Now you should be able to view the three protected pages.
Figure 5: Tito Can Visit the Note When specifying URL authorization rules – for roles or users – it is important to keep in mind that the rules are analyzed one at a time, from the top down.
The Login View control, which renders different output for authenticated and anonymous users, can be configured to display different content based on the logged in user's roles.
And the Roles API includes methods for determining the logged in user's roles.
The good news is that the tools at our disposal for applying authorization rules work equally well with roles as they do for user accounts.