Hello All,

I am using forms authentication against active directory and roles using azman. I am able to authenticate users and restrict access to folders based on a user's role. I have an asp:menu which is bound to the Web.sitemap, and I am trying to restrict menu options based on the active users role. When I add set securityTrimmingEnabled=true in my web.config and run the application, no menu options appear, which suggests that the sitemap control is not picking up the role of the current user.

Here are excerpts from my web.config

<siteMap defaultProvider="XmlSiteMapProvider" enabled="true" >

enabled="true"

cacheRolesInCookie="true"

defaultProvider="RoleManagerAzManADAMProvider"

cookieName=".ASPXROLES"

cookiePath="/"

cookieTimeout="30"

cookieRequireSSL="true"

cookieSlidingExpiration="true"

createPersistentCookie="false"

<add name="RoleManagerAzManADAMProvider"

type="System.Web.Security.AuthorizationStoreRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, publicKeyToken=b03f5f7f11d50a3a"

connectionStringName="AzManADAMServer"

</providers>

<deny users="?"/>

</authorization>

  //////////////////////////////////////////////////////////////////////////////////////////////////////////

 Here is my sitemap

<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >

<siteMapNode url="~/Portfolios.aspx" title="Portfolios" description="" />

 </siteMapNode>

 //////////////////////////////////////////////////////////////////////////////////////////////////////////

So, if I login as a user with the "Manager" role, I would expect to see the Feed Status and Portfolios menu options, and if I login as an ordinary user, I would expect to see only the Portfolios menu option. In both cases, I don't see any menu options.

Pointers appreciated!

figured it out i think.

securityTrimmingEnabled works in conjunction with the location tags defined in the web.config. if url location is restricted for the current user, the menu option is hidden.

Use the roles attribute to make nodes with no url visible; in this case, the header nodes.

try this in web.config

<membership defaultProvider="MyProvider" userIsOnlineTimeWindow="25">
			<providers>
				<add name="MyProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="JobDBConnectionString" applicationName="/" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
			</providers>
		</membership>
		<roleManager cacheRolesInCookie="true" cookieName="TaskCookie" cookiePath="/" cookieProtection="None" cookieRequireSSL="true" cookieSlidingExpiration="false " cookieTimeout="60" defaultProvider="TaskRoleProvider" enabled="true">
			<providers>
				<add name="TaskRoleProvider" connectionStringName="JobDBConnectionString" applicationName="/" type="System.Web.Security.SqlRoleProvider"/>
			</providers>
		</roleManager>
		<!--SiteMap Provider-->
		<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
			<providers>
				<add name="XmlSiteMapProvider" description="Default SiteMap provider." type="System.Web.XmlSiteMapProvider" siteMapFile="web.sitemap" securityTrimmingEnabled="true"/>
			</providers>
		</siteMap>