C
CJ
Hi All,
I am trying to get a site map working using the roles tag, but cannot
get the items displaing/hiding depending on the roles. I am using
forms authentication. I have tried multiple forms of autherization
flags, adding locations etc. I've gone back to the basic configuration
just to try get the sitemap working properly so I'm not worried about
people accessing the urls directly. I will add that again. So at the
current stage the things I added to my web.config look like this:
<system.web>
..
..
..
<authentication mode="Forms">
<forms loginUrl="Logon.aspx" name="adAuthCookie" timeout="60"
path="/">
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider"
description="Default SiteMap provider."
type="System.Web.XmlSiteMapProvider "
siteMapFile="Web.sitemap"
securityTrimmingEnabled="true" />
</providers>
</siteMap>
</system.web>
My logon page seems to work fine using this method. I removed any
location path="role names,,,"> tags just to try get the sitemap
working. The particular role I am trying to work on is called
"adviser". I have some users in active directory in this group and
some that aren't so trying to get it working for the different users.
My sitemap file looks like this:
<siteMapNode url="Default.aspx" title="Main Menu">
<siteMapNode url="home_content.aspx" title="Home"
roles="adviser" />
..
..
etc
I tried adding the following to my global.asax to get the identity
object set up. This seems to go through fine when debugging, but not
sure if it's necessary:
Protected Sub Application_AuthenticateRequest(ByVal sender As
Object, ByVal e As System.EventArgs)
If (HttpContext.Current.User IsNot Nothing) Then
If (HttpContext.Current.User.Identity.IsAuthenticated)
Then
If (TypeName(HttpContext.Current.User.Identity) =
"FormsIdentity") Then
Dim id As FormsIdentity =
CType(HttpContext.Current.User.Identity, FormsIdentity)
Dim ticket As FormsAuthenticationTicket =
id.Ticket
' Get the stored user-data, in this case, our
roles
Dim userData As String = ticket.UserData
Dim roles() As String = userData.Split("|")
HttpContext.Current.User = New
System.Security.Principal.GenericPrincipal(id, roles)
End If
End If
End If
Any ideas on what I'm doing wrong is much appreciated!
Conor.
I am trying to get a site map working using the roles tag, but cannot
get the items displaing/hiding depending on the roles. I am using
forms authentication. I have tried multiple forms of autherization
flags, adding locations etc. I've gone back to the basic configuration
just to try get the sitemap working properly so I'm not worried about
people accessing the urls directly. I will add that again. So at the
current stage the things I added to my web.config look like this:
<system.web>
..
..
..
<authentication mode="Forms">
<forms loginUrl="Logon.aspx" name="adAuthCookie" timeout="60"
path="/">
</forms>
</authentication>
<authorization>
<deny users="?"/>
<allow users="*"/>
</authorization>
<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
<providers>
<add name="XmlSiteMapProvider"
description="Default SiteMap provider."
type="System.Web.XmlSiteMapProvider "
siteMapFile="Web.sitemap"
securityTrimmingEnabled="true" />
</providers>
</siteMap>
</system.web>
My logon page seems to work fine using this method. I removed any
location path="role names,,,"> tags just to try get the sitemap
working. The particular role I am trying to work on is called
"adviser". I have some users in active directory in this group and
some that aren't so trying to get it working for the different users.
My sitemap file looks like this:
<siteMapNode url="Default.aspx" title="Main Menu">
<siteMapNode url="home_content.aspx" title="Home"
roles="adviser" />
..
..
etc
I tried adding the following to my global.asax to get the identity
object set up. This seems to go through fine when debugging, but not
sure if it's necessary:
Protected Sub Application_AuthenticateRequest(ByVal sender As
Object, ByVal e As System.EventArgs)
If (HttpContext.Current.User IsNot Nothing) Then
If (HttpContext.Current.User.Identity.IsAuthenticated)
Then
If (TypeName(HttpContext.Current.User.Identity) =
"FormsIdentity") Then
Dim id As FormsIdentity =
CType(HttpContext.Current.User.Identity, FormsIdentity)
Dim ticket As FormsAuthenticationTicket =
id.Ticket
' Get the stored user-data, in this case, our
roles
Dim userData As String = ticket.UserData
Dim roles() As String = userData.Split("|")
HttpContext.Current.User = New
System.Security.Principal.GenericPrincipal(id, roles)
End If
End If
End If
Any ideas on what I'm doing wrong is much appreciated!
Conor.