I was setting up permissions for pages in a ASP.NET website with <location>
tags in web.config, something similar to this:
<location path="Users.aspx">
<system.web>
<authorization>
<allow roles="Administrator"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
However, I also have a web.sitemap which basically contains the same information, i.e. which user roles can see/access which pages. A snippet from my web.sitemap:
<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
<siteMapNode title="Home">
... lots of nodes here ...
<siteMapNode url="users.aspx" roles="Administrator" title="users" description="Edit users" />
...
</siteMapNode>
</siteMap>
Is there some kind of nifty way of using web.sitemap only to configure access? The <location>
tags are quite verbose, and I don't like having to duplicate this information.