I. Understanding the Web. config file
The Web. config file is an XML text file that is used to store configuration information for an ASP. NET Web application, such as the most commonly used settings for the authentication of an ASP. NET Web application, which can appear in every directory of the application. When you create a new Web application through vb.net, a default is automatically created in the root directory by default
The Web. config file, which includes the default configuration settings, all subdirectories inherit its configuration settings. If you want to modify the configuration settings for subdirectories, you can create a new Web. config file under that subdirectory. It can provide configuration information other than the configuration information inherited from the parent directory, or you can override or modify the settings defined in the parent directory.
Modifications to the Web. config file at run time do not need to restart the service to take effect (note:<processmodel> section exception). Of course, the Web. config file can be extended. You can customize the new configuration parameters and write configuration section handlers to process them.
Ii. Web. config profile (default configuration settings) All of the following code should be located in the
<configuration>
<system.web>
And
</system.web>
</configuration>
For the purposes of learning the following example omits this XML tag
1. <authentication> Festival
Role: Configure ASP. NET authentication support (for Windows, Forms, PassPort, none of the four). This element can only be declared at the machine, site, or application level. <authentication> elements must be used in conjunction with the <authorization> section.
Example:
The following example configures a site for forms-based authentication, and when no logged-on user accesses a webpage that requires authentication, the page automatically jumps to the landing page.
<authentication mode= "Forms" >
<forms loginurl= "logon.aspx" name= ". Formsauthcookie "/>
</authentication>
where element loginurl represents the name of the landing page, name indicates the cookie name
2. <authorization> Festival
Role: Controls client access to URL resources (such as allowing anonymous user access). This element can be declared at any level (computer, site, application, subdirectory, or page). Must be used in conjunction with the <authentication> section.
Example: The following example disables access for anonymous users
<authorization>
<deny users= "?" />
</authorization>
Note: You can use the User.Identity.Name to obtain the current user name that has been verified, and you can use
Web. The Security.FormsAuthentication.RedirectFromLoginPage method redirects the authenticated user to the page that the user has just requested. For specific examples, please refer to:
Forms Validation Http://www.fanvb.net/websample/dataauth.aspx
3. <compilation> Festival
Function: Configures all compilation settings used by ASP. The default Debug property is "true". It should be set to true after the program has been compiled for delivery (the Web. config file has a detailed description, omitting the example here)
4. <customErrors>
Role: Provides information about custom error messages for ASP. It does not apply to errors that occur in XML Web services.
Example: When an error occurs, the Web page jumps to the custom error page.
<customerrors defaultredirect= "errorpage.aspx" mode= "RemoteOnly" >
</customErrors>
where element defaultredirect represents the name of the custom error page. The mode element indicates that custom (friendly) information is displayed for users who are not running on the local Web server.
5.
Role: Configure the ASP. NET HTTP runtime settings. This section can be declared at the machine, site, application, and subdirectory levels.
Example: Control user upload file up to 4M, maximum time 60 seconds, maximum number of requests is 100
6. <pages>
Role: Identifies page-specific configuration settings (such as whether session state is enabled, view state, whether user input is detected, and so on). <pages> can be declared at the machine, site, application, and subdirectory levels.
Example: Do not detect a user's input in the browser for potentially dangerous data (note: The item is detected by default, if you use no detection, one to encode or verify the user's input), the encrypted view state is checked when the page is posted back from the client to verify that the view state has been tampered with on the client. (Note: This item is not verified by default)
<pages buffer= "true" enableviewstatemac= "true" validaterequest= "false"/>
7. <sessionState>
Role: Configures session state settings for the current application (such as setting whether session state is enabled, session state save location).
Example:
<sessionstate mode= "InProc" cookieless= "true" timeout= "/>"
</sessionState>
Note:
Mode= "InProc" means: Store session state locally (you can also choose to store it in a remote server or SAL server or do not enable session state)
Cookieless= "True" indicates that session state is enabled if the user's browser does not support cookies (default = False)
Timeout= "20" indicates the number of minutes that a session can be idle
8. <trace>
Role: Configure the ASP. NET tracking service, mainly used for program testing to determine where errors.
Example: The following is the default configuration in Web. config:
<trace enabled= "false" requestlimit= "pageoutput=" false "tracemode=" SortByTime "localonly=" true "/>
Note:
Enabled= "false" means no tracing is enabled; requestlimit= "10" indicates the number of trace requests stored on the server
Pageoutput= "false" means that trace output can only be accessed through the trace utility;
Tracemode= "SortByTime" means to display trace information in the order in which the traces are processed
Localonly= "True" indicates that the trace viewer (Trace.axd) is used only for hosting WEB servers
Iii. custom Web. config file configuration section
Customizing the Web. config file configuration section is a two-step process.
The first is to declare the name of the configuration section between the <configSections> and </configSections> tags at the top of the configuration file and the name of the. NET Framework class that handles the configuration data in that section.
The second is to make the actual configuration settings for the declared section after the <configSections> area.
Example: Creating a section to store a database connection string
<configuration>
<configSections>
<section name= "appSettings" type= "System.Configuration.NameValueFileSectionHandler, System, version=1.0.3300.0, Culture=neutral, publickeytoken=b77a5c561934e089 "/>
</configSections>
<appSettings>
<add key= "Scon" value= "server=a;database=northwind;uid=sa;pwd=123"/>
</appSettings>
<system.web>
......
</system.web>
</configuration>
Iv. accessing the Web. config file
You can access the Web. config file example by using the ConfigurationSettings.AppSettings static string collection: Gets the connection string established in the example above.
Dim sconstr as String = ConfigurationSettings.AppSettings ("Sconstr")
Dim Scon = New SqlConnection (sconstr)