This is a migrated thread and some comments may be shown as answers.

Kendo Menu Security Trimming Calling Authorize excessively

2 Answers 192 Views
Menu
This is a migrated thread and some comments may be shown as answers.
Health
Top achievements
Rank 1
Health asked on 17 Oct 2014, 07:55 PM
Hello,

I am using the Kendo Menu (through a bound site map, although the issue is also present if used through the helper class directly) and have noticed an issue with the menu calling our AuthorizationRoles attribute multiple times per item in the list.

Example:
There are 3 items in an example site map:
<siteMap>
  <siteMapNode  title="" description="">
    <siteMapNode title="Home" controller="Home" action="Index"></siteMapNode>
    <siteMapNode title="Person" controller="People" action="Person" >
      <siteMapNode title="Manage Person" controller="People" action="ManagePerson"></siteMapNode>
    </siteMapNode>
  </siteMapNode>
</siteMap>

The People controller is quite large and contains 64 public Actions which all has our Authorize Attribute.  Home has 0 Actions with Authorize Attributes.
For each load of the page, the Authorize attribute gets called 128 times for the menu alone.  Playing around with it, it gets called x times y amount where x is the number of methods with an authorize attribute in a given controller and y is the number of sitemap nodes referencing that controller.

Does anyone know if there is something I'm doing incorrectly or some way to fix the trimming so it only hits the action it's pointing to and not the entire controller for each item on the list?  We cache this item to speed it up, but in production it's making over 1000 calls to this function per page load and is quite intensive.

Current Razor used to generate the menu:
@(Html.Kendo().Menu()
        .Name("Menu")
        .Direction(MenuDirection.Bottom)
        .SecurityTrimming(true)
        .BindTo("WebSiteMap", (item, siteMapNode) => { })
)


Thanks for your help!

2 Answers, 1 is accepted

Sort by
0
Health
Top achievements
Rank 1
answered on 17 Oct 2014, 08:16 PM
Just saw - http://docs.telerik.com/kendo-ui/aspnet-mvc/troubleshooting#menu-renders-too-slow-in-'debug'-mode

It might be related to this which would make some sense.
0
Georgi Krustev
Telerik team
answered on 21 Oct 2014, 10:43 AM
Hi Micah,

In general, the built-in security trimming functionality uses the ASP.NET MVC Authorization (uses the authorization attributes if there are any). This means that Menu will call the corresponding authorization attributes for every menu item that has a define Action method. This is a slow operation and that is why is cached, but only in release mode. Give a try the Troubleshooting section and let me know if the problem still persists.

Regards,
Georgi Krustev
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Tags
Menu
Asked by
Health
Top achievements
Rank 1
Answers by
Health
Top achievements
Rank 1
Georgi Krustev
Telerik team
Share this question
or