Is it possible to block a page from opening using securityTrimmingEnabled=true

StackOverflow https://stackoverflow.com/questions/2899096

문제

I have custom SiteMapProvider and RoleProvider that works together properly: IsAccessibleToUser returns false if current user's role isn't mentioned in SiteMapNode.Roles for page requested.

So breadcrumbs or menu doesn't show an item.

But user still can type now showed URL directly and open a page. How can I block such behavior?

Also I have next Web.config settings:

<authorization>
    <allow roles="Admin,Manager,Client"  />
    <deny users="*" />
</authorization>
도움이 되었습니까?

해결책 

public override bool IsAccessibleToUser(HttpContext context, SiteMapNode node)
{
    var roles = node.Roles.OfType<string>();
    if (roles.Contains("*") || (roles.Count(r => context.User.IsInRole(r)) > 0))
    {
        return true;
    }
    else
    {
        throw new InsufficientRightsException();
    }
}
라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top