.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Post New Web Links

Sitemap: why can't sub nodes further restrict role access?

Posted By:      Posted Date: September 24, 2010    Points: 0   Category :ASP.Net

I have a menu in my application (created from the sitemap) which I want available to two user roles.  However, there are items on that menu, I want available only to one role or the other.  So I have created the following in my sitemap.

	  <siteMapNode title="My Account" roles="TimeUser, Client" >
		  <siteMapNode title="My Profile" url="~/TimeTracker/ClientUserProfile.aspx" description="" roles="Client" />
		  <siteMapNode title="My Profile" url="~/TimeTracker/EmpProfile.aspx" description="" roles="TimeUser" />
		  <siteMapNode title="Change Password" url="~/TimeTracker/EmpChangePassWord.aspx" description="" roles="TimeUser, Client" />

Essentially, I want employees with the "TimeUser" role to see the "My Profile" link that goes to the EmpProfile.aspx page, but not the link to the client profile page.  However, when an employee logs in, they see both.  I am guessing this may be because the "My Account" node which contains them allows both roles.  Is there a way around this without duplicating the "My Account" node?

View Complete Post

More Related Resource Links

How to restrict folder access to users and theirs only


Hi. I created a web application using "Forms Authentication". 

There is a folder name "uploads", and it creates subfolders as username when they register. Web application stores users' files and images under their folder ("uploads/username")

I tried to find a way to restrict users to download and upload files to their folder only and couldn't find a good one. 

Then I came up with this idea that stores "web.config" file each time user registers and the web.config should look like below. Username will be changed dynamically according to username.

This method actually works but I am little worried if this is a good practice as far as performance wise. Because it'll create web.config files as many as users and there might be other holes that I don't recognize. 

I appreciate any advice or better suggestion for this problem.

--------web.config in "/Root/uploads/username directory"--------------

<location path="HRpages">

Who to restrict access to only one view.

What is the best way to grant access for a user, to select from only one view, not the actual tables?

MDX to read members from "restricted access" role

Is it possible to read list of members from "restricted access" roles? I want an MDX so we can create an exception report for maintance purposes to match this list with some other list. I only need to list what I see when I open "resticted access" role - domains with user names. thank you!

Access SiteMap Provider

Hi I was trying to implement an access sitemap provider by taking this code: http://msdn.microsoft.com/en-us/library/ms178434.aspx Can one use this example without any further codings? In fact my testwebapp didn't work and I don't know now, if the code needs to be modified since I want to have the same kind of a provider as I have with the standard provider (xml file). Thanks for your advice.If you have a link with a fully functional access sitemap provider it would be great too. Patrick 

Permissions:disable controls by roles(access pages too)(dynamically :each new role has special grant

HelloI have an application of many pages of consultation and same time I have a module of adding users by roles and creating accounts by role.(the application is ready but i cant manage the roles)the tutorials that i found are very useful to manage roles but its roles fixed before(administrators,supervisors)(http://www.asp.net/security/tutorials/creating-and-managing-roles-vb) if I add a new role (agent) i want to grant to this new role a new access to pages(different access than admin and supervisor) and disable new controlswhy not using checkbox to every new role checking a field related to databaseis it possible?if yes ,how can i begin?Thanks

Restrict folder access in Report Server

Hi There, I am creating folders each of our end users in Report Server, who upload their reports to their respective folder. I want to allow users to see and access only their folders and they should not be able to see others folders available on the Report Server, it is possible? If Yes, how do I do it? Thanks for your help. Regards, Suresh

restrict access for a single group to a single folder in a list


Hello and Goodmorning,

I have one list, organized with 3 folders.

I can create a group(s), add user(s) to this group(s). 

Now i need to assign access like this:  group1 can only see and 'readonly' folder1, group2 can only see and 'readonly' folder2, group3 can only see and 'readonly'...folder3!

Im sure this is possible, from similar non-programming posts on the forum.

I have been looking into SPRoleAssignment and SPRoleDefinition to define Group permissions but its the mapping them to specific folders that I am missing...

Enjoy your tea.







Menu - Role security not working on second level of sitemap


I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?

From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>


From my config:

    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

Restrict user with sys admin role to execute a query


Hi All


I want to restrict  a user with sys admin server role to execute a query. or is there any possibility to drop the query before it get executed (after parsing). I know i can do this using SSMS SET NOEXEC ON | OFF in Query Analyzer.

But how can i implement this when ever sysadmin user executes a particular query.


Mohd Sufian www.sqlship.wordpress.com Please mark the post as Answered if it helped.

