More in this section

Forums / Developing with Sitefinity / Page/role security

Page/role security

2 posts, 0 answered
  1. Nick Haworth
    Nick Haworth avatar
    20 posts
    Registered:
    18 Jan 2010
    14 Jun 2010
    Link to this post
    Hi,

    We're developing an environment in which 2 membership providers exist: 1 - for CMS administration (Using the Sitefinity provider) and 2 - for website registration (Using ASP net membership).  All works as expected, and I can create users in both providers and successfully log in with each...However, there is a part of our site that I would like to only be available to authenticated members, but access to certain pages within the secure area are further restricted by the role.  IE, I'd like users from role "basic" to be able to view pages 1 and 2, but only users in role "full" to have access to page 3.

    These pages exist within a page group that has "Anonymous access - Deny" (which is therefore inherited by all pages within).  Both "basic" and "full" roles (within the asp net provider) have been granted View permission on all pages, and role "basic" has been set to deny for page 3 (therefore making it solely available to users within role "full").

    When I log in as a user in either role of the asp net provider, the secure pages are not displayed within the sitemenu control.  When I try to access the pages directly from their URL, I am presented with the following error:

    This type of page is not served.

    Description: The type of page you have requested is not served because it has been explicitly forbidden.

    What is the problem?  Do I need to implement a custom sitemap provider / SiteMapDataSource?

    Also, where is "SiteMapDataSource1" created?!

    Thanks!

    Nick
  2. Nick Haworth
    Nick Haworth avatar
    20 posts
    Registered:
    18 Jan 2010
    14 Jun 2010
    Link to this post
    Nevermind - sorted!

    I needed to change the default role provider in web.config.
2 posts, 0 answered