I'm trying to configure MvcSiteMapProvider
into my project and the MvcSiteMapProvider_SecurityTrimmingEnabled
parameter doesn't seem to work. The keylines of my project are :
MvcSiteMapProvider_SecurityTrimmingEnabled
set to true
When I run the project, every menu is shown, even if the user is not authenticated or is not authorized for the action.
How can I get it to work?
As per the documentation, all configuration must be provided by the DI configuration when using an external DI container. This is primarily due to the fact that when using external DI, the multiplicity of many of the settings could change depending on how it is configured.
So, in other words, MvcSiteMapProvider_SecurityTrimmingEnabled
in web.config/appSettings will have no effect when using external DI.
To supply this setting, you need to use the /DI/Unity/ContainerExtensions/MvcSiteMapProviderContainerExtension.cs
file (the module). Near the top of the file, there is a variable called securityTrimmingEnabled that needs to be set to true to enable security trimming.
bool securityTrimmingEnabled = true;
You can change this file as needed to inject your own implementation of any of the interfaces or to disable many of the built-in features that don't make sense for your application.