I have two folders one is Administrator folder and another one is Customer folder. Now I want give permissions like Admin role users are able to access both the folders and Customer role users are able to access only Customer folder for that we need to set the condition like this in web.config file.
<configuration>
<location path="AdminFolder">
<system.web>
<authorization>
<allow roles="Admin"/> <!—Allows Admin role Users-->
<deny users="*"/> <!--Deny everyone else Admin role Users-->
</authorization>
</system.web>
</location>
<location path="CustomerFolder">
<system.web>
<authorization>
<allow roles="Admin, Customers"/> <!--Allow users in Admin and Customers roles-->
<deny users="*"/> <!--Deny rest of all-->
</authorization>
</system.web>
</location>
</configuration>
In this way we can allow or deny resources to particular user or role by using authorization in web.config.
Note: Here one thing we need to remember that allow statement always before the deny statement because if we place deny statement first and then allow statement in this situation allow statement properties won’t work.