I used this for login:
FormsAuthentication.SetAuthCookie("admin", false);
and used this web.config file for this folder:
<pre lang="xml">="1.0"
<configuration>
<appSettings/>
<connectionStrings/>
<system.web>
<authorization>
<allow users="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</configuration>
But it only restricts access to *.aspx files