Display Nodes based on authority

3 posts, 0 answers
  1. Daniel Lopez
    Daniel Lopez avatar
    1 posts
    Member since:
    Oct 2009

    Posted 20 Jan 2010 Link to this post

    Hello, standard site navigation can display nodes based on their authority to the navigate url page. Does SiteMap have the same functionality?

    this functionality is generally handled by a setting in the web.config file.

    Please let me know.
  2. Simon
    Simon avatar
    2281 posts

    Posted 28 Jan 2010 Link to this post

    Hello Daniel Lopez,

    What you are referring to is called 'Security Trimming'. It is supported at the SiteMapProvder level.

    You can enable it by configuring the Provided in the way shown in below example:

    <!-- …other configuration settings -->
      <siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
          <add name="XmlSiteMapProvider"
            description="Default SiteMap provider."
            type="System.Web.XmlSiteMapProvider "
            securityTrimmingEnabled="true" />

    Once the Provider is configured, any SiteMap (including our RadSiteMap) will show data based on the permissions of the current user.

    You can read more about the feature here.

    Sincerely yours,
    the Telerik team

    Instantly find answers to your questions on the new Telerik Support Portal.
    Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
  3. Danny
    Danny avatar
    7 posts
    Member since:
    Jan 2012

    Posted 18 Jul 2012 Link to this post

    Don't forget to set roles="*" in the root node as explained from the following extracted from  http://msdn.microsoft.com/en-us/library/ms178428.aspx 

    It is recommended that the root node in a site map allow everyone access. To do this, set the roles attribute to an asterisk (*), or wildcard character, as shown in the following code example.

    <?xml version="1.0" encoding="utf-8" ?>
      <siteMapNode title="Home" description="Home" 
        url="default.aspx" roles="*">
        <!-- other <siteMapNode> elements -->

    In a site map, you can reference URLs that are outside of your Web application. Access to a URL outside of the application cannot be tested by ASP.NET. Therefore, if you enable security trimming, the site-map node will not be visible unless you set the roles attribute to an asterisk (*), which enables all clients to view the site-map node without first testing access to the URL.

Back to Top