First, know the web.config file
The web.config file is an XML text file that is used to store configuration information for the ASP.NET web application (such as the most commonly used settings of the ASP.NET web application authentication method.
), It can appear in each directory of the application. When you create a new web application through VB.NET, you will automatically create a default in the root directory by default.
Web.config files, including default configuration settings, all subdirectories inherit it. If you want to modify the configuration settings for the subdirectory, you can create a new one in the subdirectory.
Web.config file. It provides configuration information other than configuration information inherited from the parent directory, or modifies the settings defined in the parent directory.
You can take effect on the modification of the web.config file at runtime. You can take effect (Note:
You can customize the new configuration parameters and write a configuration segment process program to process them.
Second, the web.config configuration file (default configuration settings) should be in all the code
with
Between, this XML tag is omitted for the example below for the purpose of learning.
1,
Role: Configuring ASP.NET Authentication Support (four of Windows, Forms, Passport, NONE). This element can only be declared at a computer, site, or application level. <
Authentication> Elements must be used with
Example:
The following example is a Forms-based authentication configuration site, and the web page is automatically jumped to the login web page when the user who does not log in is accessible.
The element loginurl indicates the name of the login page, and Name represents the cookie name.
2,
Role: Control client access to the URL resource (such as allowing anonymous user access). This element can be declared at any level (computer, site, application, subdirectory or page)
. Requirements with
Example: The following example prohibits access to anonymous users
Note: You can use User.Identity.name to get the current username that has been verified;
Web.Security.FormSauthentication.RedirectFromLoginPage method Redirects the verified user to the page just requested. For details, please refer:
Forms verification
http://www.fanvb.net/websample/dataauth.aspx3,
Role: Configure all compilation settings used by ASP.NET. The default debug property is "True". It should be set to true after the program compiles complete delivery use (web.config file
There is a detailed explanation, omitted here)
4,
Role: Provides information about custom error messages for the ASP.NET application. It does not apply to errors that have occurred in XML Web Services.
Example: When an error occurs, jump to the custom error page when an error occurs.
The element DEFAULTREDIRECT represents the name of the custom error page. Mode Elements Represents: Users who are not running on the local web server displays custom (friendly) information
5,
Role: Configure the ASP.NET HTTP runtime settings. This section can be declared at your computer, site, application, and subdirectories.
Example: Controling the user upload file up to 4m, the maximum time is 60 seconds, the maximum number of requests is 100
6,
Role: Identify the configuration settings specific to the page (if the session state, the view status is enabled, whether the user's input is detected).
And subdirectory level declaration.
Example: There is no potential dangerous data in the contents of the user entered in the browser (Note: This is detected by default, if you use no detection, one to perform the user's input
Encoding or verifying), check the encrypted view status when the page is sent from the client to verify that the view status is tampered with at the client. (Note: This item is not verified by default)
7,
Role: Configure session status settings for the current application (such as setting whether to enable session status, session status storage location).
Example:
Note:
Mode = "invroc" means: store session status locally (you can also choose to store or do not enable session status in remote server or SAL)
CookielesS = "true" means: Enable session status if the user browser does not support cookies (default is false)
Timeout = "20" means: The session can be in the number of minutes of the idle state 8,
Role: Configure the ASP.NET trace service, which is mainly used for program testing to determine where it is wrong.
Example: The following is the default configuration in Web.config:
Note:
Enabled = "false" means not enable tracking; requestLimit = "10" indicates the number of tracking requests stored on the server
PageOutput = "false" means only by tracking utility access tracking output;
TraceMode = "sortbytime" is indicated to display the tracking information in the order of handling tracking.
Localonly = "true" Indicates Track Viewer (Trace.axd) only used for host web servers
Third, custom web.config file configuration section
Custom Web.config file configuration section is divided into two steps.
First, in the name of the configuration section, the name of the configuration section is declared between the top of the configuration file top
The name of the Framework class.
The second is the actual configuration settings for the declaration after the
Example: Create a section storage database connection string
......
