May 13, 2021 ASP.NET
The behavior of ASP.NET application is determined by different settings in the following two profiles:
The machine.config file contains the default for all supported settings and the specific values for the setting machine. The machine's settings are set up by the system administrator, and the application typically cannot access this file.
However, an application can override the default value by creating a web.config file in its root folder. T he web.config file is a subset of the machine.config file.
If your application contains subdirectts, it can define a web.config file for each folder. The scope of each profile is determined in a layered top-down manner.
Any web.config file can be extended locally, restricted, or override any definition set at the upper level.
Visual Studio generates the default web.config file for each project. A pplications can be executed without a web.config file, however, we cannot debug an application without a web.config file.
The following illustration shows an example of a sample solution explorer used in the web service tutorial:
In this application, there are two web.config files that correspond to the web service and the web site that invoke the web service.
The configuration elements in the web.config file are the root node. T he information in this element is divided into two main areas: the configuration section handler declaration area, and the configuration section settings area.
The following snippet shows the basic syntax of a profile:
<configuration>
<!-- Configuration section-handler declaration area. -->
<configSections>
<section name="section1" type="section1Handler" />
<section name="section2" type="section2Handler" />
</configSections>
<!-- Configuration section settings area. -->
<section1>
<s1Setting1 attribute1="attr1" />
</section1>
<section2>
<s2Setting1 attribute1="attr1" />
</section2>
<system.web>
<authentication mode="Windows" />
</system.web>
</configuration>
The configuration section handler declaration is included in the label for , and each configuration handler specifies the name of the configuration section and is included in a file that provides some configuration data. It has the following basic syntax:
<configSections>
<section />
<sectionGroup />
<remove />
<clear/>
</configSections>
It has the following elements:
Application settings allow the storage of read-only access to the name-value pair of the application. F or example, you can define a custom application setting as follows:
<configuration>
<appSettings>
<add key="Application Name" value="MyApplication" />
</appSettings>
</configuration>
For example, you can also store a book's ISBN number and name data pairs:
<configuration>
<appSettings>
<add key="appISBN" value="0-273-68726-3" />
<add key="appBook" value="Corporate Finance" />
</appSettings>
</configuration>
The connection string shows the database connection string that is available for the Web site. For example:
<connectionStrings>
<add name="ASPDotNetStepByStepConnectionString"
connectionString="Provider=Microsoft.Jet.OLEDB.4.0;
Data Source=E:\\projects\datacaching\ /
datacaching\App_Data\ASPDotNetStepByStep.mdb"
providerName="System.Data.OleDb" />
<add name="booksConnectionString"
connectionString="Provider=Microsoft.Jet.OLEDB.4.0;
Data Source=C:\ \databinding\App_Data\books.mdb"
providerName="System.Data.OleDb" />
</connectionStrings>
The system.web element specifies the root element for the ASP.NET configuration section and contains configuration elements that configure the ASP.NET web application and control the operation of the application.
It controls most of the more common configuration elements that need to be adjusted. The basic syntax of the element is as follows:
<system.web>
<anonymousIdentification>
<authentication>
<authorization>
<browserCaps>
<caching>
<clientTarget>
<compilation>
<customErrors>
<deployment>
<deviceFilters>
<globalization>
<healthMonitoring>
<hostingEnvironment>
<httpCookies>
<httpHandlers>
<httpModules>
<httpRuntime>
<identity>
<machineKey>
<membership>
<mobileControls>
<pages>
<processModel>
<profile>
<roleManager>
<securityPolicy>
<sessionPageState>
<sessionState>
<siteMap>
<trace>
<trust>
<urlMappings>
<webControls>
<webParts>
<webServices>
<xhtmlConformance>
</system.web>
The following table provides a brief description of some of the child elements of common system.web elements:
This identifies uncertifyed users when user identification is required.
