A brief analysis of web.config documents in asp.net

Asp.net|web First, web.config documents

The Web.config file is an XML text file that stores configuration information for ASP.net Web applications (such as the most common settings asp.net the way the Web application is authenticated) and can appear in every directory in the application. When you create a new Web application via vb.net, a default is automatically created in the root directory by default
Web.config files, including the default configuration settings, all subdirectories inherit its configuration settings. If you want to modify the configuration settings for subdirectories, you can create a new Web.config file in the subdirectory. It can provide configuration information in addition to the configuration information inherited from the parent directory, or you can override or modify the settings defined in the parent directory.

Modifications to the Web.config file at run time do not require a restart of the service to take effect (note: section exception). Of course, Web.config files can be extended. You can customize the new configuration parameters and write configuration section handlers to process them.

Ii. web.config configuration file (default configuration settings) All of the following code should be located in the

And

, for learning purposes The following example omits this XML tag

1, section

Role: Configure ASP.net authentication support (for Windows, Forms, PassPort, none four). This element can only be declared at the computer, site, or application level. The element must be used in conjunction with the section.

Example:

The following example configures the site for forms-based authentication, and the page automatically jumps to the landing page when no logged user accesses the page that requires authentication.

where element loginurl represents the name of the landing page, name means the cookie name

2, section

Role: Controls client access to URL resources (such as allowing anonymous users to access). This element can be declared at any level (computer, site, application, subdirectory, or page). Must be used in conjunction with the section.

Example: The following example prohibits access for anonymous users

Note: You can use User.Identity.Name to get the current user name that has been validated;
Web. The Security.FormsAuthentication.RedirectFromLoginPage method redirects the authenticated user to the page that the user has just requested. For specific examples please refer to:

Forms Validation http://www.fanvb.net/websample/dataauth.aspx

3, section

Role: Configure all compilation settings used by asp.net. The default Debug property is "true". You should set it to True after the program compilation has been delivered and used (in the Web.config file for detailed instructions, omit the example)

4,

Role: Provides information about custom error messages for ASP.net applications. It does not apply to errors that occur in XML Web services.

Example: When an error occurs, the page is jumped to a custom error page.

where element defaultredirect represents the name of the custom error page. The mode element indicates that custom (friendly) information is displayed for users who are not running on the local Web server.

5, section

Role: Configure ASP.net HTTP runtime settings. This section can be declared at the computer, site, application, and subdirectory levels.

Example: Controls the user uploads the file maximum is 4M, the longest time is 60 seconds, the maximum request number is 100

6,

Role: Identifies page-specific configuration settings (such as whether session state is enabled, view state, whether user input is detected, and so on). The can be declared at the computer, site, application, and subdirectory levels.

Example: Do not detect potentially dangerous data in user-entered content in the browser (note: The default is detection, if you use no detection, to encode or verify the user's input, the encrypted view state is checked when the page is sent back from the client to verify that the view state has been tampered with on the client. (Note: This key is not validated by default)

7,

Role: Configures session state settings for the current application (such as setting whether session state is enabled, and where the session state is saved).

Example:

Note:

Mode= "InProc" means: Store session state locally (you can also choose to store on a remote server or a SAL server or not enable session state)

Cookieless= "true" means that session state is enabled if the user's browser does not support cookies (default is False)

timeout= "20" means the number of minutes that a session can be idle

8,

Role: Configure the ASP.net tracking service, mainly used to determine where the program test error.

Example: The following is the default configuration in Web.config:

Note:

Enabled= "False" indicates that tracing is not enabled; requestlimit= "10" indicates the number of trace requests stored on the server

Pageoutput= "false" means that trace output can only be accessed through the trace utility;

Tracemode= "SortByTime" indicates that trace information is displayed in the order in which the trace is processed

Localonly= "True" indicates that the trace viewer (Trace.axd) is used only for hosting WEB servers

Iii. Customizing the Web.config file configuration section

The custom Web.config file configuration section process is divided into two steps.

The first is to declare the name of the configuration section and the name of the. NET Framework class that handles the configuration data in the section, between the and tags at the top of the configuration file.

The second is to make the actual configuration settings for the declared section after the area.

Example: Create a section to store a database connection string

......