The XML formatted .config files are used by default by Microsoft .NET frameworks to configure applications. The default settings or machine-specific values are defined in the machine.config file, which is not accessible to the application. However, these default settings can be overridden by defining the configurations according to the requirement of an application. Web.config is an XML-based configuration file used to define an application's custom settings. This is a flexible way of handling all the requirements at the application level. This file is read by
Web.Config fileWe can create a Web.Config file using a text editor and name it Web with an extension of .config. It must contain <configuration> element as the main tag – all other elements are defined or configured inside it. A sample Web.Config file is given below:
<?xml version="1.0" encoding="utf-8" ?><configuration><!-- configuration elements to be defined here --></configuration>
The first line of the code depicts the document is XML formatted with a specified version and encoding type.
The second line of the code indicates the beginning of the <configuration> element that will include other element inside it. It means all the configuration settings will be defined under the main <configuration> element.
Note: The visual studio generates a default
Web.Configfile for each project, including basic configuration settings.
Web.Config elementsThe Web.Config file allows a developer to define configurations during development, deployment, and after deployment without needing to change the application. All the configurations are defined inside their specific element/tag. The subsequent sections discuss a few of the main configuration elements often used by developers.
The settings related to the behavior of web application is defined in the <system.web> element as listed below:
Authentication and authorization settings.
Compilation of the web application.
Page setting to configure session state, view state, buffer and more.
Custom error and default redirect settings, such as settings related to different status codes, i.e., 4xx, 5xx etc.
Location settings to locate files in other directories and allow access for users.
<?xml version="1.0" encoding="utf-8" ?><configuration><system.web><!-- Tags for authentication and authorization --><authentication></authentication><authorization></authorization><!-- Tag for compilation settings --><compilation></compilation><!-- Tag for custome errors --><customErrors defaultRedirect="errorPage.aspx"><error statusCode = "500" redirect="serverError.aspx"></error></customErrors><!-- Tag for location setting --><location path="admin.aspx"></location></system.web></configuration>
Connection strings is the most commonly used configuration setting in Web.Config file to connect and access different resources in the application. These settings are stored as key pair values in <connectionString> element. The connection string to connect with a database is defined below:
<?xml version="1.0" encoding="utf-8" ?><configuration><!-- Tags fto define connection string --><connectionString><add name= "connStr" connectionString="server=xyz;database=dbName;"></connectionString></configuration>
All different configurations can similarly be defined by specifying settings in the relevant elements. These defined configurations are then accessed in the application to perform different related operations.
Note: An application can execute without
Web.Configfile with the only limitation that it can not be debugged.
Web.configThe use of Web.Config file yields the following advantages in an application:
The IIS server is configured to prevent browsers from accessing the Web.Config file to avoid making it vulnerable.
It allows to override the default configuration to change the behavior of the application.
The configurations can be defined or changed any time (i.e., development, deployment, production etc.) without altering the application.
The server does not need to restart to reflect changes in the application
Any number of Web.Config files can be defined in an application in different subdirectories to have different behaviors of various components.
It can be stored and updated easily as it is in human-readable format.
Settings can be configured independently of the application code.
We learned how default configuration could be overridden by defining custom settings in a file called Web.Config in ASP. The different elements allow a developer to configure various settings according to the need of the application. As discussed in advantages, Web.Config file securely defines configuration which can be changed at any time without changing the codes using these configurations.
Free Resources