Contents tagged with roles
I'm implementing ASP.NET roles in a site and using the securityTrimmingEnabled feature so people don't see menu items for pages they're not authorized to visit.
Once I got the roles and restrictions enabled, the entire menu disappeared as if the role had no authorization to see any items. That's security trimming gone wild!
It turns out that this is an issue when you're using a horizontal ASP.NET menu. You usually hide the root node of the sitemap file when using a horizontal menu because a top row with one lonely root item doesn't make sense. (The SiteMapDataSource ShowStartingNode property is set to False.)
The fix was to make sure that every role had access to the (unused) dummy siteMapNode at the root by including roles="*" in web.sitemap shown below:
<?xml version="1.0" encoding="utf-8" ?>
<siteMapNode url="" title="" roles="*" description="">
<siteMapNode url="~/default.aspx" resourceKey="siteMapHome"
title="Home" roles="admin,account" description="" />
Sheesh! Why do I lose time on these silly things? Is nothing ever easy?