Understanding asp.net configuration file Web.config

Source: Internet
Author: User
Tags anonymous config configuration settings parent directory web services root directory
Asp.net|web First, web.config documents

The Web.config file is an XML text file that stores configuration information for ASP.net Web applications (such as the most common settings asp.net the way the Web application is authenticated) and can appear in every directory in the application. When you create a new Web application via vb.net, a default is automatically created in the root directory by default
Web.config files, including the default configuration settings, all subdirectories inherit its configuration settings. If you want to modify the configuration settings for subdirectories, you can create a new Web.config file in the subdirectory. It can provide configuration information in addition to the configuration information inherited from the parent directory, or you can override or modify the settings defined in the parent directory.

Modifications to the Web.config file at run time do not require a restart of the service to take effect (note: <processModel> section exception). Of course, Web.config files can be extended. You can customize the new configuration parameters and write configuration section handlers to process them.

Ii. web.config configuration file (default configuration settings) All of the following code should be located in the

<configuration>
<system.web>
And

</system.web>
</configuration>
, for learning purposes The following example omits this XML tag

1, <authentication> section

Role: Configure ASP.net authentication support (for Windows, Forms, PassPort, none four). This element can only be declared at the computer, site, or application level. The <authentication> element must be used in conjunction with the <authorization> section.

Example:

The following example configures the site for forms-based authentication, and the page automatically jumps to the landing page when no logged user accesses the page that requires authentication.

<authentication mode= "Forms"
<forms loginurl= "logon.aspx" name= ". Formsauthcookie "/>

</authentication>
where element loginurl represents the name of the landing page, name means the cookie name

2, <authorization> section

Role: Controls client access to URL resources (such as allowing anonymous users to access). This element can be declared at any level (computer, site, application, subdirectory, or page). Must be used in conjunction with the <authentication> section.

Example: The following example prohibits access for anonymous users

<authorization>
<deny users= "?" />
</authorization>
Note: You can use User.Identity.Name to get the current user name that has been validated;
Web. The Security.FormsAuthentication.RedirectFromLoginPage method redirects the authenticated user to the page that the user has just requested. For specific examples please refer to:

Forms Validation Http://www.fanvb.net/websample/dataauth.aspx

3, <compilation> section

Role: Configure all compilation settings used by asp.net. The default Debug property is "true". You should set it to True after the program compilation has been delivered and used (in the Web.config file for detailed instructions, omit the example)

4, <customErrors>

Role: Provides information about custom error messages for ASP.net applications. It does not apply to errors that occur in XML Web services.

Example: When an error occurs, the page is jumped to a custom error page.

<customerrors defaultredirect= "errorpage.aspx" mode= "RemoteOnly"
</customErrors>
where element defaultredirect represents the name of the custom error page. The mode element indicates that custom (friendly) information is displayed for users who are not running on the local Web server.

5,
Role: Configure ASP.net HTTP runtime settings. This section can be declared at the computer, site, application, and subdirectory levels.

Example: Controls the user uploads the file maximum is 4M, the longest time is 60 seconds, the maximum request number is 100

6, <pages>

Role: Identifies page-specific configuration settings (such as whether session state is enabled, view state, whether user input is detected, and so on). The <pages> can be declared at the computer, site, application, and subdirectory levels.

Example: Do not detect potentially dangerous data in user-entered content in the browser (note: The default is detection, if you use no detection, to encode or verify the user's input, the encrypted view state is checked when the page is sent back from the client to verify that the view state has been tampered with on the client. (Note: This key is not validated by default)

<pages buffer= "true" enableviewstatemac= "true" validaterequest= "false"/>
7, <sessionState>

Role: Configures session state settings for the current application (such as setting whether session state is enabled, and where the session state is saved).

Example:

<sessionstate mode= "InProc" cookieless= "true" timeout= "20"/>
</sessionState>
Note:

Mode= "InProc" means: Store session state locally (you can also choose to store on a remote server or a SAL server or not enable session state)

Cookieless= "true" means that session state is enabled if the user's browser does not support cookies (default is False)

timeout= "20" means the number of minutes that a session can be idle

8, <trace>

Role: Configure the ASP.net tracking service, mainly used to determine where the program test error.

Example: The following is the default configuration in Web.config:

<trace enabled= "false" requestlimit= "ten" pageoutput= "false" tracemode= "SortByTime" localonly= "true"/>
Note:

Enabled= "False" indicates that tracing is not enabled; requestlimit= "10" indicates the number of trace requests stored on the server

Pageoutput= "false" means that trace output can only be accessed through the trace utility;

Tracemode= "SortByTime" indicates that trace information is displayed in the order in which the trace is processed

Localonly= "True" indicates that the trace viewer (Trace.axd) is used only for hosting WEB servers

Iii. Customizing the Web.config file configuration section

The custom Web.config file configuration section process is divided into two steps.

The first is to declare the name of the configuration section and the name of the. NET Framework class that handles the configuration data in the section, between the <configSections> and </configSections> tags at the top of the configuration file.

The second is to make the actual configuration settings for the declared section after the <configSections> area.

Example: Create a section to store a database connection string

<configuration>
<configSections>
<section name= "appSettings" type= "System.Configuration.NameValueFileSectionHandler, System, version=1.0.3300.0, Culture=neutral, publickeytoken=b77a5c561934e089 "/>
</configSections>

<appSettings>
<add key= "Scon" value= "server=a;database=northwind;uid=sa;pwd=123"
</appSettings>

<system.web>
......
</system.web>
</configuration>
Iv. access to Web.config files

You can access the Web.config file example by using a collection of configurationsettings.appsettings static strings: Get the connection string created in the above example.

Dim sconstr as String = ConfigurationSettings.AppSettings ("Sconstr")
Dim Scon = New SqlConnection (sconstr)


Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.