4 Replies Latest reply on Jul 27, 2012 4:10 AM by Sheng Qu-Oracle

    Navigation Extensibility

      Does the security configuration related to this extensibility secure pages against independent requests or just hide the menu items? I'm trying to figure out if I can use this to integrate security for a custom page with UGM groups.
        • 1. Re: Navigation Extensibility

          In general, if you add your own site to the left hand navigation (in 6.0.0.x and before), the only thing that is protected is the visibility of that item. However, once you punch out to your custom application, you need to double check security yourself.
          • 2. Re: Navigation Extensibility
            Sheng Qu-Oracle
            Hi, Chris,

            Currently, the security profile are role based check for the navigation items.
            As in your custom modules or pages, You can simply use the public API in UserService to do the same thing.

            1 person found this helpful
            • 3. Re: Navigation Extensibility
              How does the application do this or what is the best way to do it? Does the application use a custom role provider or is authorization checking rolled into each page?
              • 4. Re: Navigation Extensibility
                Sheng Qu-Oracle
                Basically, we check the role by the entry of loading object. If you would like to check user's role privilege in your custom classes, please try the flowing APIs.
                //Load user service
                private IUserService UserService
                  get{ return (IUserService)LookupService( typeof(IUserService).FullName ); }
                //Call API
                UserService.UserContext.IsUserInRole( "[NPD_GLOBAL_DATA_MANAGER]" )   //checking role for current user
                UserService.DoesUserHaveRole( <PKID_OF_USER>, "[NPD_ADMIN]" )     //checking role for a specify user