How to deny users in ASP.NET application to some path.

ASP.NET based solution has the web.config file in the root Web directory with the rich set of opportunities.

If you need to deny all the users except admin group to some location you could add next

< location path ="Admin" >
     <system.web>
           <authorization >
                <allow roles = "Admin" />
                <deny users = "*" />
          </authorization >
     </system.web>
</ location>

If you need to grant anonymous access to Extras/Services folder on some Forms or Windows based authorizated application

< location path ="Extras/Service" >
     <system.web>
           <authorization >
                <allow users = "*" />
          </authorization >
     </system.web>
</ location>