The Following Scenario expalin clearly about Authentication and Authorization
Authentication is the process to validate the user's credentials. After the identity is authenticated,the next process called authorization.
The web application may have multiple users and need access to a system in order to do specific tasks. Each user would have a specific role and responsiblities according to the nature of job and security level.
In a web.config file the code as follow as
<deny users="?" />
<!-- Allow all users -->
code for specific pages and role.
location means the folder name which holds the .aspx page
<allow roles="ADMIN" /><deny users="*" /> means deny every users from accessing the pages except ADMIN.
<allow roles="Admin" />
<deny users="*" />
further details code visit:
Priya, if this helps please login to Mark As Answer. | Alert Moderator