Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Authentication and user based content

0 views
Skip to first unread message

John Devlon

unread,
Apr 14, 2008, 9:21:00 AM4/14/08
to
Hi,

I've created a small application with some user-authentication and roles.

I would like to show/hide some navigation parts based on the users role.

Could someone please tell me what the best solution is?

Do I have to create different pages for each role and check the users role
when logged in?

Thanx

Kind regards

John


Eliyahu Goldin

unread,
Apr 14, 2008, 9:40:50 AM4/14/08
to
You can use different sitemaps for different roles.

If you have 2 providers in the web.config

<siteMap enabled="true">
<providers>
<add name="Role1SiteMapProvider" description="SiteMap for role 1."
type="System.Web.XmlSiteMapProvider"
siteMapFile="Roles/Role1/Role1.sitemap" />
<add name="Role2SiteMapProvider" description="SiteMap for role 2."
type="System.Web.XmlSiteMapProvider"
siteMapFile="Roles/Role2/Role2.sitemap" />
</providers>
</siteMap>

you can set SiteMapProvider property for navigation controls in the code to
either Role1SiteMapProvider or Role2SiteMapProvider depending on the user
role.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net


"John Devlon" <Johnd...@hotmail.com> wrote in message
news:OJ6dnawuCoigx57V...@dommel.com...

Cowboy (Gregory A. Beamer)

unread,
Apr 14, 2008, 9:45:30 AM4/14/08
to
There are two good solutions here (which can be combined).

The first is to set up roles in the sitemap file. You have to set roles at
all levels for this to work (not sure why), but roles="*" is valid.

If you set up the SiteMap Provider to use the security trimmings, you will
end up with it respecting security in web.config files at different levels.
Set up your secure bits deeper (in folders) and set a web.config that only
allows specified roles. With security trimmings on, it will not allow the
menu to see the pages if the user is not in role(s).

So, here it is:

1. Most secure: Set web.configs with proper security and turn security
trimmings on in the main web.config under the SiteMap provider
2. Can work in most situations: Add roles to sitemap file

One caveat:
Have to use the Microsoft Membership bits, even if a custom provider, unless
you want to build the entire security model yourself.

--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA

Subscribe to my blog
http://gregorybeamer.spaces.live.com/lists/feed.rss

or just read it:
http://gregorybeamer.spaces.live.com/

*************************************************
| Think outside the box!
|
*************************************************


"John Devlon" <Johnd...@hotmail.com> wrote in message
news:OJ6dnawuCoigx57V...@dommel.com...

John Devlon

unread,
Apr 14, 2008, 10:58:58 AM4/14/08
to
Thanx for your respons....

However, I think it's not something I can use...

I've created a navigation system with pictures and placed them in a
table....
Only some rows have to be shown with each role...

Can I show/hide elements like tables and pictures depending on the role?

Thanx

John

"Eliyahu Goldin" <REMOVEALLCAPIT...@mMvVpPsS.org> schreef in
bericht news:eW67QVjn...@TK2MSFTNGP04.phx.gbl...

Eliyahu Goldin

unread,
Apr 14, 2008, 11:11:18 AM4/14/08
to
You can always check what is the role for the current user and set visual
properties for your controls accordingly.

--
Eliyahu Goldin,
Software Developer
Microsoft MVP [ASP.NET]
http://msmvps.com/blogs/egoldin
http://usableasp.net


"John Devlon" <Johnd...@hotmail.com> wrote in message

news:8jKMj.23578$VC1....@newsfe10.ams2...

0 new messages