Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


Tip of the Day
Language: VB7,C#
Expertise: Intermediate
Aug 22, 2002

Prevent unauthorized changes to ASP.NET configuration files

Some ASP.NET settings are so critical that the system administrator should prevent them from being changed by individual applications. This ability is especially crucial for servers that host multiple applications written by different developers. In this case, the administrator can prevent undesired changes by adding an allowOverride attribute to the <location> tag:
<location path="Default Web Site/MyApp" allowOverride="false">
  <system.web>
    <authorization>
      <allow roles="MyDomain\Administrator" />
      <deny users="*" />
    </authorization>
  </system.web>
</location>
Another way to prevent a set of values from being redefined is by adding an allowDefinition attribute to a
tag in the portion of the configuration file. For example, the following entry in machine.config effectively prevents the key from appearing in application's web.config files:
  <section name="processModel" 
    type="System.Web.Configuration.ProcessModelConfigurationHandler, 
          System.Web, Version=1.0.3300.0, Culture=neutral, 
          PublicKeyToken=b03f5f7f11d50a3a" 
    allowDefinition="MachineOnly" />
The allowDefinition attribute can take three values: MachineOnly for settings that can appear only in machine.config; MachineToApplication for settings that can appear in machine.config and the application's main web.config file, but not in secondary web.config files; and Everywhere for settings that can appear in any .config file. (This is the default behavior if this attribute setting is omitted).


This tips has been taken from Chapter 24 "ASP.NET Applications" of Francesco Balena's Programming Microsoft Visual Basic .NET (Microsoft Press). Read a sample chapter from our Book Bank, or buy at 30% off the list price.
Francesco Balena
 
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap