Security trimming problem with not absolute path

Discussion in 'ASP .Net Security' started by Alexj, Feb 23, 2010.

  1. Alexj

    Alexj Guest

    Hello, I have a problem that for many of you will surely be trivial, I wanted
    to enable the security trimming by xml, everything works if I insert full
    address in the sitemap.
    But if I put the ~ as shown below does not work the disappearance of the
    menu items to unauthorized persons:

    xml version = "1.0" encoding = "utf-8"?
    <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
    <siteMapNode url="#" title="Start" description="Inizio" roles="*">
    <siteMapNode url="~/CreazioneDocumentale/antfattStep1.aspx?enc=99999"
    title="Creazione Distinta" roles="Domain\0001" />
    <siteMapNode url="~/CreazioneDocumentale/antfattStep1.aspx?enc=3333333"
    title="Pred. Request "description="Pred. Request BO" roles="Domain\0002" />

    </ siteMapNode>
    </ siteMap>

    Below a part of web.config:

    <authentication mode="Windows"/>

    <siteMap defaultProvider="xmlSite" enabled="true">
    <providers>
    <clear/>
    <add name="xmlSite" type="System.Web.XmlSiteMapProvider"
    siteMapFile="~/Sitemap/filename.sitemap" securityTrimmingEnabled="true"/>
    </providers>
    </siteMap>
    <roleManager enabled="true"
    defaultProvider="AspNetWindowsTokenRoleProvider">
    <providers>
    <clear/>
    <add name="AspNetWindowsTokenRoleProvider"
    type="System.Web.Security.WindowsTokenRoleProvider"/>
    </providers>
    </roleManager>

    <authorization>
    <deny users="?"/>
    <allow roles="Domain\0001"/>
    </authorization>


    Thanks in advance for answers.
     
    Alexj, Feb 23, 2010
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.