Authenticating and Authorizing a User
Now create an application that allows the user to enter data in it. You work with the application’s web.config file to control which users are allowed to access the site and which users are not allowed.
In this example, the web.config file is configuring the application to employ Windows-based authentication using the element’s mode attribute. In addition, the element is used to define specifics about the users or groups who are permitted access to the application. In this case, the element specifies that all users (even if they are authenticated) are denied access to the application. Not permitting specific users with the element does not make much sense, but for this example, leave it as it is. Below Figure Will show the result.
Any end user who is authenticated or not and tries to access the site will see a large “Access is denied” statement in the browser window.