
> RedEye
> "RCS" <rseder@.gmail.com> wrote in message
> news:FQxBe.2901$Ih7.1828@.newssvr33.news.prodigy.co m...
>> All,
>>
>> OK, so I'm working on a template for our new ASP.NET applications. Part
>> of this, includes using the new menu and breadcrumbs control in ASP.NET
>> 2.0 (I'm using beta 2).
>>
>> I put the hierarchy of the applications and navigation in a database, and
>> am able to pull that into the app by inheriting StaticSiteMapProvider. So
>> that's set and works great.
>>
>> So then I realize that it builds the sitemap at the application level,
>> not at the user level. So I've been looking into how to restrict the menu
>> items - based on security I will get from the database.
>>
>> In my inherited class, I override IsAccessibleToUser - and that seems to
>> work for the breadcrumbs (because it doesn't show anything if I go to an
>> "invalid" page) - but it doesn't do anything to the menu (or the treeview
>> either, for that matter). I basically check a couple hard-coded "roles"
>> to the "roles" that are associated with the current node.
>>
>> From what I've been piecing together, it looks like the menu will only
>> trim away the unwanted menu items if the provider has the
>> securityTrimmingEnabled="true" - but when I try to add that to the
>> <providers> section in web.config - I get a red-squiggly and a compiler
>> warning that it's invalid (where it used to be valid in old versions).
>>
>> BOTTOM LINE:
>> I need to prune the menu hierarchy based on user permissions. One user
>> may only see literally one item and another user may see a few dozen - or
>> at least that's what I need to replicate.
>>
>> How can I have the menu control (or the treeview) prune away the things
>> that the current user isn't supposed to see??
>>
>>
>>
Hi RCS:
It's true, you must use securityTrimmingEnabled="true". This works
well.
Ignore the red squiggly line. Unfortunately, the validation in VS 2005
can only take into consideration the settings that are common to all
site map providers. The securityTrimmingEnabled attribute is a setting
specific to the Xml site map provider that ships with asp.net 2.0. It
works, even though the IDE doesn't know about it, the provider does.
It's jus a case of the validation being a little overzealous.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rseder@.gmail.com> wrote:
>All,
>OK, so I'm working on a template for our new ASP.NET applications. Part of
>this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
>(I'm using beta 2).
>I put the hierarchy of the applications and navigation in a database, and am
>able to pull that into the app by inheriting StaticSiteMapProvider. So
>that's set and works great.
>So then I realize that it builds the sitemap at the application level, not
>at the user level. So I've been looking into how to restrict the menu
>items - based on security I will get from the database.
>In my inherited class, I override IsAccessibleToUser - and that seems to
>work for the breadcrumbs (because it doesn't show anything if I go to an
>"invalid" page) - but it doesn't do anything to the menu (or the treeview
>either, for that matter). I basically check a couple hard-coded "roles" to
>the "roles" that are associated with the current node.
>From what I've been piecing together, it looks like the menu will only trim
>away the unwanted menu items if the provider has the
>securityTrimmingEnabled="true" - but when I try to add that to the
><providers> section in web.config - I get a red-squiggly and a compiler
>warning that it's invalid (where it used to be valid in old versions).
>BOTTOM LINE:
>I need to prune the menu hierarchy based on user permissions. One user may
>only see literally one item and another user may see a few dozen - or at
>least that's what I need to replicate.
>How can I have the menu control (or the treeview) prune away the things that
>the current user isn't supposed to see??
Scott - thanks..
Even if I do do this, A) if I do this in my page_load:
Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) - it
returns false. Then, in my class, I do this, to overwrite the default
implementation:
public new bool SecurityTrimmingEnabled = true;
Still - same result. It's beginning to look like I need to inherit from
higher up the tree - like SiteMapProvider (instead of
StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
But even if I did - and managed to get that to work, I'm not sure it will
solve my problem. Because at this point, I'm almost convinced that MY
sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
know where to begin, to make it support it.
Lastly - I could've solved all of this last week, if I could just build a
sitemap on a per-user basis (instead of per-application). I could handle all
the security in the database and just return the valid menu items for this
user.
Any ideas on how to make a sitemapprovider (and more specifically - a
SiteMapDataSource) - able to be used on a per-user basis?? Thanks again!
"Scott Allen" <scott@.nospam.odetocode.com> wrote in message
news:qiqfd1hdcmi580q1miap2i2n1khk1bi98s@.4ax.com...
> Hi RCS:
> It's true, you must use securityTrimmingEnabled="true". This works
> well.
> Ignore the red squiggly line. Unfortunately, the validation in VS 2005
> can only take into consideration the settings that are common to all
> site map providers. The securityTrimmingEnabled attribute is a setting
> specific to the Xml site map provider that ships with asp.net 2.0. It
> works, even though the IDE doesn't know about it, the provider does.
> It's jus a case of the validation being a little overzealous.
> --
> Scott
> http://www.OdeToCode.com/blogs/scott/
>
> On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rseder@.gmail.com> wrote:
>>All,
>>
>>OK, so I'm working on a template for our new ASP.NET applications. Part of
>>this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
>>(I'm using beta 2).
>>
>>I put the hierarchy of the applications and navigation in a database, and
>>am
>>able to pull that into the app by inheriting StaticSiteMapProvider. So
>>that's set and works great.
>>
>>So then I realize that it builds the sitemap at the application level, not
>>at the user level. So I've been looking into how to restrict the menu
>>items - based on security I will get from the database.
>>
>>In my inherited class, I override IsAccessibleToUser - and that seems to
>>work for the breadcrumbs (because it doesn't show anything if I go to an
>>"invalid" page) - but it doesn't do anything to the menu (or the treeview
>>either, for that matter). I basically check a couple hard-coded "roles" to
>>the "roles" that are associated with the current node.
>>
>>From what I've been piecing together, it looks like the menu will only
>>trim
>>away the unwanted menu items if the provider has the
>>securityTrimmingEnabled="true" - but when I try to add that to the
>><providers> section in web.config - I get a red-squiggly and a compiler
>>warning that it's invalid (where it used to be valid in old versions).
>>
>>BOTTOM LINE:
>>I need to prune the menu hierarchy based on user permissions. One user may
>>only see literally one item and another user may see a few dozen - or at
>>least that's what I need to replicate.
>>
>>How can I have the menu control (or the treeview) prune away the things
>>that
>>the current user isn't supposed to see??
>>
>
Hi Rcs:
You can always plug your own custom site map provider in, although
I've been using security trimming so that should work. It will build
the menu control such that the user only sees what they are allowed to
navigate to.
In the providers section, did you have a <remove> element in to make
sure it's not using the default configuration?
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 17:27:50 GMT, "RCS" <rseder@.gmail.com> wrote:
>Scott - thanks..
>Even if I do do this, A) if I do this in my page_load:
> Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
>(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) - it
>returns false. Then, in my class, I do this, to overwrite the default
>implementation:
> public new bool SecurityTrimmingEnabled = true;
>Still - same result. It's beginning to look like I need to inherit from
>higher up the tree - like SiteMapProvider (instead of
>StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
>But even if I did - and managed to get that to work, I'm not sure it will
>solve my problem. Because at this point, I'm almost convinced that MY
>sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
>know where to begin, to make it support it.
>
>Lastly - I could've solved all of this last week, if I could just build a
>sitemap on a per-user basis (instead of per-application). I could handle all
>the security in the database and just return the valid menu items for this
>user.
>Any ideas on how to make a sitemapprovider (and more specifically - a
>SiteMapDataSource) - able to be used on a per-user basis?? Thanks again!
>
>"Scott Allen" <scott@.nospam.odetocode.com> wrote in message
>news:qiqfd1hdcmi580q1miap2i2n1khk1bi98s@.4ax.com...
>> Hi RCS:
>>
>> It's true, you must use securityTrimmingEnabled="true". This works
>> well.
>>
>> Ignore the red squiggly line. Unfortunately, the validation in VS 2005
>> can only take into consideration the settings that are common to all
>> site map providers. The securityTrimmingEnabled attribute is a setting
>> specific to the Xml site map provider that ships with asp.net 2.0. It
>> works, even though the IDE doesn't know about it, the provider does.
>>
>> It's jus a case of the validation being a little overzealous.
>>
>> --
>> Scott
>> http://www.OdeToCode.com/blogs/scott/
>>
>>
>> On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rseder@.gmail.com> wrote:
>>
>>>All,
>>>
>>>OK, so I'm working on a template for our new ASP.NET applications. Part of
>>>this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
>>>(I'm using beta 2).
>>>
>>>I put the hierarchy of the applications and navigation in a database, and
>>>am
>>>able to pull that into the app by inheriting StaticSiteMapProvider. So
>>>that's set and works great.
>>>
>>>So then I realize that it builds the sitemap at the application level, not
>>>at the user level. So I've been looking into how to restrict the menu
>>>items - based on security I will get from the database.
