Windows Authentication allow users not working

Question

I am trying to use windows authentication for my application, for the testing I have tried allowing to only myself and deny all rest

<authentication mode="Windows" />
<authorization>
    <allow users="DomainName\nogariyap" />
    <deny users="*"/>
</authorization>

But it gives me "Access Denied" error even I am logged in to my machine with the same user "DomainName\nogariyap"

When I change it to this

<allow users="*" />

it works

I don't know why it is not working for particular windows user?

Edit

It strangly worked when I added this in system.webServer

   <security>
        <authentication>
            <windowsAuthentication enabled="true" />
            <anonymousAuthentication enabled="false" />
        </authentication>
        <authorization>
          <remove users="*" roles="" verbs="" />
          <add users="DomainName\nogariyap" accessType="Allow"/>
          <add users="?" accessType="Deny"/>
        </authorization>
    </security>

But I don't know why it is not working with the settings in system.web and what are the difference in these two settings?

Answer 1

<system.web> is the projects configuration and <system.webserver> is the server configuration. Both should be compatible but the recommendation seems to be to use the server configuration over the other. It was introduce on IIS7. Some of the differences between both are:

• In system.webserver the order:
  • Deny rules get evaluated first starting at the parent
  • Allow rules starting at the parent.
  • Order of appearance in rule collection

• In system.web the order:
  • Lower level first going up to the parent
  • Order of appearance in rule collection

• In webserver you can apply rules to any element meaning: images, documents without further configuration(adding mapping between every extension you want to a handler)