It is supported by configuration authorization, and the basic syntax is:
<authorization>
<allow .../>
<deny .../>
</authorization>
It configures the cache settings, and the basic syntax is:
<caching>
<cache>...</cache>
<outputCache>...</outputCache>
<outputCacheSettings>...</outputCacheSettings>
<sqlCacheDependency>...</sqlCacheDependency>
</caching>
It defines a custom error message, and the basic syntax is:
<customErrors defaultRedirect="url" mode="On|Off|RemoteOnly">
<error. . ./>
</customErrors>
It defines the configuration settings for deployment. The basic syntax is as follows:
<deployment retail="true|false" />
It defines configuration settings for the managed environment. The basic syntax is as follows:
<hostingEnvironment idleTimeout="HH:MM:SS" shadowCopyBinAssemblies="true|false"
shutdownTimeout="number" urlMetadataSlidingExpiration="HH:MM:SS" />
It is used to configure the authentication mechanism for the application, with the following basic syntax:
<identity impersonate="true|false" userName="domain\username"
password="<secure password>"/>
It is used to configure the key for form authentication cookies used to encrypt and decrypt data.
It also allows the configuration verification key to perform message authentication checks on view state data and Forms authentication tickets. T he basic syntax is:
<machineKey validationKey="AutoGenerate,IsolateApps" [String]
decryptionKey="AutoGenerate,IsolateApps" [String]
validation="HMACSHA256" [SHA1 | MD5 | 3DES | AES | HMACSHA256 |
HMACSHA384 | HMACSHA512 | alg:algorithm_name]
decryption="Auto" [Auto | DES | 3DES | AES | alg:algorithm_name]
/>
It is used to configure management and authenticate user parameters. The basic syntax is:
<membership defaultProvider="provider name"
userIsOnlineTimeWindow="number of minutes" hashAlgorithmType="SHA1">
<providers>...</providers>
</membership>
It provides the specific configuration of the web page. T he basic syntax is:
<pages asyncTimeout="number" autoEventWireup="[True|False]"
buffer="[True|False]" clientIDMode="[AutoID|Predictable|Static]"
compilationMode="[Always|Auto|Never]"
controlRenderingCompatibilityVersion="[3.5|4.0]"
enableEventValidation="[True|False]"
enableSessionState="[True|False|ReadOnly]"
enableViewState="[True|False]"
enableViewStateMac="[True|False]"
maintainScrollPositionOnPostBack="[True|False]"
masterPageFile="file path"
maxPageStateFieldLength="number"
pageBaseType="typename, assembly"
pageParserFilterType="string"
smartNavigation="[True|False]"
styleSheetTheme="string"
theme="string"
userControlBaseType="typename"
validateRequest="[True|False]"
viewStateEncryptionMode="[Always|Auto|Never]" >
<controls>...</controls>
<namespaces>...</namespaces>
<tagMapping>...</tagMapping>
<ignoreDeviceFilters>...</ignoreDeviceFilters>
</pages>
It is used to configure user profile parameters. The basic syntax is:
<profile enabled="true|false" inherits="fully qualified type reference"
automaticSaveEnabled="true|false" defaultProvider="provider name">
<properties>...</properties>
<providers>...</providers>
</profile>
Configure settings information for user roles. The basic syntax is:
<roleManager cacheRolesInCookie="true|false" cookieName="name"
cookiePath="/" cookieProtection="All|Encryption|Validation|None"
cookieRequireSSL="true|false " cookieSlidingExpiration="true|false "
cookieTimeout="number of minutes" createPersistentCookie="true|false"
defaultProvider="provider name" domain="cookie domain">
enabled="true|false"
maxCachedResults="maximum number of role names cached"
<providers>...</providers>
</roleManager>
Used to configure security policies. The basic syntax is:
<securityPolicy>
<trustLevel />
</securityPolicy>
It defines a map to hide the original URL and provides a more user-friendly URL. The basic syntax is:
<urlMappings enabled="true|false">
<add.../>
<clear />
<remove.../>
</urlMappings>
It provides the name of the location that is shared with the client script. The basic syntax is:
<webControls clientScriptsLocation="String" />
Used to configure web services.