Re: Web.config

From: Neven Klofutar (neven.klofutar_at_public.srce.hr)
Date: 10/13/04 

Date: Wed, 13 Oct 2004 15:18:13 +0200

This is my web.config

******************************************
<?xml version="1.0" encoding="utf-8" ?>

<configuration>

<system.web>

<!-- CUSTOM ERROR MESSAGES

Set customErrors mode="On" or "RemoteOnly" to enable custom error messages,
"Off" to disable.

Add <error> tags for each of the errors you want to handle.

"On" Always display custom (friendly) messages.

"Off" Always display detailed ASP.NET error information.

"RemoteOnly" Display custom (friendly) messages only to users not running

on the local Web server. This setting is recommended for security purposes,
so

that you do not display application detail information to remote clients.

-->

<customErrors

mode="Off"

/>

<!-- AUTHENTICATION

This section sets the authentication policies of the application. Possible
modes are "Windows",

"Forms", "Passport" and "None"

"None" No authentication is performed.

"Windows" IIS performs authentication (Basic, Digest, or Integrated Windows)
according to

its settings for the application. Anonymous access must be disabled in IIS.

"Forms" You provide a custom form (Web page) for users to enter their
credentials, and then

you authenticate them in your application. A user credential token is stored
in a cookie.

"Passport" Authentication is performed via a centralized authentication
service provided

by Microsoft that offers a single logon and core profile services for member
sites.

-->

<authentication mode="Windows" />

<!-- AUTHORIZATION

This section sets the authorization policies of the application. You can
allow or deny access

to application resources by user or role. Wildcards: "*" mean everyone, "?"
means anonymous

(unauthenticated) users.

-->

<authorization>

<allow users="*" /> <!-- Allow all users -->

<!-- <allow users="[comma separated list of users]"

roles="[comma separated list of roles]"/>

<deny users="[comma separated list of users]"

roles="[comma separated list of roles]"/>

-->

</authorization>

<!-- GLOBALIZATION

This section sets the globalization settings of the application.

-->

<globalization

requestEncoding="utf-8"

responseEncoding="utf-8"

/>

</system.web>

</configuration>

Relevant Pages

  • RE: Custom login will not work
    ... For forms authentication, you do can use the global.asax or a custom ... And for the authorization on page url, ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.aspnet)
  • Custom "Access Denied" Message
    ... I'm using forms authentication along with role based authorization in my web ... app. ... custom "Access Denied" page? ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • RE: Membership Provider Woes
    ... in forms authentication context. ... how do I actually store the custom information? ... limited by the natural of cookie. ... Doens't the membership provider set a forms auth cookie for me ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: HELP Connection error on Release mode
    ... "Off" Always display detailed ASP.NET error information. ... This section sets the authentication policies of the application. ... Set trace enabled="true" to enable application trace logging. ... <!-- SESSION STATE SETTINGS ...
    (microsoft.public.dotnet.languages.csharp)
  • Forms authentication in a subfolder problem, please help
    ... When I create forms authentication at root level it works but when I move my ... <!-- CUSTOM ERROR MESSAGES ... Application-level tracing enables trace log output for every page ... private void Page_Load ...
    (microsoft.public.dotnet.framework.aspnet.security)