Few days ago, in my company developed a new control to replace the navigation control that appears in the left in SPS. You know, the "CategoryNavigationWebPart" control. Our control looks much better, and has a nice feature: sub-levels. If an area has a child, it´s visible in the control. If the area has a child but the user doesn´t have permission, it´s invisible to him and of course can´t access the area.
We tested and developed the control in our test portal, *but*, when we deployed it into the production server everything worked fine, except the security feature: The area was still visible in the control even if the user doesn´t have access permissions. In fact, if the user click the item menu of this area, the "you don´t haver access permission blah blah" message was displayed. That feature was the main reason of our control.
At first we thought it was a bug, but we checked everything was OK, then we realize that production portal was a SP1 level but our development portal is SP2!.
I wasn´t sure if the SP2 install will fix the error, so I searched for the
changes in SP2 and there is nothing about security. Even if there is nothing about area security en SP2, that was the only difference with our dev portal, so we installed SP2 and guess what? That solved the problem. I still don´t know what is the exact difference between SP1 and SP2 about area security, but if you have a similar problem, please check the portal service pack level.