views:

204

answers:

3

Hi there,

Does anyone know of a good link to explain how to use the web.config......

For example, i am using forms authentication... and i notice there is a system.web and then it closed /system.web and then below configuration there are additional location tags

here is an example, if you ntoice there is an authentication mode=forms with authorization i presume this is the ROOT....... It is also self contained within a system.web .... Below this there are more location= with system.web tags....

I have never really understand what i am actually doing.. I have tried checkign the MSDN documentation but still i don't fully understand up....

Can anyone help?

If you notice with my example.... everything is stored in 1 web.config... i thought the standard waas create a standard web.config and then create another web.config in the directory where i wish to protect it..???

<configuration>

     <system.web>
           <compilation debug="true" strict="false" explicit="true" targetFramework="4.0" />

           <authentication mode="Forms">
        <forms loginUrl="Login.aspx" defaultUrl="Login.aspx" cookieless="UseCookies" timeout="60"/>
    </authentication>

    <authorization>
        <allow users="*"/>
    </authorization>

       </system.web>


<location path="Forms">
    <system.web>
        <authorization>
            <deny users="?"/>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>
<location path="Forms/Seguridad">
    <system.web>
        <authorization>
            <allow roles="Administrador"/>
            <deny users="?"/>
        </authorization>
    </system.web>
</location>
+3  A: 

RTFM - read the documentation. Standard entries (web.config is extensible) are well documented therein.

http://msdn.microsoft.com/en-us/library/aa719558.aspx

is a good start.

It is - as should be obvious - XML based, btw.

TomTom
+1  A: 

Format of ASP.NET Configuration Files

Morten Anderson
A: 

You can place following web.config file in Forms/Seguridad:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.web>
        <authorization>
            <allow roles="Administrators" />
            <deny users="*" />
        </authorization>
    </system.web>
</configuration>