Assembly: System.Web (in system.web.dll)
The AuthorizationSection class provides a way to programmatically access and modify the authorization section of a configuration file.
The following code example shows how to obtain the AuthorizationSection object from the configuration file of an existing Web application. You can use this object to access its members. The configuration file will contain a setup similar to the following.
If you use the credentials section, be sure to follow the guidelines explained at ASP.NET Authentication. For scalability and better security capability, it is recommended that you use an external database to store the users' credentials. For more information about building secure ASP.NET applications, search the Microsoft MSDN Web site (msdn.microsoft.com) for "Securing Your ASP.NET Application" and "Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication."
<authorization> <allow users="userName" roles="admin" verbs="post" /> <deny users="*" verbs="post"/> </authorization>
// Get the Web application configuration. System.Configuration.Configuration configuration = WebConfigurationManager.OpenWebConfiguration( "/aspnetTest");