How to get the sitemapprovider/menu to work

Topics: Web Client Software Factory, Project Management Forum, UIP Application Block discussion, User Forum
Jun 26, 2007 at 12:58 PM
Hi!
I am a newbie to WCSF and am struggling with getting the grasp of all of it. I really miss a lot of hands-on examples of implementations. I hope this will be available when the product is really taking off.

Here is my problem:

I have a web using windowsauthorization. Based on the users group membership, I want to adjust the navigation menu located in the master page.(There is an Admin entry which should be invisible unless you're member of a special group). I am quite confused about how this is done. I thought I had to write code to check with AD but have been told that this is premade and presented by objects.

I have also a notion that the main config.web should be edited and also the web.config of the Admin UI. Do I also have to fiddle around with the Admin module (AdminController.cs / AdminModuleInitializer.cs)?


I'll be happy for any comment and hope that someone will point me in the right direction.


:-))
Dec 13, 2007 at 7:37 PM
Hi.

  • First, you must define the authorization rules for your application in the securityConfiguration section of your application configuration file:
<securityConfiguration defaultAuthorizationInstance="RuleProvider" defaultSecurityCacheInstance="">
     <authorizationProviders>
          <add type="Microsoft.Practices.EnterpriseLibrary.Security.AuthorizationRuleProvider, Microsoft.Practices.EnterpriseLibrary.Security, Version=3.1.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" name="RuleProvider">
               <rules>
                    <add expression="R:Administrator" name="AllowAccessTransfers" />
               </rules>
          </add>
     </authorizationProviders>
</securityConfiguration>

  • Now, open the Web.config file located in the module folder of the DevelopmentWebsite site, and then add the rule nodes to the compositeWeb/authorization element:
<authorization>
     <rule Url="~/EFT/Default.aspx" Rule="AllowAccessTransfers" />
     <rule Url="~/EFT/LastTransferView.aspx" Rule="AllowAccessTransfers" />
</authorization>
Adding this XML restricts access to the module Web pages to users for which the evaluation of the AllowAccessTransfers rule returns true.

  • Finally, to add a node to the site map, you use the AddNode method of the ISiteMapBuilderService:
protected virtual void RegisterSiteMapInformation(ISiteMapBuilderService siteMapBuilderService)
{
                SiteMapNodeInfo moduleNode = new SiteMapNodeInfo("EFT", "~/EFT/Default.aspx", "EFT");
                siteMapBuilderService.AddNode(moduleNode, "AllowAccessTransfers");
 
                SiteMapNodeInfo transfersViewNode = new SiteMapNodeInfo("LastTransferView", "~/EFT/LastTransferView.aspx", "Transfers");
                siteMapBuilderService.AddNode(transfersViewNode, moduleNode, "AllowAccessTransfers");
}

For a complete sample, you can download the Hands-on Labs for WCSF June 2007 (Lab 06 - Authorization)

Thanks.

Sebastian Iacomuzzi
http://staff.southworks.net/blogs/siacomuzzi
Dec 19, 2007 at 8:34 PM
You might also consider 3 more things in this regard... 1) register the permission in the moduleintializer.cs 2)create a denied access page 3)remember your namespace references :)


You must also register the permission with the module. While still in the moduleinitializer.cs file...

protected void RegisterRequiredPermissions(IPermissionsCatalog permissionsCatalog)
{

// Register the roles allowed to use this module

Action allowAccessPermissions = new Action("Allow access to this page", Permissions.AllowAccessSystemAdminDefaultView);List<Action> actions = new List<Action>();
actions.Add(allowAccessPermissions);

ModuleActionSet set = new ModuleActionSet("SystemAdmin", actions);
permissionsCatalog.RegisterPermissionSet(set);

}

All that remains is to add the error page. In the System.web section of the root web.config file add a custom errors section. This is the page where users will be directed if they attempt to access the page directly in the address bar, even after you have removed the reference via the moduleinitializer.cs file.

<customErrors mode="On">
<error statusCode="403" redirect="~/Errors/AccessDenied.htm"/></

customErrors>


You should also be sure to include the necessary namespaces in your ModuleInitialization file.

Namespaces

using MyProject;using MyProject.ProjectManagement.SystemAdmin.Constants;

using System;

using System.Collections;

using System.Collections.Generic;

using System.Collections.Specialized;

using System.Text;

using Microsoft.Practices.CompositeWeb;

using Microsoft.Practices.CompositeWeb.Interfaces;

using Microsoft.Practices.CompositeWeb.Services;

using Microsoft.Practices.CompositeWeb.Configuration;

using Microsoft.Practices.CompositeWeb.EnterpriseLibrary.Services;

using Microsoft.Practices.CompositeWeb.Authorization;


DrNansen wrote:
Hi!
I am a newbie to WCSF and am struggling with getting the grasp of all of it. I really miss a lot of hands-on examples of implementations. I hope this will be available when the product is really taking off.

Here is my problem:

I have a web using windowsauthorization. Based on the users group membership, I want to adjust the navigation menu located in the master page.(There is an Admin entry which should be invisible unless you're member of a special group). I am quite confused about how this is done. I thought I had to write code to check with AD but have been told that this is premade and presented by objects.

I have also a notion that the main config.web should be edited and also the web.config of the Admin UI. Do I also have to fiddle around with the Admin module (AdminController.cs / AdminModuleInitializer.cs)?


I'll be happy for any comment and hope that someone will point me in the right direction.


:-))