Using , want to restrict access to file .wmv


Hi all,  I want to secure a particular set of files in a folder by role type.  I have the following entry (See below)...I notice this doesn't work (I.e., it doesn't secure the file by Role Type..anyone can access the file).  I've read that I need to map the .WMV extension to the ASp.Net DLL.  Can somebody give me some details on how to do that?  (I'm a newbie).


Thanks in advance.


<location path="media/mymediafile.wmv">
        <allow roles="MediaRole" />
        <deny users="*" />



Restrict access only to the homepage



I want to allow all staff to access only the home page of the department. If I grant read permissions to Domain/Department/SitePages/Home.aspx I can access the landing page using full url, but if click on the department name in the breadcrums or go to Domain/Department/ i get  Error: Access Denied

This is happening because when one goes to Domain/Department/  one is redirected by default.aspx to Domain/Department/SitePages/Home.aspx but I can't grant read access to default.aspx

Do you have any suggestions on how I could accomplish only allowing read access to the home page?


Retrieve all nodes of Sitemap and randomly pick 3.


I'm building a website that uses the SiteMap, employing SiteMap Files for subdirectories.  What I want to do is to randomly pull 3 URLs from the entire sitemap, sans whatever current directory the browser is in.  I've got a root siteMapNode, then several child nodes, one for each subdirectory on the site.

For example, lets say my SiteMap has a root node, then 3 subdirectories named X, Y, and Z (there are actually many more, but this will suffice).  The client has navigated to a page in subdirectory X.  In this case I want to pull 3 random nodes from directories outside X, which would be Root, Y, or Z.  Additionally, I'll want to exclude a few pages, like "Legal" or "Contact".  Then I'll display the randomly selected nodes as links.

I want to get opinions on a clean, efficient way to do this.  Here are 2 approaches I'm considering:

  1. Create a navigation DataSet with a DataTable containing the columns ID, URL, Title, and Description.  Write a method that loads all the SiteMap nodes into an AllNodes navigation dataset, randomly pick 3 of those from that AllNodes set, and return the 3 selected nodes as a navigation DataSet from the method.  To do this I'll need a good example of iterating through all the nodes in a SiteMap.
  2. Leverage a TreeView control that doesn&

Restrict login access to website from specific machine


Not sure if this is the correct forum section but I need to restrict access to my website by physical PC.  When a user signs up I want to be able to restrict access to one machine for that account so it cannot be shared round, if, for example, somebody else in the same office wanted to access the system on their PC they would need a seperate sign in.

I have done some investigation and I "think" the only way is installing an ActiveX component (which isn't an issue that is restricts to IE only) and then read the users MAC address.  Am I trying to over complicate things or is that the only way?  I realise that MACS can be spoofed but this is not much of an issue.


Custom access denied page for role based security


I have implemented role based security in my asp.net 2.0 vb.net application using windows authentication and the windowstokenroleprovider and limiting access to certain pages using the location tag to specific active directory groups.

The issue is that when a user tries to access a page they are not authorized to view it brings up a login prompt and when it does not pass it takes them to the default page that tells them they are not authorized to view the page. I am wondering if there is a way to throw up a custom page that tells them they are not athorized to view the page that I can incorporate into the site itself with the header and so forth? It would be great if this page could come up in lieu of the sign in box popping up as well.


Restrict public access to webservice


I have this Internet web service page(webservice.asmx) being consumed jquery ajax call.

And I am hoping to restrict public request to this webservice other than request from local pages (aspx or jquery ajax call).

The web service checks for form-authentication before it gets executed but I just don't feel comfortable the .asmx page and list of services are viewable.

So users can't just type www.mysite.com/webservice.asmx to access my webservice. 

I'd appreciate any advice about securing web service.

restrict access to views - Secure standalone pages and secure the with IIS?


I need to be able to restrict access to views in a sharepoint list.

I need to create views as a separate page, import the data using a DataView and then secure it with IIS security.

How do I secure the page with IIS?

Restrict SSAS dimension hierarchy to show based on role


I am having an issue that involves SSAS and Sharepoint.  I don't think I can fix the issue in Sharepoint, I think it has to be in my ssas cube.  THe issue is that in sharepoint I have a ssas filter webpart that displays the geography hierarchy based on the role that is defined in SSAS.  So if I have a user that only has permissions to Switzerland than they will see the geography hierarchy as (Region, Sub Region, Area, Country)

All Sales Region


         Eastern Europe



What I want to know is in SSAS can I restrict the hierarchy to only show country if the user belongs to a certain role.  So what I want to basically say is if the user belongs to SSAS_CH then the hierarchy should just show Switzerland, not All Sales Region > Europe, etc....

Can this be done?


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend