.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Easy Web
Imran Ghani
Post New Web Links

Menu - Role security not working on second level of sitemap

Posted By:      Posted Date: September 24, 2010    Points: 0   Category :ASP.Net
 

I have role assignments on both the first and second level of my menus within my sitemap file.  The first level works fine, and I only see items assigned to my role.

But roles assignments seem to have no effect on the second level.  It seems like if you have access to the first level, you have access to everything on the second level.

Is this correct?


From my sitemap (either a SalesRep or an Administrator can see everything underneath):

    <siteMapNode title="Administration" roles="SalesRep,Administrator" description="Admin" >

      <siteMapNode title="CompanyMaintenance" roles="SalesRep" url="~/Admin/CompanyManagement.aspx" />

      <siteMapNode title="Initialize Roles" roles="Administrator" url="~/Admin/Roles.aspx"/>

    </siteMapNode>

From my config:



    <roleManager enabled="true" defaultProvider="SqlRoleProvider">

View Complete Post


More Related Resource Links

Problem making Role based Menu in MVC application

  

Hi,

 I want to make Rolebase menu in MVC such that if user doesnot have permission for some action then that Action name shouldnot be shown in the Menu.

 I have used the code in the url(http://forums.asp.net/t/1566328.aspx) in my MVC application.My application is a Discussion Forum(in MVC) same functionality as in this forum forums.asp.net

 I have used Controllers for post, thread etc.In each controller there are some actions that are using [Authorize(Roles)] attribute

 but this coding does not count  those Actions in Controllers having Authorize attribute according to the url http://forums.asp.net/t/1566328.aspx 

 In the code, Authorize attribute is applied to Controller class, but my requirement is of Applying Authorize attribute to some actions in controller so that some are available for all users and  some links are available rolewise.Now what is the solution for that?

 

Regards

Authorize It: Use Role-Based Security in Your Middle Tier .NET Apps with Authorization Manager

  

Authorization Manager in Windows Server 2003 represents a significant improvement in the administration of role-based security, making it more scalable, flexible, and easier to implement. Using Authorization Manager, you can define roles and the tasks those roles can perform. You can nest roles to inherit characteristics from other roles, and you can define application groups. In addition, Authorization Manager lets you use scripts to modify permissions dynamically, and it allows you to wrap your security logic in a security policy that can be stored in Active Directory. Authorization Manager also includes an easy-to-use API for running access checks. The author discusses all of these topics and demonstrates them with a working sample.

Keith Brown

MSDN Magazine November 2003


Secure It: WS-Security and Remoting Channel Sinks Give Message-Level Security to Your SOAP Packets

  

As more organizations adopt XML-based Web Services, the need for message-level security has become evident. WS-Security, now supported in the Microsoft .NET Framework, addresses this need. Using the WS-Security framework, developers can implement channel sinks to intercept Remoting messages as they pass through the .NET Remoting infrastructure. The sink can read the message, change it, and pass it along. During this process, the message can be signed for added security. This article explains how to implement a Remoting channel sink that will modify the Remoting message by including a UserName token in the header, then sign the body using the token.

Neeraj Srivastava

MSDN Magazine November 2003


Security: Unify the Role-Based Security Models for Enterprise and Application Domains with .NET

  

Role-based security allows administrators to assign access permissions to users based on the roles they play rather than on their individual identities. These privileges can be used to control access to objects and methods, and are easier to identify and maintain than user-based security. The .NET Framework provides two role-based security models, which are exposed as two namespaces: System.Enterprise-Services and System.Security.Permissions. Presented here is a comparison of the two options and a discussion of when each is the right choice. The author also demonstrates the process involved in setting up access security and discusses role memberships.

Juval Lowy

MSDN Magazine May 2002


ASP.NET 4.0 Menu Top Level selected item style

  

I want to apply a css class to the level 1 menu item (parent) when it or any or it's children are selected.

I've looked at MSDN documentation and any number of examples and walkthroughs but I haven't come up with a way of managing this. I was thinking something like this might work but the style is not being applied to the parent. To further complicate matters, if I try to apply a css style to StaticSelectedStyle it doesn't pick it up at all.

Menu Markup:

<StaticSelectedStyle  Font-Bold="True" ForeColor="#3333CC" />

Code Behind:

        protected void MenuItemClick_NavMenu(Object sender, MenuEventArgs e)

        {

            MenuItem parentItem = e.Item.Parent;

            if (parentItem != null)

            {

                parentItem.Selected = true;

            }

        }


Web Part working fine on the top-level page but 'Not Safe' error on lower-level pages.

