As soon as you have configured users and roles, by following approach described in the article How to create users and roles for Role-Based authorization in ASP.NET, you need to configure the authorization rules for your application. You can establish these rules by configuring the appropriate <authorization> sections in the different directories of your application. You should click one of the links in the Add New Access Rule section on the Security tab, as shown in the next picture.
Configuring access rules with the WAT