Hey,
I'm using radmenu with a xml site map file.
I have enabled security trimming in the site map provider and denied access to specific pages using the autherization element in the web.config (when I navigate directly to those pages I'm redirected to the login page so this works fine).
I've also performed a test - I inherited from XMLSiteMapProvider and implemented IsAccesibleToUser method.
I see in debug mode that this method is called and return the correct values (true to show , false to hide) but it has no effect on the menu and all the items is shown in the UI.
here are some parts from the code
Web.Config
TrimmedXMLSiteMap Class (again I dont really need it if the out of the box security trimming will work. for now this approch doesnt work also)
RadMenu declaration from the master page:
Thanks for the help...
I'm using radmenu with a xml site map file.
I have enabled security trimming in the site map provider and denied access to specific pages using the autherization element in the web.config (when I navigate directly to those pages I'm redirected to the login page so this works fine).
I've also performed a test - I inherited from XMLSiteMapProvider and implemented IsAccesibleToUser method.
I see in debug mode that this method is called and return the correct values (true to show , false to hide) but it has no effect on the menu and all the items is shown in the UI.
here are some parts from the code
Web.Config
<
location
path
=
"Pages/ManageCategories.aspx"
>
<
system.web
>
<
authorization
>
<
allow
roles
=
"IT Admin"
/>
<
deny
roles
=
"User"
/>
<
deny
roles
=
"Company Admin"
/>
<
deny
users
=
"?"
/>
<
deny
users
=
"*"
/>
</
authorization
>
</
system.web
>
</
location
>
<
siteMap
defaultProvider
=
"XmlSiteMapProvider"
enabled
=
"true"
>
<
providers
>
<
add
name
=
"XmlSiteMapProvider"
description
=
"Default SiteMap provider."
type
=
"TrimmedXmlSiteMapProvider "
siteMapFile
=
"Web.sitemap"
securityTrimmingEnabled
=
"true"
/>
</
providers
>
</
siteMap
>
TrimmedXMLSiteMap Class (again I dont really need it if the out of the box security trimming will work. for now this approch doesnt work also)
public
override
bool
IsAccessibleToUser(HttpContext context, SiteMapNode node)
{
if
(node.Roles !=
null
&& node.Roles.Count > 0)
{
bool
ret =
false
;
// need to be atleast in one of the roles
foreach
(var item
in
node.Roles)
{
if
(System.Web.Security.Roles.IsUserInRole(item.ToString()))
{
ret =
true
;
}
}
return
ret;
}
else
{
return
true
;
}
}
RadMenu declaration from the master page:
<
telerik:RadSiteMapDataSource
ID
=
"SubMenuDatasource"
runat
=
"server"
ShowStartingNode
=
"False"
SiteMapProvider
=
"XmlSiteMapProvider"
StartingNodeOffset
=
"1"
/>
<
telerik:RadMenu
ID
=
"SubMenu12"
runat
=
"server"
EnableEmbeddedBaseStylesheet
=
"false"
Skin
=
"ChildMenu"
EnableEmbeddedSkins
=
"false"
DataSourceID
=
"SubMenuDatasource"
>
</
telerik:RadMenu
>
Thanks for the help...