<configuration>
  <system.web>
    <authentication mode="Forms">
        <forms name=".ASPXUSERDEMO" loginUrl="login.aspx" protection="All" timeout="60" />
    </authentication>
    <authorization>
        <deny users="someone@www.contoso.com" />
        <deny users="?" />
    </authorization>
    <globalization requestEncoding="UTF-8" responseEncoding="UTF-8" />
  </system.web>
</configuration>
