下面的例子里先deny了匿名用户对于_layouts和_vti_bin目录下的所有页面, 然后允许匿名用户访问四个指定的页面.
其中的问号(?)代表着匿名用户.
=================
<configuration> <location path="_layouts"> <system.web> <authorization> <deny users="?" /> </authorization> </system.web> </location> <location path="_vti_bin"> <system.web> <authorization> <deny users="?" /> </authorization> </system.web> </location> <location path="_layouts/login.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location> <location path="_layouts/error.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location> <location path="_layouts/accessdenied.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location> </configuration>
参考资料
================
Locking down Office SharePoint Server sites
http://technet.microsoft.com/en-us/library/ee191479(office.12).aspx