CODEWITHSUNDEEP
asp.netweb-configauthorizationroleprovider
Nyla Pareska
Nyla Pareska

Reputation: 1375

Difference between Roles.GetRolesForUser and Roles.Provider.GetRolesForUser?

I am using Windows authentication and don't have a custom membership. However I do have a custom role provider and turned it on. However, what about the < authorization /> element in the web.config? Do I need to do something with that as well?

At the moment I can't get use Roles.GetRolesForUser("") method (returns nothing) but have to do it like Roles.Provider.GetRolesForUser("")?

The biggest problem is with the sitemaps as it doesn't get into the Roles.IsUserInRole method. For the moment I am using a custom xmlsitemapprovider for this but it isn't neat.

I enabled the rolemanager and the set the securitytrimmingenabled to true for the sitemap in the web.config.

Upvotes: 1

Views: 2465

Answers (1)

Dan Diplo
Dan Diplo

Reputation: 25359

Yes, you need to configure your custom Roles provider in web.config - something like this:

<roleManager enabled="true" defaultProvider="SqlRoleManager">
  <providers>
    <add name="SqlRoleManager" 
         type="System.Web.Security.SqlRoleProvider"
         connectionStringName="SqlRoleManagerConnection"
         applicationName="MyApplication" />
  </providers>
</roleManager>

You should also set security trimming to true, too. eg.

<siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
    <providers>
      <add name="XmlSiteMapProvider"
        description="Default SiteMap provider."
        type="System.Web.XmlSiteMapProvider "
        siteMapFile="Web.sitemap"
        securityTrimmingEnabled="true" />
    </providers>
  </siteMap>

Upvotes: 1

Related Questions