I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider.
I want to override logic of checking user to be in a role specified in siteMapNode's property roles:
<siteMapNode url="Add.aspx?type=user" title="Add user" roles="admin" />
How can I do that? Which class's member does XmlSiteMapProvider call to check that if securityTrimmingEnabled="true"?
abatishchev is close but does not provide a clear guidance. Calling base will apply the default asp.net access control rules. If you have custom rules, simply make your decision and return a bool.
public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node)
{
// use the properties of the context and node to determine accessibility.
// only call base if you do not want to apply your custom rules
// return base.IsAccessibleToUser(context, node);
}