Thursday, March 22, 2012

web.sitemap in web config

VS2005 BETA2

in web.config it is written:

<location path="Gedimai/Ataskaitos">
<system.web>
<authorization>
<allow roles="Dispeceriai,SDispeceriai,SVisi"/>
<deny users="*"/>
</authorization>
</system.web>
</location
in web.sitemap it is:
<siteMapNode title="ATASKAITOS" roles="Dispeceriai,SDispeceriai,SVisi">
<siteMapNode title="Dienos" roles="Dispeceriai,SDispeceriai,SVisi">
<siteMapNode title="Gedimai" description="Dispeeri gedimai"
roles="Dispeceriai,SDispeceriai,SVisi">
<siteMapNode
url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=0" title="RST"
roles="SVisi"/>
<siteMapNode
url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=1" title="VET"
roles="SVisi,SDispeceriai"/>
<siteMapNode
url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=2" title="PET"
roles="SVisi,SDispeceriai"/>
<siteMapNode
url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=3" title="UET"
roles="SVisi,SDispeceriai"/>
<siteMapNode url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=4"
title="AET" roles="SVisi,SDispeceriai"/>
</siteMapNode>
</siteMapNode
when user is logging with "SDispeceriai" role, he can see all Site map
nodes, but I want that he could not see node "RST", because it is for users
who have role "SVisi".
ThanksDid you configure the Xml SiteMapProvider with
enableSecurityTrimming="false" ?

--
Scott
http://www.OdeToCode.com/blogs/scott/

On Tue, 19 Jul 2005 09:40:34 +0300, "aa" <vaidas.gudas@.rst.lt> wrote:

>VS2005 BETA2
>in web.config it is written:
><location path="Gedimai/Ataskaitos">
> <system.web>
> <authorization>
> <allow roles="Dispeceriai,SDispeceriai,SVisi"/>
> <deny users="*"/>
> </authorization>
> </system.web>
> </location>
>in web.sitemap it is:
><siteMapNode title="ATASKAITOS" roles="Dispeceriai,SDispeceriai,SVisi">
> <siteMapNode title="Dienos" roles="Dispeceriai,SDispeceriai,SVisi">
> <siteMapNode title="Gedimai" description="Dispeeri gedimai"
>roles="Dispeceriai,SDispeceriai,SVisi">
> <siteMapNode
>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=0" title="RST"
>roles="SVisi"/>
> <siteMapNode
>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=1" title="VET"
>roles="SVisi,SDispeceriai"/>
> <siteMapNode
>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=2" title="PET"
>roles="SVisi,SDispeceriai"/>
> <siteMapNode
>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=3" title="UET"
>roles="SVisi,SDispeceriai"/>
> <siteMapNode url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=4"
>title="AET" roles="SVisi,SDispeceriai"/>
> </siteMapNode>
> </siteMapNode>
>when user is logging with "SDispeceriai" role, he can see all Site map
>nodes, but I want that he could not see node "RST", because it is for users
>who have role "SVisi".
> Thanks
when I am setting enableSecurityTrimming="false" then the user can see all
nodes, and I don't want that he saw all nodes. I want that he would see just
these, which he can see by his role

"Scott Allen" <scott@.nospam.odetocode.com> wrote in message
news:b02qd1pvk6os4f2l5gomok1uqtbcv9glt6@.4ax.com...
> Did you configure the Xml SiteMapProvider with
> enableSecurityTrimming="false" ?
> --
> Scott
> http://www.OdeToCode.com/blogs/scott/
> On Tue, 19 Jul 2005 09:40:34 +0300, "aa" <vaidas.gudas@.rst.lt> wrote:
>>VS2005 BETA2
>>
>>in web.config it is written:
>>
>><location path="Gedimai/Ataskaitos">
>> <system.web>
>> <authorization>
>> <allow roles="Dispeceriai,SDispeceriai,SVisi"/>
>> <deny users="*"/>
>> </authorization>
>> </system.web>
>> </location>
>>
>>in web.sitemap it is:
>><siteMapNode title="ATASKAITOS" roles="Dispeceriai,SDispeceriai,SVisi">
>> <siteMapNode title="Dienos" roles="Dispeceriai,SDispeceriai,SVisi">
>> <siteMapNode title="Gedimai" description="Dispeeri gedimai"
>>roles="Dispeceriai,SDispeceriai,SVisi">
>> <siteMapNode
>>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=0" title="RST"
>>roles="SVisi"/>
>> <siteMapNode
>>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=1" title="VET"
>>roles="SVisi,SDispeceriai"/>
>> <siteMapNode
>>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=2" title="PET"
>>roles="SVisi,SDispeceriai"/>
>> <siteMapNode
>>url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=3" title="UET"
>>roles="SVisi,SDispeceriai"/>
>> <siteMapNode url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=4"
>>title="AET" roles="SVisi,SDispeceriai"/>
>> </siteMapNode>
>> </siteMapNode>
>>
>>when user is logging with "SDispeceriai" role, he can see all Site map
>>nodes, but I want that he could not see node "RST", because it is for
>>users
>>who have role "SVisi".
>> Thanks
>>
>>
>
I think you've mistaken the purpose of the roles attribute in the web.sitemap.
For a sitemap, when you have enabl;eSecurityTrimming=true it will hide all
the nodes that the user wouldn't normally have access to, as configured via
the <authorization> element in web.confing. The roles attribute in web.sitemap
doesn't restrict access. In fact, it's actually shows nodes that the user
normally wouldn't see. So, if <authorization> has hidden an element, but
you want to make it visible to that user, then add the roles attribute in
the sitemap.

-Brock
DevelopMentor
http://staff.develop.com/ballen

> when I am setting enableSecurityTrimming="false" then the user can see
> all nodes, and I don't want that he saw all nodes. I want that he
> would see just these, which he can see by his role
> "Scott Allen" <scott@.nospam.odetocode.com> wrote in message
> news:b02qd1pvk6os4f2l5gomok1uqtbcv9glt6@.4ax.com...
>> Did you configure the Xml SiteMapProvider with
>> enableSecurityTrimming="false" ?
>> --
>> Scott
>> http://www.OdeToCode.com/blogs/scott/
>> On Tue, 19 Jul 2005 09:40:34 +0300, "aa" <vaidas.gudas@.rst.lt> wrote:
>>
>>> VS2005 BETA2
>>>
>>> in web.config it is written:
>>>
>>> <location path="Gedimai/Ataskaitos">
>>> <system.web>
>>> <authorization>
>>> <allow roles="Dispeceriai,SDispeceriai,SVisi"/>
>>> <deny users="*"/>
>>> </authorization>
>>> </system.web>
>>> </location>
>>> in web.sitemap it is:
>>> <siteMapNode title="ATASKAITOS"
>>> roles="Dispeceriai,SDispeceriai,SVisi">
>>> <siteMapNode title="Dienos" roles="Dispeceriai,SDispeceriai,SVisi">
>>> <siteMapNode title="Gedimai" description="Dispeeri gedimai"
>>> roles="Dispeceriai,SDispeceriai,SVisi">
>>> <siteMapNode
>>> url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=0" title="RST"
>>> roles="SVisi"/>
>>> <siteMapNode
>>> url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=1" title="VET"
>>> roles="SVisi,SDispeceriai"/>
>>> <siteMapNode
>>> url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=2" title="PET"
>>> roles="SVisi,SDispeceriai"/>
>>> <siteMapNode
>>> url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=3" title="UET"
>>> roles="SVisi,SDispeceriai"/>
>>> <siteMapNode url="~/Gedimai/Ataskaitos/Gedimai1d.aspx?regions_id=4"
>>> title="AET" roles="SVisi,SDispeceriai"/>
>>> </siteMapNode>
>>> </siteMapNode>
>>> when user is logging with "SDispeceriai" role, he can see all Site
>>> map
>>> nodes, but I want that he could not see node "RST", because it is
>>> for
>>> users
>>> who have role "SVisi".
>>> Thanks

Posted by establishertg at 4:59 AM
Labels: , , , , , , , , , , , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)