Hi the concept of authentication and authorization is a familiar one to us. But i have a query. For e.g. there is a website and the admin wants to implement authorization i.e. he wants to restrict few users from accessing some information. So how would he accomplish his idea? As we know authorization of users is done in web.config file of the application; but how does a user/admin edit those details considering the fact that he is a layman to coding stuff. Please help me to solve my doubt. Thank u.