  
Hi,

I have created a Web Part which reads and parses the SharePoint logs in order to display usage information of the page it resides on.  The Web Part works perfectly on the top page, reading and displaying the information desired.  However, once the Web Part is added to any page lower in the site heirarchy (sub-page) the same Web Part throws the following error:

Error 
 
Web Part Error: A Web Part or Web Form Control on this Page cannot be displayed or imported. The type could not be found or it is not registered as safe.

Show Error Details
Hide Error Details

[UnsafeControlException: A Web Part or Web Form Control on this Page cannot be displayed or imported. The type could not be found or it is not registered as safe.]
  at Microsoft.SharePoint.ApplicationRuntime.SafeControls.GetTypeFromGuid(Guid guid)
  at Microsoft.SharePoint.WebPartPages.SPWebPartManager.CreateWebPartsFromRowSetData(Boolean onlyInitializeClosedWebParts)
 


Of course the current version of the Web Part is in the SafeControls list on the web.config.

The Web Part was originally designed to return site activity only for the top default.aspx page and worked fine but started to fail in the manner described above once I added the following line of code to return a SPCo

Getting filtered data from Role based SSAS security

  
Hi everyone,I've got a heap of reports that are based on various SSAS cubes. I have roles defined on these cubes that restrict data via certain dimensions. Question is, will these restrictions filter through to the report...ie, if I have a sales person restricted in the SSAS cube to only see sales against their territory (restricted in the Territory dimension), when they run the report will it filter the result based on their SSAS credentials and only show the data they have access to (even though the SSRS report has no direct filters or parameters applied)?Cheers for any help!!

asp:Menu submenu hover/expansion + HTTPS = Security Information Popup

  
Hello,I have a an asp:Menu with a datasource and the page is being accessed by https. If I hover over one of the menu items that has a subitem I get this popup.Here is my code,//asp <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Test.aspx.cs" Inherits="UI_Common_Test" %> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head runat="server"> <title></title> </head> <body> <form id="form1" runat="server"> <div> <asp:Menu ID="Menu1" runat="server" DataSourceID="dsSiteMap" Orientation="Vertical" StaticDisplayLevels="2"> <DataBindings> <asp:MenuItemBinding DataMember="SiteMapNode" TextField="Title" /> </DataBindings> </asp:Menu> <asp:SiteMapDataSource ID="dsSiteMap" runat="server" SiteMapProvider="Public" /> </div> </form> </body> </html> //cs using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI;

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

Report Level Security in SSRS using Tsql

  
So i am Brand new in this area i have developed reports before and deployed them but never got an oppurtunity to work on security and who gets to see what.. Purpose of the view is thats what im thinking..   We have a reports database has 100 reports . What we are trying to do is have a faster way to manage report subscriptions. The tables i have is Analysts, SalesRep,SalesRepSubs and dbo.users.Dbo users are our web portal users where they can view reports. I want to create a table in which every report is viewed per security level. We have 6 layers of security layer 1 is lowers to layer 6 being highest. This is the relationship between tables Salesrep(SRID PK) Salesrep_sub (SRID_SUBID PK) Analysts : (AnalystIDPK) Users: The Table has all Users who are Salesrep,Sales Repsub and Analysts)(PKID PK) and we have cols SRID, SRID_SUBID & AnalystID) in this table. use Pricing go Alter View dbo.User_Access   AS select S.SR_name,u.SRID,sr.SRsub_name,u.SRID_SubID,U.Userid,u.username,u.Email, u.SecurityLevel,a.AnalystID from dbo.Users u join tbl_Analyst a on a.AnalystID=u.UserID join tbl_SalesRep s on s.SRID=u.SRID Join tbl_SalesRep_Sub sr on sr.SRID_SubID=u.SRID_SubID My question is what do i do next? Add this view to Report server? or how can i make it functionl?????????FM

asp.net,c#,user role and rights,menu

  
hi friendsi want to develope general code or module or structure of web application wich handle multiple user ,their role and right, and according to their rights and role menu will be display.so i can integreate it in any website. kindly provide me solution for asp.net 3.5,C# working environment, and sqlserver 2005 environment.what is the structure for database? i want only one database not asp.net database. can i make login control type assembly(dll)?how?Thanking you 

Why is it so hard to get the security working with MySQL?

  
I have some problems to get the security to work under MySQL. When I go to the ASP.net configurator it isn't possible to get to the tab "security". I get the following error : Unable to initialize provider. Missing or incorrect schema.So I searched on google. There 're thoussand of people who have/had the same problem, BUT there is nobody who can give me the right answer. Why? Is it so hard to get MySQL working in ASP.net?What where the things to do:Set autogenerateschema to "True"',Set the following ddl in the bin directory --> MySql.Data.dll and MySql.Web.dll,Use the MySql Website configurator,and I tried different connectionstrings (yeh that is possible, I was also suprised) to get to the same database.So is there maybe someone at this forum who can give me the answer for what I can do to tackle this one?Thnx.

security top total and current level

  
the locig of data is Country 1 - City1 - Company1 -> Nett Income Country 1 - City1 - Company2 -> Nett Income Country 1 - City1 - Company3 -> Nett Income                                                  Total Income   How can i achive the following logic  - the user (role) Company2 have to see only Total for City 1 (Company1+Company2+Company3), just total and Country 1 - City1 - Company2 -> Nett Income I can use dimension data and check Country 1 - City1 - Company2 but in this case he/she can't see totals for City 1 any ideas ?  

How to Provide Security at User level base in asp.net for certain pages

  
 Hi I have a site We have different Pages under one folder. we have stored these pages information in a database table with pageid. Then we have User access table. there we store userid and pageid , for which pages user has access. Now I need to provide access to that pages only . What to do. Could you please provide answer asap.   Thanks  

Transport level security with netTcpBinding

  
Does service and client need to be part of domain with netTcpBinding endpoint configured to used Transport security mode with Certificate based client credential type and protect level set to EncryptAndSign <bindings> <netTcpBinding> <binding name="CertificateWithTransport" maxBufferPoolSize="100000000" maxBufferSize="100000000" maxReceivedMessageSize="100000000" portSharingEnabled="true"> <readerQuotas maxDepth="100000000" maxStringContentLength="100000000" maxArrayLength="100000000" maxBytesPerRead="100000000" maxNameTableCharCount="100000000" /> <security mode="Transport"> <transport clientCredentialType="Certificate" protectionLevel="EncryptAndSign"/> </security> </binding> </netTcpBinding> </bindings> Thanks      -= JL =-

SSRS custom security extension behind a router fire wall not working

  
I have a instance of SSRS 2008 installed (we are not using IIS) with custom security extension which accepts a application user ID and password and sends back a sql authorization cookie back to client for logging into SSRS.  The (SSRS) server is behind a router,  SSRS is configured on port 81,  Port 81 in router if forwarded to the SSRS server. Here is the problem If I am inside the router firewall (RDP'ed to the machine) I am able to access report server (http://xx.xxx.xxx.xx:81/ReportServer) and reports manager (http://xx.xxx.xxx.xx:81/Reports) without any issues. If  am outside the firewall and try to go to report server page (http://xx.xxx.xxx.xx:81/ReportServer) from browser and try to login it works (I am getting the cookie back and authentication goes through fine).   But if I try to access reports manager (http://xx.xxx.xxx.xx:81/Reports) the login page shows up when I enter user ID and password and hit enter to authenticate it comes back to the login screen (I am not gettint the cookie back from SSRS). Any help is highly appreciated on how to debug /fix this issue. Note : if I first login to Reportserver (which sends the cookie back) and in the same session I login to Reports Manager I am able to get into Reports Manager page since I got the cookie when I logged in to reports server page already.  When I

asp menu working fine in the dev environment but not on server

  
Hi guys,        I am sorry to be asking what is probably a really stupid question, but i have a problem with my asp menu, when i run it on my dev machine(thru vs2010) it works perfectly, all the menu's are displayed correctly with the correct child items in the correct order but when i publish it to the server all the menu items become flat and take up the whole page. I am populating the menu using a reentrant function as follows to call the function and add the menus i am using Dim childMenuItems As List(Of MenuItem) = CreateMenuLevel(0, uniquemenulist)childMenuItems.ForEach(Sub(n) NavigationMenu.Items.Add(n)) Public Function CreateMenuLevel(ByVal parentId As Integer, ByVal menulist As List(Of MenuList)) As List(Of MenuItem)        Dim menuItems As New List(Of MenuItem)        For Each menuListItem As MenuList In menulist.Where(Function(n) n.ParentId = parentId)            Dim MenuItem As New MenuItem            If (Not String.IsNullOrEmpty(menuListItem.PagePath)) Then                MenuItem.NavigateUrl = menuListItem.PagePath           
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend