I have a ASP.Net site, in which I'm trying to use Windows Authentication and Active Directory roles to limit access to some pages. I've looked at a tutorial page from Scott Gu, but I can't quite achieve what I want.
I'm ignoring the root node in my SiteMapDataSource
. I want to show the "Documents" node to all users, but limit the display of the "Search" and "Upload" roles to 2 different roles. I am in the "DOMAIN\validrole" but not in the "DOMAIN\madeuprole". With the sitemap and web.config below, I am getting all the nodes displayed. If I remove the roles="*"
from the "Documents" node (as suggested by Scott Gu), I get no nodes displayed.
Is there a way I can limit the display of individual child nodes without having to write custom code?
This is my sitemap:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
<siteMapNode url="~/Default.aspx"
title="Home">
<siteMapNode title="Documents" roles="*">
<siteMapNode url="~/Documents/Search.aspx"
title="Search Documents"
roles="DOMAIN\validrole" />
<siteMapNode url="~/Documents/Upload.aspx"
title="Upload Documents"
roles="DOMAIN\madeuprole" />
<siteMapNode url="~/Documents/Publish.aspx"
title="Publish Documents" />
</siteMapNode>
<siteMapNode title="Users" roles="*">
<siteMapNode url="~/Users/Search.aspx"
title="Search Users"
roles="DOMAIN\validrole" />
</siteMapNode>
</siteMapNode>
</siteMap>
And this is the relevant section of my web.config:
<authentication mode="Windows"/>
<authorization>
<allow roles="DOMAIN\validrole"/>
<deny users="*"/>
</authorization>
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider"
description="Default SiteMap provider."
type="System.Web.XmlSiteMapProvider"
siteMapFile="Web.sitemap"
securityTrimmingEnabled="true" />
</providers>
</siteMap>