Configure members and roles for ASP. NET2.0 navigation functions (1)

Source: Internet
Author: User

I. Introduction
In this article, we will discuss ASP. NET 2.0 membership, role and configuration issues. The membership system in ASP. NET provides a programmable API for creating and managing user accounts. The role allows developers to define a group of roles and associate users with roles. Typically, a website providing user accounts has content that is only accessible to some users, authenticated users, or users with specific roles.
For example, a Web site may have a set of pages that allow a trusted user to edit the content of the Web site or manage existing users. It is not a simple attempt to hide the page and it is expected that no one will encounter any trouble when browsing it by accident, or hard-coded authorization, but only allows a single user to use it; A stronger and safer way is to define an administrator role and assign it to a group of trusted users. Finally, these management web pages are further configured to allow only users with Administrator roles to perform access operations. Similarly, the Web site may contain a group of pages that only authenticated users can access.
Since some parts of the site may only be accessible to some users, this makes it difficult for us to establish site navigation. Do we need to include pages that can only be accessed by authorized users on site maps? If we do this, all users will see restricted pages in the menu or Tree View of the site. Why cannot I display links to these pages to users who access them? If we delete these restricted pages from the site map, the authorized users who want to view these pages cannot easily navigate to them because they are not part of the site map, it does not appear in the Tree View or menu of the site!
Fortunately, ASP. NET 2.0 website navigation provides a feature called secure trim. When you use the function that supports Security trim to obtain site map information, only the site map nodes that are currently logged on to have access authorization are available. This means that the site's TreeView or Menu will only contain those parts that can be accessed by the current login user. To learn how to configure site navigation to support secure trim, please read down!
2. Configure ASP. NET 2.0 members and optional roles.
Since the site navigation security trim sets the site map data based on the user accessing the page and the authorization settings defined in the page in the site map, before we can analyze the security trim, you must first configure your Web site to use ASP.. NET 2.0. (You can also configure the site to use the role and use the role-based authorization advantages, but this does not require displaying the Security trim concept .) The detailed discussion on how to configure a site to use members and roles is beyond the scope of this article.
You can use it if you don't want to spend time installing member and role features on a new Web site. Specifically, the Web site that can be downloaded later in this article contains two roles: Administrator and Tester. There are four users:
• Superman is the administrator and tester.
• Admin, whose role is administrator
• Mr. Tester, whose role is a Tester
• Average User, no role
In addition, I have three folders in this project: Admin, Tester, and AuthUsersOnly. The first two folders have been configured to only allow access by users with administrator and tester roles. The AuthUsersOnly folder is restricted only for authenticated users.

3. Configure site navigation for secure trim
By default, secure trim is not used for site navigation. No matter which user is visiting the site and what authorization rules are defined, when each user views site map data through a TreeView or menu Web control, you can see all the parts in the site map. By enabling secure trim, the site navigation system automatically limits the display results based on the currently logged-on user and the authorization on the page referenced by the <siteMapNode> element in the site map.
You can use the following mode to configure site navigation settings through the Web. config file:

<SiteMap defaultProvider = "XmlSiteMapProvider" enabled = "true">
<Providers>
<Add name = "XmlSiteMapProvider"
Description = "Default SiteMap provider ."
Type = "System. Web. XmlSiteMapProvider"
SiteMapFile = "siteMapFileName"
SecurityTrimmingEnabled = "true"/>
</Providers>
</SiteMap>


Recall the discussion in the first part of this series-the site navigation system uses the Provider Model. This model provides developers with some well-defined public APIs, but allows them to customize internal implementation details if needed. By default, the site navigation feature uses XmlSiteMapProvider to retrieve site map information from the XML formatted site map file Web. sitemap. You can use the Web. config file to change the provider you are using or modify the default settings for the default provider.
To customize the settings of the default provider, simply add a new provider-it uses the same type as the default provider (System. Web. XmlSiteMapProvider) to customize the required settings. The code snippet shown above shows the settings for customizing two xmlsitemapproviders:
• SiteMapFile specifies the name of the site map file used by the provider. The default value is Web. sitemap. If you like it, you can customize the file name here. However, I encourage you to ensure that the site map file name ends with the. sitemap extension because the default extension is protected by the ASP. NET engine, thus preventing web visitors from viewing site map files.
• SecurityTrimmingEnabled sets whether secure trim is used. To use secure trim, you can set it to true, as shown above.
That's all! The site navigation system intelligently returns the correct part based on the currently logged-on user and the authorization settings defined for the URL in the <siteMapNode> element.


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.