<authorization mode=windows/> <allow users="*"/> <!-- Allow all users --> <!-- Allow or deny specific users. allow users="[comma separated list of users]" roles="[comma separated list of roles]"/> <deny users="[comma separated list of users]" roles="[comma separated list of roles]"/> --> </authorization>
<authorization mode=windows/>
<allow users="*"/> <!-- Allow all users -->
<!-- Allow or deny specific users.
allow users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
<deny users="[comma separated list of users]"
roles="[comma separated list of roles]"/>
-->
</authorization>
<location path="admin">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location> //允许所有人访问Index.aspx
<location path="Index.aspx">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
//必须验证后才能访问Index.aspx
<location path="Index.aspx">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
//如果访问收限的页面同时没有验证的话转入Validate.aspx页
<authentication mode="Forms">
<forms name="Form1" loginUrl="Validate.aspx" protection="All" timeout="20" path="/" />
</authentication>
//允许访问说有的页面
<authorization>
<allow users="?" />
<!--
<allow users="*" /> 允许所有用户
<allow users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
<deny users="[逗号分隔的用户列表]"
roles="[逗号分隔的角色列表]"/>
-->
</authorization>