Asp. NET Learning: Understanding Web.config Files

Source: Internet
Author: User
Tags anonymous config configuration settings modify parent directory web services client root directory
Asp.net|web

Content comes from the network.

Abstract : This article describes the basic principles of Web.config files and related settings.

Content of this page:

Understanding Web.config Documents

The Web.config file is an XML text file that stores configuration information for ASP.net Web applications (such as the most common settings asp.net the way the Web application is authenticated) and can appear in every directory in the application. When you pass. NET creates a new Web application by default, a default is created automatically in the root directory
Web.config files, including the default configuration settings, all subdirectories inherit its configuration settings. If you want to modify the configuration settings for subdirectories, you can create a new Web.config file in the subdirectory. It can provide configuration information in addition to the configuration information inherited from the parent directory, or you can override or modify the settings defined in the parent directory.

Modifications to the Web.config file at run time do not require a restart of the service to take effect (note the exception to the:<processmodel> section). Of course, Web.config files can be extended. You can customize the new configuration parameters and write configuration section handlers to process them.

Web.config document detailed

Web.config configuration file (default configuration settings) All of the following code should be located in the

<configuration>
<system.web>
And
</system.web>
</configuration>

, for learning purposes The following example omits this XML tag.

1, <authentication> Festival
Role: Configure ASP.net authentication support (for Windows, Forms, PassPort, none four). This element can only be declared at the computer, site, or application level. <authentication> elements must be used in conjunction with the <authorization> section.
Example:
The following example configures the site for forms-based authentication, and the page automatically jumps to the landing page when no logged user accesses the page that requires authentication.

<authentication mode= "Forms" >
<forms loginurl= "logon.aspx" name= ". Formsauthcookie "/>
</authentication>

Where the element loginurl represents the name of the landing page, name indicates the cookie name.

2, <authorization> Festival
Role: Controls client access to URL resources (such as allowing anonymous users to access). This element can be declared at any level (computer, site, application, subdirectory, or page). Must be used in conjunction with the <authentication> section.
Example: The following example prohibits access for anonymous users

<authorization>
<deny users= "?" />
</authorization>

Note: You can use User.Identity.Name to get the current user name that has been validated;
Web. The Security.FormsAuthentication.RedirectFromLoginPage method redirects the authenticated user to the page that the user has just requested. For specific examples please refer to:
Forms Validation Http://www.fanvb.net/websample/dataauth.aspx

3, <compilation> Festival
Role: Configure all compilation settings used by asp.net. The default Debug property is True. You should set the program to false after it has been delivered for use (the Web.config file contains a detailed description, where the example is omitted)

4, <customErrors>
Role: Provides information about custom error messages for ASP.net applications. It does not apply to errors that occur in XML Web services.
Example: When an error occurs, the page is jumped to a custom error page.

<customerrors defaultredirect= "errorpage.aspx" mode= "RemoteOnly" >
</customErrors>

where element defaultredirect represents the name of the custom error page. The mode element indicates that custom (friendly) information is displayed for users who are not running on the local Web server.

5, Role: Configure ASP.net HTTP runtime settings. This section can be declared at the computer, site, application, and subdirectory levels.
Example: Controls the user uploads the file maximum is 4M, the longest time is 60 seconds, the maximum request number is 100

6, <pages>
Role: Identifies page-specific configuration settings (such as whether session state is enabled, view state, whether user input is detected, and so on). <pages> can be declared at the computer, site, application, and subdirectory levels.
Example: Do not detect potentially dangerous data in user-entered content in the browser (note: The default is detection, if you use no detection, to encode or verify the user's input, the encrypted view state is checked when the page is sent back from the client to verify that the view state has been tampered with on the client. (Note: This key is not validated by default)

<pages buffer= "true" enableviewstatemac= "true" validaterequest= "false"/>

7, <sessionState>
Role: Configures session state settings for the current application (such as setting whether session state is enabled, and where the session state is saved).
Example:

<sessionstate mode= "InProc" cookieless= "true" timeout= "/>"
</sessionState>

Note:
Mode= "InProc" means: Store session state locally (you can also choose to store on a remote server or a SAL server or not enable session state)
Cookieless= "true" means that session state is enabled if the user's browser does not support cookies (default is False)
timeout= "20" means the number of minutes that a session can be idle

8, <trace>
Role: Configure the ASP.net tracking service, mainly used to determine where the program test error.
Example: The following is the default configuration in Web.config:

<trace enabled= "false" requestlimit= "ten" pageoutput= "false" tracemode= "SortByTime" localonly= "true"/>

Note:
Enabled= "False" indicates that tracing is not enabled;
Requestlimit= "10" indicates the number of trace requests stored on the server
Pageoutput= "false" means that trace output can only be accessed through the trace utility;
Tracemode= "SortByTime" indicates that trace information is displayed in the order in which the trace is processed
Localonly= "True" indicates that the trace viewer (Trace.axd) is used only for hosting WEB servers

Customizing Web.config file Configuration

The custom Web.config file configuration section process is divided into two steps.
1. Declare the name of the configuration section and the name of the. NET Framework class that handles the configuration data in the section between the top <configSections> and </configSections> tags of the configuration file.
2. The actual configuration settings are made for the declared section after the <configSections> area.
Example: Create a section to store a database connection string

<configuration>
<configSections>
<section name= "appSettings" type= "System.Configuration.NameValueFileSectionHandler, System, version=1.0.3300.0, Culture=neutral, publickeytoken=b77a5c561934e089 "/>
</configSections>
<appSettings>
<add key= "Scon" value= "server=a;database=northwind;uid=sa;pwd=123"/>
</appSettings>
<system.web>
......
</system.web>
</configuration>

accessing web.config files

You can access the Web.config file example by using a collection of configurationsettings.appsettings static strings: Get the connection string created in the above example. For example:

protected static string isdebug = configurationsettings.appsettings["Debug"



Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.