We are using Forms Authentication for our website. For the sandbox version I would like to add Windows Authentication so that only authenticated users can access the site. Here is what I have done.
1. Disabled Anonymous Access
2. Setup a Windows user account that is mentioned in the web.config file under the allow users
3. Deny users is equal to *
4. When someone tries to load the site it prompts for the user name and password. However the user is not allowed to go to any other page on the site.