August 29th, 2010

Custom role provider based sitemap navigation in asp.net

Object: Most ASP.NET Applications implement roles to deal with role permissions and security. Sometimes, it is required to keep existing database structure to manage Roles. So, custom role provider is used for this. Here are the steps to implement navigation based on the custom role provider.


Step1:
Right click on Project in solution explorer > Add New Item > Select Class and Give Name CustomRoleProvider.cs. Click OK for App_Code folder if it is not created.

Step2:
Inherit class with : RoleProvider. See following:

Custom Role Provider ASP.NET

click on “Implement abstract class ..” option.
Now implement GetRolesForUser method.

public override string[] GetRolesForUser(string username)
   {
       string[] ret = null;
//        … Get Roles for a user logic here…
//   I  have implemented logic to get roles from database.

       return ret;
      
   }

Step 3:
Implement RoleManager and Authentication in web.config

<roleManager enabled="true" defaultProvider="CustomRoleProvider" cacheRolesInCookie="false">
       <providers>
         <clear/>
         <add applicationName="/" name="CustomRoleProvider" type="CustomRoleProvider" />
       </providers>
  </roleManager>

     <authentication mode="Forms">
       <forms defaultUrl="Default.aspx" loginUrl="~/login.aspx" slidingExpiration="true" timeout="20">
       </forms>
     </authentication>
     <authorization>
       <deny users="?" />
     </authorization>


Step4:

In login page, On submit button click

if (. . . .username and password are okay. . . .)
       {
           FormsAuthentication.RedirectFromLoginPage(userName, false);    
       }

Step 5:
Add web.sitemap in your app.

<?xml version="1.0" encoding="utf-8" ?>
<siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" >
 <siteMapNode url="" title="Home"  description="" roles="*">
   <siteMapNode url="~/Default.aspx" title="Main Default"  description="" roles="*" />
   <siteMapNode url="~/Admin/Default2.aspx" title="Admin Default"  description=""  roles="admin" />
   <siteMapNode url="~/Dealer/Default2.aspx" title="Dealer Default"  description=""  roles="dealer" />
 </siteMapNode>
</siteMap>

For securityTrimmingEnabled, add sitemap in web.config.

<siteMap defaultProvider="AspNetXmlSiteMapProvider" enabled="true">
     <providers>
       <clear />
       <add name="AspNetXmlSiteMapProvider"
    type="System.Web.XmlSiteMapProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
    siteMapFile="web.sitemap"
    securityTrimmingEnabled="true"  />
     </providers>
   </siteMap>

Step6:
In the sample, I used Admin folder for admin role and Dealer folder for dealer role.

custom role navigation

So,Add location tag for this:

<location path ="Admin" >

   <system.web>

     <authorization>

       <allow roles ="admin"/>
       <deny users="*"/>
     </authorization>

   </system.web>

 </location>
 <location path ="Dealer" >

   <system.web>

     <authorization>

       <allow roles="dealer" />
       <deny users="*"/>
     </authorization>

   </system.web>

 </location>

Step7:
Add SiteMapDataSource and menu control in masterpage for navigation. Select SiteMapDataSource as a menu datasource.

<asp:SiteMapDataSource ID="SiteMapDataSource1" runat="server"
                   ShowStartingNode="False" />
       <asp:Menu ID="Menu1" runat="server" DataSourceID="SiteMapDataSource1">
       </asp:Menu>

Step8:
Run your app, you will see by default, in menu “Main Default” link appears. When you login with admin then you will get “Admin Default” option and “Dealer Default” for dealer login.

Enjoy this.

  • Santosh Impossible

    Hi,

    I am currently using ADFS authentication mechanism to authenticate the user. In that case I am setting authenticationmode as None instead of forms authentication. After the user loggedIn successfully the claims object will provide the role data associated with the loggedIn user so in that case how the sitemap roles attribute will be able to pick up the role from the claims object. Can you explain me how the securityTrimmingEnabled property will be used.

    I tried a lot but was not able to get solution for the above scenario. Could please provide some code sample and help regarding the above mentioned issue.

    Thanks & Regards,
    Santosh Kumar Patro

  • ank

    Thanks, this helped me to resolve my problem

  • KevinDeus

    Hey Thanks TechBrij, This really helped me understand how to connect up a custom role provider. This is a really clear and concise set of instructions. :)