The application configuration files ( web.config and the site-wide machine.config ) have had a number of changes, including new attributes added to existing elements as well as new elements to support the new features. The changed sections of the configuration files cover the topics listed below:
The new sections cover the following topics:
Changed SectionsThe text in this subsection details only the changes made to the configuration files and the changed attributes. Client TargetsThe <clientTarget/> section identifies browsers by their user agent string and provides a mapping to a simple alias. For the downlevel alias, the user agent has been changed from Unknown to Generic Downlevel , as shown below: <clientTarget> <add alias="downlevel" userAgent="Generic Downlevel" /> </clientTarget> CompilationThe <compilation/> section has been enhanced to allow for automatic compilation of source files and pre-compilation of applications. For this there is a new <codeSubDirectories/> element that indicates which directories contain code that should be automatically compiled. This section contains a collection of relative directory names where code is placed. The syntax is shown below: <compilation urlLinePragmas="[truefalse]" > <codeSubDirectories> <add directoryName=" String " /> </codeSubDirectories> </compilation> There is also a new Boolean attribute on the main compilation section, urlLinePragmas . This indicates whether or not pragmas use URLs. The default is false , which means that pragmas use physical paths. The <compilers/> section has been moved to the new <system . codedom /> section, which is covered later in the chapter. Build ProvidersThe <buildProviders/> section identifies which files are part of the dynamic compilation process. The syntax for this section is: <buildProviders> <add extension=" String " appliesTo=" String " type=" String " /> </buildProviders> The attributes are described in Table 13.1. Table 13.1. buildProvider Attributes
This section is for files that aren't part of the compilation section (those files are automatically built). Compilation and build providers were covered in Chapter 2. Web ProxyThe <defaultProxy/> section defines how the System.Net classes access the Internet and has been enhanced to include the following settings: <defaultProxy automaticallyDetectSettings="[truefalse]" autoConfigurationScript=" String " scriptDownloadInterval=" Integer " scriptDownloadTimeout=" Integer " /> The attributes are described in Table 13.2. Table 13.2. defaultProxy Attributes
HTTP ModulesSeveral new HTTP modules have been added to the pipeline.
A full description of these is beyond the scope of this book, but details can be found in the SDK documentation. HTTP RuntimeThe <httpRuntime/> section has been enhanced to cater to application domain shutdowns and buffered uploads, with the following new attributes: <httpRuntime enable="[truefalse]" idleTimeOut=" Integer " requestLengthDiskThreshold=" Integer " requireRootedSaveAsPath="[truefalse]" /> The attributes are described in Table 13.3. Table 13.3. httpRuntime Attributes
The enable attribute allows an entire application domain to be disabled, perhaps in a hosting environment. Any requests to that application will result in a 404 error. The addition of automatic shutdowns is useful for sites that are hit infrequently (such as personal sites, maybe a photo album), where keeping the application active wastes resources. The idleTimeOut figure indicates the number of minutes since the last request was received. The requestLengthDiskThreshold and requireRootedSaveAsPath attributes are for file uploads. They define the maximum size of uploaded files and the path to where they can be saved, respectively. HTTP HandlersThe <httpHandlers/> section has been enhanced to cater to the following new handlers:
In addition, the following file suffixes are handled by the forbidden handler ( System.Web.HttpForbiddenHandler ), stopping them being served directly:
GlobalizationThe <globalization/> section has one new attribute, to allow automatic setting of culture depending on the browser. <globalization enableClientBasedCulture="[truefalse]" /> This attribute indicates whether or not the uiCulture and culture will be based on the accept-language header sent by the client browser. This overrides culture settings in configuration files, unless the client cultures cannot be mapped to a specific culture. The default value is false . PagesThe <pages/> section has been enhanced to add Personalization, master pages, and theme support. Additionally, there is a subelement that allows automatic addition of namespace references to each page (see Listing 13.1). Listing 13.1 pages Configuration Syntax<pages enablePersonalization="[truefalse]" personalizationProvider=" String " master=" String " theme=" String " > <namespaces> <add namespace=" String " /> </namespaces> </pages> The attributes are described in Table 13.4. Both the master and theme attributes can be overridden at the page level. Table 13.4. pages Attributes
For the namespaces subelement, the namespace is the full namespace to be included as a reference. For example: <namespaces> <add namespace="System" /> <add namespace="System.Collections" /> </namespaces> The following namespaces are included in machine.config :
