Export (0) Print
Expand All

How to: Create Web.config Files (Visual Studio) 

ASP.NET uses a hierarchy of XML text files, each named Web.config, to store settings that control how your Web site works. Using the features of the ASP.NET configuration system, you can configure an entire server, an ASP.NET application, or individual pages. This topic describes how to create a Web.config file in Visual Web Developer.

To create a Web.config file

  1. In Solution Explorer, click the Refresh icon to make sure that a Web.config file does not already exist for your application.

    If you have already used the Web Site Administration Tool or some other means of configuring your application, a Web.config file might have been created automatically. Clicking Refresh updates your file list.

  2. In Solution Explorer, right-click your Web site name, and then click Add New Item.

  3. In the Templates window, click Web Configuration File.

    The file name in the Name text box should be Web.config. You can give the file another name, but this is the default. The .config file name extension is protected from being downloaded by ASP.NET.

  4. Click Add to create the file and open it for editing.

    The file contains the code shown in the "Example" section later in this topic, with a few initial defaults. Your application inherits all configuration settings from the Machine.config and Web.config files in the %SystemRoot%\Microsoft.NET\Framework\<version>\CONFIG directory, but you will not see those default settings here. Application-level or directory-level Web.config files only need to be created if you want to override the inherited default settings or add to collection elements like httpHandlers Element (ASP.NET Settings Schema).

    To view all of the configuration settings for your current application, you could run the code included in the topic How to: View Inherited and Local Configuration Settings Programmatically. Alternatively, you can view the Machine.config.comments or Web.config.comments files (which also contain useful comments) in the %SystemRoot%\Microsoft.NET\Framework\<version>\CONFIG directory, but these two files will not contain all of your run-time settingsHow to: View Inherited and Local Configuration Settings Programmatically.

  5. If you have changed your Web.config file, save it.

    Saving a Web.config file restarts the application. You can alternatively use the configSource attribute of individual section elements to point to a secondary configuration file that does not cause an application restart when it is changed. For more information, see configSource in General Attributes Inherited by Section Elements.

To use IntelliSense to edit configuration settings

  1. In Visual Web Developer, open your Web.config file.

  2. In the editing window, place your cursor inside the <system.web> </system.web> tags on a line by itself, but not inside any other tags.

  3. Type the less-than character (<) to start a new element.

    A drop-down list appears that offers valid elements to add at this insertion point. Alternatively, you can press Ctrl+J to display the drop-down list without typing the less-than character.

  4. Select anonymousIdentification.

    The anonymousIdentification Element (ASP.NET Settings Schema) element is placed in your Web.config file and is terminated. If an element is terminated by a closing tag, then there are available child elements that you can set. If an element is terminated, like the following anonymousIdentification element, there are no available child elements to set.

    <anonymousIdentification />
    
  5. Place your cursor within the <anonymousIdentification /> tag, and then press the SPACEBAR key.

    A drop-down list appears that offers valid attributes to add to the anonymousIdentification element. Alternatively, you can press Ctrl+J to display the drop-down list without pressing the SPACEBAR key.

  6. Select enabled.

    The enabled attribute is placed in your Web.config file, and because it is a Boolean attribute, the values of true and false are offered in a drop-down list.

  7. Select false. This is the system default.

    The IntelliSense system makes suggestions for elements and attributes that are available at the insertion point. Sometimes, specialized attributes are not offered. For example, when configuring a providers element, such as for the siteMap Element (ASP.NET Settings Schema) element, different attributes are available depending on the type of provider you are adding. IntelliSense does not show these attributes because they depend upon the value of the type attribute.

  8. Change the value of the enabled attribute to "falsex", which is an invalid value.

    The IntelliSense system provides validation checking and displays a squiggly line under any text that does not validate.

Example

The following code example illustrates the initial contents of a Web.config file created by Visual Web Developer. Default settings are given for the compilation and the authentication elements. To turn on ASP.NET debugging, all you would do is change the debug attribute of the compilation element to true. All of the elements that can appear within the system.web element are documented in ASP.NET Configuration Settings.

<?xml version="1.0"?>
<!-- 
    Note: As an alternative to hand editing this file you can use the 
    Web Site Administration Tool to configure settings for your application. Use
    the Web site->Asp.Net Configuration option in Visual Studio.
    A full list of settings and comments can be found in 
    machine.config.comments usually located in 
    \Windows\Microsoft.Net\Framework\v2.x\Config 
-->
<configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0">
    <appSettings/>
    <connectionStrings/>
    <system.web>
        <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
        <compilation debug="false"/>
        <!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
        <authentication mode="Windows"/>
        <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm"/>
            <error statusCode="404" redirect="FileNotFound.htm"/>
        </customErrors>
        -->
    </system.web>
</configuration>

Security

When storing sensitive information in a configuration file for an application, you should encrypt the sensitive values using protected configuration. For more information about this and other security issues for configuration files, see Securing ASP.NET Configuration.

See Also

Community Additions

ADD
Show:
© 2014 Microsoft