Article ID: 815151 - View products that this article applies to.
This step-by-step article describes how to restrict specific users from gaining access to specified Web resources.
Web applications that are based on ASP.NET provide many ways for users to be authenticated and authorized to gain access to resources. The way that you restrict access to resources varies, depending on the authentication method that you use. For example, for an application where you use Microsoft Windows authentication and you enable impersonation, you can use NTFS file permissions for access control. However, for an application where you use forms authentication, you must modify the Web.config file to restrict access. This article describes how to control authorization for both of these ASP.NET authentication methods.
For additional information about how to use NTFS permissions to control authentication and authorization, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/300985/EN-US/ )How To Configure User and Group Access on an Intranet in Windows NT 4.0 or Windows 2000
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/315736/ )How To Secure an ASP.NET Application by Using Windows Security
(http://support.microsoft.com/kb/315588/ )How To Secure an ASP.NET Application Using Client-Side Certificates
(http://support.microsoft.com/kb/815178/ )How To Edit the Configuration of an ASP.NET Application
(http://support.microsoft.com/kb/815179/ )How To Create the Web.config File for an ASP.NET Application
(http://support.microsoft.com/kb/815174/ )How To Make Application and Directory-Specific Configuration Settings in an ASP.NET Application
(http://support.microsoft.com/kb/818014/ )How To Secure Applications That Are Built on the .NET Framework
Article ID: 815151 - Last Review: July 15, 2004 - Revision: 3.4