Session StateThere are several changes to the state handling mechanism, which are covered in detail later in the chapter. Here's the new syntax for the <sessionState/> section: <sessionState mode="[OffInProcStateServerSQLServerCustom]" sqlCommandTimeout=" Integer " customType=" String " cookieName=" String " createEmptySession="[truefalse]" allowCustomSqlDatabase="[truefalse]" /> The new attributes are described in Table 13.5. Table 13.5. sessionState Attributes
Mobile Devices StateIn addition to the session state changes, there is also a <sessionPageState/> element, which details the number of pages of session state stored on the server: <sessionPageState historySize=" Integer " /> This works in a way similar to the session state management for mobile controls in the MMIT from ASP.NET 1.x. This is required because the session state is stored on the server, and without the history it would be possible for the session state to become out of sync with the displayed page. The default value is 9 . Web Request ModulesWhen using the WebRequest class to access Web resources, you have the option of using HTTP, HTTPS, or FILE as the protocols. The <webRequestModule/> now has FTP added to provide file transfer support: <add prefix="ftp" type=" String " /> The type attribute identifies the full type of the class implementing the service. New SectionsThe configuration files contain many new sections to cater to the new features in ASP.NET 2.0. These new sections are described briefly below. Anonymous IdentificationThe <anonymousIdentification/> section deals with how identity is assigned to users who are not authenticated (see Listing 13.2). It is used by the Personalization services. Listing 13.2 anonymousIdentification Configuration Syntax<anonymousIdentification enabled="[truefalse]" cookieName=" String " cookieTimeout=" Integer " cookiePath=" String " cookieRequiresSSL="[truefalse]" cookieSlidingExpiration="[truefalse]" cookieProtection="[NoneValidationEncryptionAll]" cookieless="[UseCookiesUseUriAutoDetectUseDeviceProfile]" /> The attributes are described in Table 13.6. Table 13.6. anonymousIdentification Attributes
Code DOMThe <system.codedom/> section has been introduced to centralize the configuration of compilation features across all aspects of the .NET Framework, rather than having them be part of the Web configuration. The <compilers/> element has been moved into this new section (see Listing 13.3). Listing 13.3 system.codedom Configuration Syntax<system.codedom> <compilers> <compiler language=" String " extension=" String " type=" String " warningLevel=" Integer " compilerOptions=" String " /> </compilers> </system.codedom> The attributes for each listed compiler are the same as the previous version, but with one addition, compilerOptions , which allows default compiler options to be set. Connection StringsThe <connectionStrings/> section allows database connection strings to be stored. Previously these were often stored in the appSettings section and thus used to get mixed in with general application settings. Now, however, they have a specific section, allowing database details to be stored either at the application level or for the entire machine. This also allows the connection string details to be protected (perhaps by encryption), thus keeping them secure. Although this functionality isn't part of the current release, it is planned for future releases. Table 13.7. connectionStrings Attributes
<connectionStrings> <add name=" String " connectionString=" String " /> <remove name=" String " /> <clear /> </connectionStrings> The attributes are described in Table 13.7. Like the application-specific settings, the connection strings are exposed through the ConfigurationSettings class. For example, we could define our database details as: <connectionStrings> <add name="MyData" connectionString="server=.;database=MyData;Uid=;Pwd=" /> </connectionStrings> Then we could use these details in our page or class: Dim cs As String cs = ConfigurationSettings.ConnectionStrings("MyData") Dim conn As New SqlConnection(cs) DataThe <system.data/> section allows configuration of data provider factories, allowing for abstracted access to data stores (see Listing 13.4). Listing 13.4 system.data Configuration Syntax<system.data> <DbProviderFactories> <add name=" String " invariant=" String " support=" String " description=" String " type=" String " /> </DbProviderFactories> </system.data> The attributes for <DbProviderFactories/> are described in Table 13.8. Table 13.8. DbProviderFactories Attributes
The supplied data factories are for:
CachingCaching is an area of ASP.NET that can bring great performance improvements, but one thing missing from ASP.NET 1.x was the capability to base the cache on a database. This capability would enable the cache to expire when the data it is caching changes, thus ensuring that out-of-date cached values are never used. The new <cache/> section allows the cache dependency to be set and based on databases (see Listing 13.5). Initially only SQL Server is supported, but the architecture allows for others to be added in future releases. Listing 13.5 cache Configuration Syntax<cache> <sqlCacheDependency enabled="[truefalse]" pollTime=" Integer " > <databases> <add name=" String " connectionName=" String " pollTime=" Integer " /> <remove name=" String " /> </databases> </sqlCacheDependency> </cache> The attributes are described in Tables 13.9 and 13.10. For more details on caching, please see Chapter 11. Table 13.9. sqlCacheDependency Attributes
Table 13.10. databases Attributes
Image GenerationThe <imageGeneration/> section allows configuration of the dynamic generation of images. The syntax is shown below: <imageGeneration storageType=" String " storagePath=" String " storageExpiration=" Integer " /> The attributes are described in Table 13.11. Table 13.11. imageGeneration Attributes
HTTP CookiesThe <httpCookies/> section controls whether certain HTTP headers are sent to the browser. This enables more secure storage of cookies and ensures that user-supplied code cannot access the cookies from the browser. Here's the syntax: <httpCookies httpOnlyCookies="[truefalse]" requireSSL="[truefalse]" domain=" String " /> The attributes are described in Table 13.12. Table 13.12. httpCookies Attributes
MembershipThe <membership/> section defines the configuration for the supplied Membership schemes. It follows the standard providers pattern, allowing custom providers to be supplied (see Listing 13.6). Listing 13.6 membership Configuration Syntax<membership defaultProvider=" String " userIsOnlineTimeWindow=" Integer "> <providers> <add name=" String " type=" String " [ providerSpecificSettings ] /> <remove name=" String " /> <clear> </providers> </membership> The attributes are described in Tables 13.13 and 13.14. Table 13.13. membership Attributes
Table 13.14. providers Attributes
SQL Server and Access Membership ProvidersTwo providers are supplied with this release, giving support for SQL Server and Access databases. These are named AspNetSqlProvider and AspNetAccessProvider , respectively, and both have the same syntax for the provider-specific section: connectionStringName=" String " enablePasswordRetrieval="[truefalse]" enablePasswordReset="[truefalse]" requiresQuestionAndAnswer="[truefalse]" applicationName=" String " requiresUniqueEmail="[truefalse]" passwordFormat="[ClearHashedEncrypted]" description=" String " The attributes are described in Table 13.15. Table 13.15. SQL Server and Access Membership Provider Specific Attributes
Membership is covered in detail in Chapter 6. Site MapsThe <siteMap/> section allows configuration of site map providers, providing menuing and navigation features (see Listing 13.7). Listing 13.7 sitemap Configuration Syntax<siteMap defaultProvider=" String " enabled="[truefalse]"> <providers> <add name=" String " description=" String " type=" String " [ providerSpecificSettings ] /> <remove name=" String " /> <clear> </providers> </siteMap> The attributes are described in Tables 13.16 and 13.17 on the next page. Table 13.16. siteMap Attributes
Table 13.17. siteMap providers Attributes
AspNetXmlSiteMapProviderThe supplied site provider is for XML files and has a single attribute, siteMapFile , which defines the name of the site map file. The default value for this is app.SiteMap . Site CountersThe <siteCounters/> section defines the configuration for the site counters service, allowing tracking of navigation from server controls (see Listing 13.8). Listing 13.8 siteCounters Configuration Syntax<siteCounters enabled="[truefalse]" defaultProvider=" String " handlerPath=" String " handlerType=" String " rowsPerDay=" Integer " type=" String "> <providers> <add name=" String " type=" String " [ providerSpecificSettings ] /> <remove name=" String " /> <clear/> </providers> <pageCounters enabled="[truefalse]" defaultProvider=" String " rowsPerDay=" Integer " trackApplicationName="[truefalse]" trackPageUrl="[truefalse]" counterGroup=" String " counterName=" String "> <pagesToCount> <add path=" String " /> <remove path=" String " /> <clear/> </pagesToCount> </pageCounters> </siteCounters> The attributes are described in Table 13.18. Table 13.18. siteCounters Attributes
There are two supplied providers for site counters, AspNetAccessProvider and AspNetSqlProvider , both of which have the same provider-specific attributes, as shown in Table 13.19. Table 13.19. Access and SQL Server Site Counters Attributes
The <pageCounters/> section allows configuration of how pages are tracked as part of the site counters service. The attributes are shown in Table 13.20. Table 13.20. pageCounters Attributes
The <pagesToCount/> element contains a collection of page names, meaning that the add and remove elements do not behave like ordinary add and remove elements that have a key. For the add element, the default value is * , which indicates that all pages recursively are included. Under default conditions, therefore, the remove element indicates the pages to exclude. PersonalizationThe <personalization/> section allows configuration of the Personalization service (see Listing 13.9). Listing 13.9 personalization Configuration Syntax<personalization enabled="[truefalse]" defaultProvider=" String "> <providers> <add name=" String " type=" String " [ providerSpecificSettings ] /> <remove name=" String " /> <clear /> </providers> <profile> <property name=" String " readOnly="[truefalse]" serializeAs="[StringXmlBinaryProviderSpecific]" provider=" String " defaultValue=" String " type=" String " allowAnonymous="[truefalse]" /> <group name=" String "> <property /> </group> </profile> </personalization> The attributes are described in Tables 13.21 and 13.22. Table 13.21. personalization Attributes
