ASP.NET Settings Schema

The ASP.NET configuration section schema contains elements that control how ASP.NET Web applications behave. Where a default value is specified for an attribute, the default value is set in the Machine.config file that is located at systemroot\Microsoft.NET\Framework\versionNumber\CONFIG\Machine.config.

<configuration>
   <location>
      <system.web>
         <authentication>
            <forms>
               <credentials>
            <passport>
         <authorization>
            <allow>
            <deny>
         <browserCaps>
            <result>
            <use>
            <filter>
               <case>
         <clientTarget>
            <add>
            <remove>
            <clear>
         <compilation>
            <compilers>
               <compiler>
            <assemblies>
               <add>
               <remove>
               <clear>
         <customErrors>
            <error>
         <globalization>
         <httpHandlers>
            <add>
            <remove>
            <clear>
         <httpModules>
            <add>
            <remove>
            <clear>
         <httpRuntime>
         <identity>
         <machineKey>
         <pages>
         <processModel>
         <securityPolicy>
            <trustLevel>
         <sessionState>
         <trace>
         <trust>
         <webServices>
            <protocols>
               <add>
               <remove>
               <clear>
            <serviceDescriptionFormatExtensionTypes>
               <add>
               <remove>
               <clear>
            <soapExtensionTypes>
               <add>
               <clear>
            <soapExtensionReflectorTypes>
               <add>
               <clear>
            <soapExtensionImporterTypes>
               <add>
               <clear>
            <WsdlHelpGenerator>
         </webServices>
      </system.web>
   </location>
</configuration>

Element Description
<system.web> Specifies the root element for the ASP.NET configuration section.
<add> for <assemblies> Adds an assembly reference to use during compilation of a dynamic resource.
<add> for <clientTarget> Adds an alias for a specific user agent to an internal collection of user agent aliases.
<add> for <httpHandlers> Adds a reference to an assembly to use during compilation of a dynamic resource.
<add> for <httpModules> Adds a reference to an assembly to use during compilation of a dynamic resource.
<add> for <protocols> Adds a transmission protocol that the .NET Framework can use to decrypt data sent from a client browser in the HTTP request.
<add> for <serviceDescriptionFormatExtensionTypes> Adds a service description format extension to run within the scope of the configuration file.
<add> for <soapExtensionTypes>, <soapExtensionImporterTypes>, and <soapExtensionReflectorTypes> Adds a SOAP extension to run with all XML Web services within the scope of the configuration file.
<allow> Allows access to a resource.
<assemblies> Specifies ASP.NET compilation processing directives.
<authentication> Configures ASP.NET authentication support.
<authorization> Configures ASP.NET authorization support.
<browserCaps> Configures the settings for the browser capabilities component.
<case> Allows pattern matching to stop after processing the first successful match out of a number of alternatives.
<clear> Removes all references to items appropriate to the parent tag.
<clientTarget> Adds aliases for specific user agents to an internal collection of user agent aliases.
<compilation> Contains all the compilation settings used by ASP.NET.
<compiler> Defines a new compiler option.
<compilers> Specifies the compilers that the ASP.NET application supports.
<credentials> Allows optional definition of name and password credentials within the configuration file.
<customErrors> Defines custom error messages for an ASP.NET application and the pages that a browser is redirected to when errors occur.
<deny> Specifies that access to a resource is denied.
<error> Defines one custom error condition that will be handled by a custom error page.
<filter> Allows multiple rules to be applied in sequence.
<forms> Configures an ASP.NET application for custom forms-based authentication.
<globalization> Configures the globalization settings of an application.
<httpHandlers> Maps incoming URL requests to IHttpHandler classes.
<httpModules> Adds, removes, or clears HTTP modules within an application.
<httpRuntime> Configures ASP.NET HTTP runtime settings. This section can be declared at the machine, site, application, or subdirectory level.
<identity> Controls the application identity of the Web application.
<location> Specifies the resource that configuration settings apply to.
<machineKey> Configures keys to use for encryption and decryption of forms authentication cookie data. This section allows developers to configure a validation key that performs message authentication checks on view state data and forms authentication tickets. It can be declared at the machine, site, or application levels, but not at the subdirectory level.
<pages> Identifies page-specific configuration settings.
<passport> Specifies the page to redirect to if the page requires authentication and the user has not signed on with Microsoft Passport authentication.
<processModel> Configures the ASP.NET process model settings on Microsoft Internet Information Services (IIS) Web server systems.
<protocols> Specifies the transmission protocols that ASP.NET can use to decrypt data sent from a client browser in the HTTP request.
<remove> for <assemblies> Removes a reference to an assembly.
<remove> for <clientTarget> Removes an alias for a specific user agent from an internal collection of user agent aliases.
<remove> for <httpHandlers> Removes a verb/path mapping to an HttpHandler class.
<remove> for <httpModules> Removes a reference to an HttpModule class. The value of <remove> must exactly match that of a previous <add> directive.
<remove> for <protocols> Removes a single protocol from a specific application's list of supported HTML encoding protocols.
<remove> for <serviceDescriptionFormatExtensionTypes> Removes a single service description format extension type from within the scope of the configuration file.
<result> The HttpCapabilitiesBase-derived class used to hold the results (key-value string pairs) from parsing this section. This string is used at run time to create the return type.
<securityPolicy> Defines valid mappings of named security levels to policy files. This section can be declared at the machine, site, or application levels.
<serviceDescriptionFormatExtensionTypes> Specifies the service description format extensions to run within the scope of the configuration file.
<sessionState> Configures some session-state settings for the current application.
<soapExtensionImporterTypes> Specifies the SOAP extensions to run when a service description for an XML Web service within the scope of the configuration file is accessed.
<soapExtensionReflectorTypes> Specifies the SOAP extensions to run when a service description is generated for all XML Web services within the scope of the configuration file.
<soapExtensionTypes> Specifies the SOAP extensions to run with all XML Web services within the scope of the configuration file.
<trace> Configures the ASP.NET trace service.
<trust> Configures the code access security permission set used to run a particular application. This section can be declared at the machine, site, and application levels.
<trustLevel> Defines the mapping of specific security levels to named policy files.
<use> Specifies the HTTP request strings sent to this parser.
<user> Allows definition of user name and password credentials within the configuration file.
<webServices> Controls the settings of XML Web services created using ASP.NET.
<WsdlHelpGenerator> Specifies the .aspx Help page for an XML Web service.

See Also

ASP.NET Configuration