<?xml version="1.0" encoding="utf-8"?> <configuration> <authorization> <allow roles="admin" /> <deny users="*" /> </authorization> </configuration>