зеркало из https://github.com/mono/mail-archives.git
162 строки
5.2 KiB
HTML
162 строки
5.2 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<TITLE> [Mono-bugs] [Bug 467221] asp.net security trimming / authorization not working
|
|
</TITLE>
|
|
<LINK REL="Index" HREF="index.html" >
|
|
<LINK REL="made" HREF="mailto:mono-bugs%40lists.ximian.com?Subject=%5BMono-bugs%5D%20%5BBug%20467221%5D%20asp.net%20security%20trimming%20/%20authorization%0A%09not%20working&In-Reply-To=bug-467221-28286%40https.bugzilla.novell.com/">
|
|
<META NAME="robots" CONTENT="index,nofollow">
|
|
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
|
|
<LINK REL="Previous" HREF="086986.html">
|
|
<LINK REL="Next" HREF="086992.html">
|
|
</HEAD>
|
|
<BODY BGCOLOR="#ffffff">
|
|
<H1>[Mono-bugs] [Bug 467221] asp.net security trimming / authorization not working</H1>
|
|
<B>bugzilla_noreply at novell.com</B>
|
|
<A HREF="mailto:mono-bugs%40lists.ximian.com?Subject=%5BMono-bugs%5D%20%5BBug%20467221%5D%20asp.net%20security%20trimming%20/%20authorization%0A%09not%20working&In-Reply-To=bug-467221-28286%40https.bugzilla.novell.com/"
|
|
TITLE="[Mono-bugs] [Bug 467221] asp.net security trimming / authorization not working">bugzilla_noreply at novell.com
|
|
</A><BR>
|
|
<I>Fri Mar 13 11:01:43 EDT 2009</I>
|
|
<P><UL>
|
|
<LI>Previous message: <A HREF="086986.html">[Mono-bugs] [Bug 439125] CS0309 with generic methods where constraints have generic parameters
|
|
</A></li>
|
|
<LI>Next message: <A HREF="086992.html">[Mono-bugs] [Bug 485278] New: DataGridView: Accessing OwningColumn Property of a cell from OnRowStateChanged event handler crashed on mono
|
|
</A></li>
|
|
<LI> <B>Messages sorted by:</B>
|
|
<a href="date.html#86987">[ date ]</a>
|
|
<a href="thread.html#86987">[ thread ]</a>
|
|
<a href="subject.html#86987">[ subject ]</a>
|
|
<a href="author.html#86987">[ author ]</a>
|
|
</LI>
|
|
</UL>
|
|
<HR>
|
|
<!--beginarticle-->
|
|
<PRE><A HREF="https://bugzilla.novell.com/show_bug.cgi?id=467221">https://bugzilla.novell.com/show_bug.cgi?id=467221</A>
|
|
|
|
User <A HREF="http://lists.ximian.com/mailman/listinfo/mono-bugs">mmorano at mikeandwan.us</A> added comment
|
|
<A HREF="https://bugzilla.novell.com/show_bug.cgi?id=467221#c3">https://bugzilla.novell.com/show_bug.cgi?id=467221#c3</A>
|
|
|
|
|
|
Mike Morano <<A HREF="http://lists.ximian.com/mailman/listinfo/mono-bugs">mmorano at mikeandwan.us</A>> changed:
|
|
|
|
What |Removed |Added
|
|
----------------------------------------------------------------------------
|
|
Status|RESOLVED |REOPENED
|
|
Resolution|FIXED |
|
|
|
|
|
|
|
|
|
|
--- Comment #3 from Mike Morano <<A HREF="http://lists.ximian.com/mailman/listinfo/mono-bugs">mmorano at mikeandwan.us</A>> 2009-03-13 09:01:43 MST ---
|
|
I still seem to be having an issue with this. I have found a bit more
|
|
information that may be useful to help track this further:
|
|
|
|
It seems like the <location> element in the root web.config is not being
|
|
honored when determining the set of SiteMapNodes to be returned when
|
|
securityTrimming is enabled.
|
|
|
|
I have just tried another test, where I add a web.config to the admin
|
|
directory, to contain the authorization rule. This admin/web.config file looks
|
|
like the following:
|
|
|
|
<configuration>
|
|
<system.web>
|
|
<authorization>
|
|
<allow roles="friend" />
|
|
<deny users="*" />
|
|
</authorization>
|
|
</system.web>
|
|
</configuration>
|
|
|
|
With this configured, the node is properly removed from the resulting set of
|
|
SiteMapNodes, and hence, is not displayed in the navigation (which is driven
|
|
off the default site map provider with security trimming enabled). However, if
|
|
I remove the admin/web.config, the node is not removed, and the navigation link
|
|
to the admin link is presented.
|
|
|
|
The good news is, now the page is truly not accessible - I am getting denied
|
|
access when actually trying to access the admin page, which is great. However,
|
|
the site map node is not properly getting trimmed as it is configured.
|
|
|
|
|
|
Thanks again for all your help,
|
|
Mike
|
|
|
|
--
|
|
Configure bugmail: <A HREF="https://bugzilla.novell.com/userprefs.cgi?tab=email">https://bugzilla.novell.com/userprefs.cgi?tab=email</A>
|
|
------- You are receiving this mail because: -------
|
|
You are the QA contact for the bug.
|
|
</PRE>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!--endarticle-->
|
|
<HR>
|
|
<P><UL>
|
|
<!--threads-->
|
|
<LI>Previous message: <A HREF="086986.html">[Mono-bugs] [Bug 439125] CS0309 with generic methods where constraints have generic parameters
|
|
</A></li>
|
|
<LI>Next message: <A HREF="086992.html">[Mono-bugs] [Bug 485278] New: DataGridView: Accessing OwningColumn Property of a cell from OnRowStateChanged event handler crashed on mono
|
|
</A></li>
|
|
<LI> <B>Messages sorted by:</B>
|
|
<a href="date.html#86987">[ date ]</a>
|
|
<a href="thread.html#86987">[ thread ]</a>
|
|
<a href="subject.html#86987">[ subject ]</a>
|
|
<a href="author.html#86987">[ author ]</a>
|
|
</LI>
|
|
</UL>
|
|
|
|
<hr>
|
|
<a href="http://lists.ximian.com/mailman/listinfo/mono-bugs">More information about the mono-bugs
|
|
mailing list</a><br>
|
|
</body></html>
|