Hi (I'm pretty new to this),
I have a login control in my C# program and once the user logs in, they are able to see links to other programs (a portal). Is it possible to hide the 'create new user' link to everyone except the admin once the user has logged in? Is this something I'd change in the web.config as I only want admins to be able to create new users (I use a CreateUserWizard for this).
Thank you.
in your codebehind:
createUserLink.Visible = currentUser.IsAdmin;
If I understand you, you wish to only allow access to, and display, pages to an authenticated user in an asp.net website who is in particular role (in this case, the "admin" role)?
To do this you need to enable security trimming on your site map provider eg.
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider"
description="Default SiteMap provider."
type="System.Web.XmlSiteMapProvider "
siteMapFile="Web.sitemap"
securityTrimmingEnabled="true" />
</providers>
</siteMap>
This will tell your sitemap provider to take account of whether members are authenticated and what roles they are in when displaying menu items.
To actually block access to paths via location paths and roles in the web.config For instance:
<location path="~/CreateNewUser.aspx">
<system.web>
<authorization>
<allow roles="Admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
See How To: Use Role Manager in ASP.NET 2.0 for a full overview.
I'm assuming that 'admin' is a role in your application. If so, you can use a LoginView control.
<asp:LoginView id="LoginView1" runat="server">
<RoleGroups>
<asp:RoleGroup Roles="Admin">
<ContentTemplate>
Stuff only an administrator can see
</ContentTemplate>
</asp:RoleGroup>
</RoleGroups>
</asp:LoginView>
You can also do in programatically, using the IsUserInRole method, e.g:
somePanel.Visible = Roles.IsUserInRole("Admin");