Authorizing by Role : Authorization « Authentication Authorization « ASP.NET Tutorial






When creating authorization rules, you can authorize by user role. 
File: SecretFiles\Web.Config

<configuration>
    <system.web>

      <authorization>
        <allow roles="Administrator"/>
        <deny users="*"/>

      </authorization>

    </system.web>
</configuration>








21.2.Authorization
21.2.1.Configuring Authorization
21.2.2.Assign a particular username, or comma-delimited list of usernames, to the deny element
21.2.3.Authorizing by Role
21.2.4.Authorizing Files by Location
21.2.5.Use the location element to apply configuration settings to a particular subfolder