Table 13.22. personalization providers Attributes
The <profile/> section allows definition of custom types, such as a shopping cart, that can be stored with the Personalization details. Table 13.23 shows the personalization profile attributes. Only the name attribute is requiredall others are optional. Table 13.23. personalization profile Attributes
Page PersonalizationThe <pagePersonalization/> section details the Personalization providers available for individual pages (see Listing 13.10). Listing 13.10 pagePersonalization Configuration Syntax <pagePersonalization defaultProvider="String" /> <providers> <add name="String" type="String" [ providerSpecificSettings ] /> <remove name="String" /> <clear /> </providers> </pagePersonalization> There is only one attribute for <pagePersonalization/> , which is defaultProvider . This defines the name of the default provider and defaults to AspNetAccessProvider . The attributes for the providers element are described in Table 13.24. Table 13.24. pagePersonalization providers Attributes
There are two supplied page Personalization providers, AspNetSqlProvider and AspNetAccessProvider , both of which have the same two provider-specific attributes, as described in Table 13.25. Table 13.25. Access and SQL Server Page Providers Attributes
ProtocolsThe <protocols/> section defines the protocols available to the system and the protocol handlers that process them. Here's the syntax: <protocols> <add id="ISAPI" processHandlerType=" String " appDomainHandlerType=" String " validate="[truefalse]" /> </protocols> The attributes are described in Table 13.26. Table 13.26. protocols Attributes
Role ManagerThe <roleManager/> section allows configuration of roles for use in authorization (see Listing 13.11). Listing 13.11 roleManager Configuration Syntax<roleManager defaultProvider=" String " enabled="[truefalse]" cacheRolesInCookies="[truefalse]" cookieName=" String " cookieTimeout=" Integer " cookiePath=" String " cookieRequiresSSL="[truefalse]" cookieSlidingExpiration="[truefalse]" cookieProtection="[NoneValidationEncryptionAll]" > <providers> <add name=" String " type=" String " [ providerSpecificSettings ] /> <remove name=" String " /> <clear /> </providers> </roleManager> The attributes for the <roleManager/> are described in Table 13.27. Table 13.27. roleManager Attributes
Role Manager ProvidersThere are three supplied Role Manager providers:
The SQL Server and Access providers have the following attributes:
All three providers also have a description attribute. Mail ServersThe <smtpMail/> section allows configuration of a mail server for use with the SMTP Mail class (see Listing 13.12). Listing 13.12 smtpMail Configuration Syntax<smtpMail serverName=" String " serverPort=" Integer " from=" String "> <fields> <add name=" String " value=" String " typeName=" String " /> <remove name=" String " /> <clear /> </fields> </smtpMail> The attributes are described in Table 13.28. Table 13.28. smtpMail Attributes
Field SettingsThe <fields/> section allows definition of custom fields for the SMTP mail server. The attributes are described in Table 13.29. Table 13.29. smtpMail fields Attributes
URL MappingsThe <urlMappings/> section allows configuration of URLs that will be rewritten, thus allowing the actual URL to be hidden. Here's the syntax: <urlMappings enabled="[truefalse]"> <add url=" String " mappedUrl=" String " /> <remove name=" String " /> </urlMappings> The attributes are detailed in Table 13.30. For removal, the url attribute must contain a relative URL starting with ~/ . Table 13.30. urlMappings Attributes
Web Administration ToolThe Web Administration Tool (see Chapter 6) is configured with the <webSiteAdministrationTool/> section (see Listing 13.13). Listing 13.13 webSiteAdministrationTool Configuration Syntax<webSiteAdministrationTool defaultUrl=" String " physicalPath=" String " enabled="[truefalse]" errorPage=" String " localOnly="[truefalse]" > <authorization> <allow [usersroles]=" String " applicationPath=" String " /> <deny [usersroles]=" String " applicationPath=" String " /> </authorization> <categories> <category title=" String " navigateUrl=" String " imageUrl=" String " selectedImageUrl=" String " /> </categories> </webSiteAdministrationTool> The attributes are described in Table 13.31. Table 13.31. webSiteAdministrationTool Attributes
Authorization SettingsThe <authorization/> section allows configuration of which users or roles are allowed access to which parts of the administration interface. The attributes are described in Table 13.32. Table 13.32. authorization Attributes
CategoriesThe <categories/> section defines the categories that appear on the main administration page. The attributes are shown in Table 13.33. Table 13.33. categories Attributes
The default categories are:
For the Technology Preview, only the content for the Security tab is implemented; the other tabs are simply placeholders for future implementation. |