Control Authorization by Modifying the Web.config File

To restrict access to ASP.NET applications that use forms authentication, edit the <authorization> element in the application’s Web.config file. To do this, follow these steps: 1.Start a text editor, such as Notepad, and then open the Web.config file that is located in the application’s root folder.

Note If the Web.config file does not exist, create a Web.config file for the ASP.NET application.
2.If you want to control authorization for the whole application, add the <authorization> configuration element to the <system.web> element in the Web.config file.
3.In the <authorization> element, add the <allow> configuration element and the <deny> configuration element. Use the users attribute to specify a comma-delimited list of user names. You can use a question mark (?) as a wildcard character that matches any user name. For example, the following code denies access to all users except user1 and user2:

<authorization>
    <allow users="user1, user2"/>
    <deny users="?"/>
</authorization>
4.Save the Web.config file.

Note For more information about configuring directory-specific and file-specific settings, see the References section of this article.

http://asp.net.bigresource.com/如何限制访问一个指定的文件夹gjhYAFCyM.html [ http://forums.asp.net/t/1666926.aspx/1 [ ^ ]
http://***.com/问题/10544276/如何限制访问网页的用户的不同类型 [ ^ ]
^ ]



谢谢，
Ambesha

http://asp.net.bigresource.com/How-to-Restrict-Access-to-an-specified-folder-gjhYAFCyM.html[^]
http://forums.asp.net/t/1666926.aspx/1[^]
http://***.com/questions/10544276/how-to-restrict-access-to-web-pages-for-different-types-of-users[^]
http://weblogs.asp.net/gurusarkar/archive/2008/09/29/setting-authorization-rules-for-a-particular-page-or-folder-in-web-config.aspx[^]



Thanks,
Ambesha

您可以使用ASP.NET授权来限制对文件夹的访问

ASP.NET身份验证和授权 [

You can use ASP.NET Authorization to restrict access to Folder

ASP.NET authentication and authorization[^]

<authorization>
<deny roles="Vendor" />
</authorization>