1

如果没有 securityTrimmingEnabled,菜单显示得很好,但是一旦我打开它,整个菜单就会消失。就像,我在谈论一切,即使是默认页面和那些不需要授权的页面。

这是 Web.sitemap 的代码

    <?xml version="1.0" encoding="utf-8" ?>
    <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
      <siteMapNode>
        <siteMapNode title="Home" url="~/Default.aspx" />
        <siteMapNode title="About" url="~/About.aspx" />
        <siteMapNode title="Suppliers" url="~/Suppliers.aspx" />
        <siteMapNode title="Departments" url="~/Departments.aspx" />
        <siteMapNode title="Management">
          <siteMapNode title="Account" url="~/Account_Employee.aspx" />
          <siteMapNode title="Store" url="~/StoreManagement.aspx" />
          <siteMapNode title="Chain" url="~/ChainManagement.aspx" />
          <siteMapNode title="System" url="~/SystemAdmin.aspx" />
        </siteMapNode>
      </siteMapNode>
    </siteMap>

这是 web.config 中站点授权设置的代码

        <authentication mode="Forms">
            <forms loginUrl="~/Account/Login.aspx" timeout="2880"/>
        </authentication>
        <membership defaultProvider="TestServerMembership">
            <providers>
                <clear/>
                <add name="TestServerMembership" type="System.Web.Security.SqlMembershipProvider" connectionStringName="TestServerConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresUniqueEmail="false" requiresQuestionAndAnswer="false" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0" applicationName="SampleSite" passwordFormat="Hashed"/>
            </providers>
        </membership>
        <profile>
            <providers>
                <clear/>
                <add name="TestServerMembershipProvider" type="System.Web.Profile.SqlProfileProvider" connectionStringName="TestServer" applicationName="/"/>
            </providers>
        </profile>
        <roleManager enabled="true" defaultProvider="TestServerRoleProvider">
            <providers>
                <clear/>
                <add connectionStringName="TestServerConnection" applicationName="/" name="TestServerRoleProvider" type="System.Web.Security.SqlRoleProvider"/>
            </providers>
        </roleManager>
        <siteMap enabled="true">
            <providers>
                <clear/>
                <add siteMapFile="Web.sitemap" name="AspNetXmlSiteMapProvider" type="System.Web.XmlSiteMapProvider" securityTrimmingEnabled="true"/>
            </providers>
        </siteMap>

这是 web.config 中角色设置的代码

 <location path="Default.aspx">
    <system.web>
      <authorization>
        <allow users="*"/>
      </authorization>
    </system.web>
  </location>
    <location path="About.aspx">
        <system.web>
            <authorization>
        <deny users="*"/>
                <allow roles="User"/>
            </authorization>
        </system.web>
    </location>
    <location path="Departments.aspx">
        <system.web>
            <authorization>
        <deny users="*"/>
        <allow roles="User"/>
            </authorization>
        </system.web>
    </location>
    <location path="Suppliers.aspx">
        <system.web>
            <authorization>
        <deny users="*"/>
        <allow roles="User"/>
            </authorization>
        </system.web>
    </location>
  <location path="Account_Employee.aspx">
    <system.web>
      <authorization>
        <deny users="*"/>
        <allow roles="User"/>
      </authorization>
    </system.web>
  </location>
  <location path="StoreManagement.aspx">
    <system.web>
      <authorization>
        <deny users="*"/>
        <allow roles="StoreManager"/>
      </authorization>
    </system.web>
  </location>
  <location path="ChainManagement.aspx">
    <system.web>
      <authorization>
        <deny users="*"/>
        <allow roles="ChainManager"/>
      </authorization>
    </system.web>
  </location>
  <location path="SystemAdmin.aspx">
    <system.web>
      <authorization>
        <deny users="*"/>
        <allow roles="XsiteInternalAdmin"/>
      </authorization>
    </system.web>
  </location>
4

1 回答 1

3

事实证明,当您使用水平 ASP.NET 菜单时,这是一个问题。您通常在使用水平菜单时隐藏站点地图文件的根节点,因为带有一个单独根项的顶行没有意义。(SiteMapDataSource ShowStartingNode 属性设置为 False。)

修复是通过在 web.sitemap 中包含 roles="*" 来确保每个角色都可以访问根目录下的(未使用的)虚拟 siteMapNode,如下所示:

<?xml version="1.0" encoding="utf-8" ?>
<siteMap  enableLocalization="true"
     xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
    <siteMapNode url="" title="" roles="*"  description="">
      <siteMapNode url="~/default.aspx" resourceKey="siteMapHome" 
       title="Home" roles="admin,account" description="" />
<!-----More nodes-->

这里是主要来源。

对于您的代码。

 <?xml version="1.0" encoding="utf-8" ?>
    <siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0">
      <siteMapNode roles="*">
        <siteMapNode title="Home" roles="*" url="~/Default.aspx" />
        <siteMapNode title="About" roles="*" url="~/About.aspx" />
        <siteMapNode title="Suppliers" roles="*" url="~/Suppliers.aspx" />
        <siteMapNode title="Departments" roles="*" url="~/Departments.aspx" />
        <siteMapNode title="Management" roles="*">
          <siteMapNode title="Account" roles="*" url="~/Account_Employee.aspx" />
          <siteMapNode title="Store" roles="*" url="~/StoreManagement.aspx" />
          <siteMapNode title="Chain" roles="*" url="~/ChainManagement.aspx" />
          <siteMapNode title="System" roles="*" url="~/SystemAdmin.aspx" />
        </siteMapNode>
      </siteMapNode>
    </siteMap>
于 2012-05-09T19:51:21.220 回答