advertisement
Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

3 Reasons to be excited about Visual Studio 12 and Microsoft Build

advertisement
advertisement
 

Nine ASP.NET Site Navigation Problem Solutions: Part 2

Discover how to grant or deny users access to pages in your sites, and how to create dynamic site maps using database-driven data.


by Lee Richardson
Aug 21, 2006
Page 1 of 4
advertisement
art one of this series introduced the first seven common site map navigation problems and their solutions. This part explores more advanced techniques with the final two problems:

  • Hiding unauthorized pages.
  • Including database-driven content in site map data.
The solution to the first problem requires a brief review of ASP.NET 2.0 authorization and page level security, while solving the second problem involves extending the Site Map Provider model and caching dynamic content using ASP.NET 2.0's new SqlCacheDependency class.

#8: Hiding Unauthorized Pages
In ASP.NET 1.1, hiding unauthorized pages involved setting the visibility of LinkButton controls or preventing/enabling the execution of sections of code manually, using a call to User.IsInRole(). In contrast, ASP.NET 2.0 provides a configurable, extensible, no-code approach. Setting it up involves three steps:

  1. Configure the SiteMapProvider to use security trimmings.
  2. Configure the RoleProvider to retrieve roles.
  3. Configure page- or directory-level authorization rules.
I'll explain each step in the following sections.

Step 1: Enable security trimmings
Site-map files with more than 150 nodes can take substantially longer to perform security-trimming operations.
Enabling security trimmings forces the .NET Framework to limit siteMapNodes exposed by the SiteMapDataSource based on authorization information. Configure the SiteMapProvider to use security trimmings by adding a securityTrimmingEnabled="true" attribute to the XmlSiteMapProvider in the application's web.config file as shown below:

   <siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
     <providers>
       <add name="XmlSiteMapProvider"
         description="Default SiteMap provider"
         type="System.Web.XmlSiteMapProvider"
         siteMapFile="Web.sitemap"
         securityTrimmingEnabled="true" />
     </providers>
   </siteMap>

It's worth noting Microsoft's warning that "Site-map files with more than 150 nodes can take substantially longer to perform security-trimming operations." Microsoft recommends using the roles attribute (described at the end of this solution) to help mitigate this potential performance problem.
  1234 Next Page »
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 
advertisement
Sitemap