<system.web>
<authorization>
<allow users="username">
<deny users="*"/>
</authorization>
</system.web>