>>>
>>>In my inherited class, I override IsAccessibleToUser - and that seems to
>>>work for the breadcrumbs (because it doesn't show anything if I go to an
>>>"invalid" page) - but it doesn't do anything to the menu (or the treeview
>>>either, for that matter). I basically check a couple hard-coded "roles" to
>>>the "roles" that are associated with the current node.
>>>
>>>From what I've been piecing together, it looks like the menu will only
>>>trim
>>>away the unwanted menu items if the provider has the
>>>securityTrimmingEnabled="true" - but when I try to add that to the
>>><providers> section in web.config - I get a red-squiggly and a compiler
>>>warning that it's invalid (where it used to be valid in old versions).
>>>
>>>BOTTOM LINE:
>>>I need to prune the menu hierarchy based on user permissions. One user may
>>>only see literally one item and another user may see a few dozen - or at
>>>least that's what I need to replicate.
>>>
>>>How can I have the menu control (or the treeview) prune away the things
>>>that
>>>the current user isn't supposed to see??
>>>
>>>
>
Hiya,
I'm already doing that - I inherited from StaticSiteMapProvider - and the
menu is populated correctly with ALL possible menu options (from a SQL
databsae) - including menu options inappropriate for some users.
Assuming my inherited is named MySiteMapProvider - I have this in my
web.config:
<siteMap defaultProvider="MySiteMapProvider" enabled="true">
<providers>
<clear/>
<add name="MySiteMapProvider" securityTrimmingEnabled="true"
type="MySiteMapProvider"></add>
</providers>
</siteMap
And again - my provider works perfectly. The problem is, I need to prune
back menu items (or nodes within the provider) so that the current user sees
the appropriate menu items.
I think I've hit the end of the Internet - I've scoured every resource I
know and I'm pretty much at a standstill.
thanks again!
"Scott Allen" <scott@.nospam.odetocode.com> wrote in message
news:s4vfd1hrapgth9ta49mn4goj4fq4hbh5c4@.4ax.com...
> Hi Rcs:
> You can always plug your own custom site map provider in, although
> I've been using security trimming so that should work. It will build
> the menu control such that the user only sees what they are allowed to
> navigate to.
> In the providers section, did you have a <remove> element in to make
> sure it's not using the default configuration?
> --
> Scott
> http://www.OdeToCode.com/blogs/scott/
> On Fri, 15 Jul 2005 17:27:50 GMT, "RCS" <rseder@.gmail.com> wrote:
>>Scott - thanks..
>>
>>Even if I do do this, A) if I do this in my page_load:
>>
>>
>> Response.Write(this.SiteMapDataSource1.Provider.Se curityTrimmingEnabled.ToString());
>>
>>(Assuming that SiteMapDataSource1 points to my custom SiteMapProvider) -
>>it
>>returns false. Then, in my class, I do this, to overwrite the default
>>implementation:
>>
>> public new bool SecurityTrimmingEnabled = true;
>>
>>Still - same result. It's beginning to look like I need to inherit from
>>higher up the tree - like SiteMapProvider (instead of
>>StaticSiteMapProvider) - or XmlSiteMapProvider or ProviderBase
>>
>>But even if I did - and managed to get that to work, I'm not sure it will
>>solve my problem. Because at this point, I'm almost convinced that MY
>>sitemaprovider truly doesn't support SecurityTrimmingEnabled - and I don't
>>know where to begin, to make it support it.
>>
>>
>>Lastly - I could've solved all of this last week, if I could just build a
>>sitemap on a per-user basis (instead of per-application). I could handle
>>all
>>the security in the database and just return the valid menu items for this
>>user.
>>
>>Any ideas on how to make a sitemapprovider (and more specifically - a
>>SiteMapDataSource) - able to be used on a per-user basis?? Thanks again!
>>
>>
>>"Scott Allen" <scott@.nospam.odetocode.com> wrote in message
>>news:qiqfd1hdcmi580q1miap2i2n1khk1bi98s@.4ax.com...
>>> Hi RCS:
>>>
>>> It's true, you must use securityTrimmingEnabled="true". This works
>>> well.
>>>
>>> Ignore the red squiggly line. Unfortunately, the validation in VS 2005
>>> can only take into consideration the settings that are common to all
>>> site map providers. The securityTrimmingEnabled attribute is a setting
>>> specific to the Xml site map provider that ships with asp.net 2.0. It
>>> works, even though the IDE doesn't know about it, the provider does.
>>>
>>> It's jus a case of the validation being a little overzealous.
