ASP.NET makes authorizations and security fairly simple with its roleManager, Authentication, and SiteMap providers. This quick hint only covers how to hide a particular menu item from the standard Menu and TreeList navigation components when using a SiteMap provider.
Web.config Settings for Role-based Menu Security
1) When you declare your sitemap provider, turn sucrityTrimmingEnabled to true:
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true"> <providers> <add name="XmlSiteMapProvider" description="Default SiteMap provider." type="System.Web.XmlSiteMapProvider " siteMapFile="Web.sitemap" securityTrimmingEnabled="true"/> </providers> </siteMap>
2) After you’ve turned securityTrimmingEnabled on, then you can tell ASP what “locations” or url node to hide…again, in your web.config file, after you close out </system.web>:
<location path="~/MgrReports"> <system.web> <authorization> <allow roles="managers"/> <deny users="*"/> </authorization> </system.web> </location>
You can set which roles get access in the <allow roles> node…use commas to separate multiple roles.
I searched long and hard for this, and finally found a great post by Danny Chen. Read his post for a much fuller explanation: http://blogs.msdn.com/dannychen/archive/2006/03/16/553005.aspx
Cheers,
Byron
Thank you. Simple and worked perfectly.