<allow (or <deny) users=”comma-separated list of users” roles=”comma-separated list of roles” verbs=”comma-separated list of verbs” /> Two special identities: * Refers to all identities ? Refers to the anonymous identity Typical scenario, when you need to allow some roles, but not any authenticated users you will write: <allow roles=”someusers, administrators”/> <deny users=”*” /> The order [...]