>>>
>>> --
>>> Scott
>>> http://www.OdeToCode.com/blogs/scott/
>>>
>>>
>>> On Thu, 14 Jul 2005 18:06:29 GMT, "RCS" <rseder@.gmail.com> wrote:
>>>
>>>>All,
>>>>
>>>>OK, so I'm working on a template for our new ASP.NET applications. Part
>>>>of
>>>>this, includes using the new menu and breadcrumbs control in ASP.NET 2.0
>>>>(I'm using beta 2).
>>>>
>>>>I put the hierarchy of the applications and navigation in a database,
>>>>and
>>>>am
>>>>able to pull that into the app by inheriting StaticSiteMapProvider. So
>>>>that's set and works great.
>>>>
>>>>So then I realize that it builds the sitemap at the application level,
>>>>not
>>>>at the user level. So I've been looking into how to restrict the menu
>>>>items - based on security I will get from the database.
>>>>
>>>>In my inherited class, I override IsAccessibleToUser - and that seems to
>>>>work for the breadcrumbs (because it doesn't show anything if I go to an
>>>>"invalid" page) - but it doesn't do anything to the menu (or the
>>>>treeview
>>>>either, for that matter). I basically check a couple hard-coded "roles"
>>>>to
>>>>the "roles" that are associated with the current node.
>>>>
>>>>From what I've been piecing together, it looks like the menu will only
>>>>trim
>>>>away the unwanted menu items if the provider has the
>>>>securityTrimmingEnabled="true" - but when I try to add that to the
>>>><providers> section in web.config - I get a red-squiggly and a compiler
>>>>warning that it's invalid (where it used to be valid in old versions).
>>>>
>>>>BOTTOM LINE:
>>>>I need to prune the menu hierarchy based on user permissions. One user
>>>>may
>>>>only see literally one item and another user may see a few dozen - or at
>>>>least that's what I need to replicate.
>>>>
>>>>How can I have the menu control (or the treeview) prune away the things
>>>>that
>>>>the current user isn't supposed to see??
>>>>
>>>>
>>>
>
I know there is not a tremendous amount published yet in this area.
Best of luck.
--
Scott
http://www.OdeToCode.com/blogs/scott/
On Fri, 15 Jul 2005 18:27:28 GMT, "RCS" <rseder@.gmail.com> wrote:
>Hiya,
>I'm already doing that - I inherited from StaticSiteMapProvider - and the
>menu is populated correctly with ALL possible menu options (from a SQL
>databsae) - including menu options inappropriate for some users.
>Assuming my inherited is named MySiteMapProvider - I have this in my
>web.config:
><siteMap defaultProvider="MySiteMapProvider" enabled="true">
> <providers>
> <clear/>
> <add name="MySiteMapProvider" securityTrimmingEnabled="true"
>type="MySiteMapProvider"></add>
> </providers>
></siteMap>
>And again - my provider works perfectly. The problem is, I need to prune
>back menu items (or nodes within the provider) so that the current user sees
>the appropriate menu items.
>I think I've hit the end of the Internet - I've scoured every resource I
>know and I'm pretty much at a standstill.
>thanks again!
Not much except for here: http://msdn2.microsoft.com/library/e468hxky.aspx
Some good forum posts at
http://forums.asp.net/search/Search...ytrimming&f=&u= too.
--JF
"Scott Allen" wrote:
> I know there is not a tremendous amount published yet in this area.
> Best of luck.
> --
> Scott
> http://www.OdeToCode.com/blogs/scott/
> On Fri, 15 Jul 2005 18:27:28 GMT, "RCS" <rseder@.gmail.com> wrote:
> >Hiya,
> >I'm already doing that - I inherited from StaticSiteMapProvider - and the
> >menu is populated correctly with ALL possible menu options (from a SQL
> >databsae) - including menu options inappropriate for some users.
> >Assuming my inherited is named MySiteMapProvider - I have this in my
> >web.config:
> ><siteMap defaultProvider="MySiteMapProvider" enabled="true">
> > <providers>
> > <clear/>
> > <add name="MySiteMapProvider" securityTrimmingEnabled="true"
> >type="MySiteMapProvider"></add>
> > </providers>
> ></siteMap>
> >And again - my provider works perfectly. The problem is, I need to prune
> >back menu items (or nodes within the provider) so that the current user sees
> >the appropriate menu items.
> >I think I've hit the end of the Internet - I've scoured every resource I
> >know and I'm pretty much at a standstill.
> >thanks again!
>
0 comments:
Post a Comment