ASP.NET Tutorial/Configuration/Introduction

File: Web.config
<configuration>
  <appSettings>
    <add key="welcome" value="Welcome to our Web site!" />
    <add key="copyright" value="Copyright (c) 2007 by the company" />
  </appSettings>
</configuration>

By default, the settings in a Machine.config or Web.config file are applied to all pages in the same folder and below. 
You can apply configuration settings to a particular path. 
You apply configuration settings to a particular path by using the <location> element. 
For example, the following web configuration file enables password-protection for a single file named Secret.aspx.
The <location> element must be added as an immediate child of the <configuration> element. 
File: Web.config
<configuration >
  <system.web>
    <authentication mode="Forms" />
  </system.web>
  <location path="Secret.aspx">
    <system.web>
      <authorization>
        <deny users="?" />
      </authorization>
    </system.web>
  </location>
</configuration>

You can lock configuration settings so that they cannot be overridden at a lower level in the configuration hierarchy. 
The following Web.config file locks a setting by using the allowOverride="false".
File: Web.config
<configuration >
  <location allowOverride="false">
    <system.web>
      <compilation debug="false" />
    </system.web>
  </location>
</configuration>

File: Web.config
<configuration >
    <system.web>
      <compilation debug="false" lockAttributes="debug" />
    </system.web>
</configuration>

Enable the remote server to accept remote configuration connections by executing the following command from a command prompt:
aspnet_regiis -config+

To disable remove configuration connections, execute the following command:
aspnet_regiis -config-

The aspnet_regiis tool is located in the following path:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Configuration" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        try
        {
            Configuration config = WebConfigurationManager.OpenMachineConfiguration(null, txtServer.Text, txtUserName.Text, txtPassword.Text);
            AuthenticationSection section = (AuthenticationSection)config.GetSection("system.web/authentication");
            lblAuthenticationMode.Text = section.Mode.ToString();
        }
        catch (Exception ex)
        {
            lblAuthenticationMode.Text = ex.Message;
        }
    }
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
    <title>Show Config Remote</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
    <asp:Label
        id="lblServer"
        Text="Server:"
        AssociatedControlID="txtServer"
        Runat="server" />
    <br />
    <asp:TextBox
        id="txtServer"
        Runat="server" />
    <br /><br />
    <asp:Label
        id="lblUserName"
        Text="User Name:"
        AssociatedControlID="txtUserName"
        Runat="server" />
    <br />
    <asp:TextBox
        id="txtUserName"
        Runat="server" />
    <br /><br />
   <asp:Label
        id="lblPassword"
        Text="Password:"
        AssociatedControlID="txtPassword"
        Runat="server" />
    <br />
     <asp:TextBox
        id="txtPassword"
        TextMode="Password"
        Runat="server" />
    <br /><br />
    <asp:Button
        id="btnSubmit"
        Text="Submit"
        OnClick="btnSubmit_Click"
        Runat="server" />
    <hr />
    Authentication Mode:
    <asp:Label
        id="lblAuthenticationMode"
        Runat="server" />
    </div>
    </form>
</body>
</html>

ASP.NET uses a hierarchical system of configuration. 
At the top of the hierarchy is the Machine.config file. 
This Machine.config file contains all the default configuration settings for ASP.NET.
The Machine.config file is located at:
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\Machine.config

This same folder also contains a Web.config file. 
The Web.config file contains settings specific to ASP.NET applications. 
The Web.config file overrides particular settings in the Machine.config file.

File: Web.config
<configuration>
  <appSettings configSource="appSettings.config" />
</configuration>

File: appSettings.config
<appSettings>
  <add key="message" value="Hello World!" />
</appSettings>

Every web application inherits the settings from the machine.config file. 
You can apply application-specific settings. 
The entire content of an ASP.NET configuration file is nested in a root <configuration> element. 
<system.web> element is used for ASP.NET settings. 
Inside the <system.web> element are separate elements for each aspect of configuration.
ASP.NET uses a multilayered configuration system. 
To use this technique, you need to create additional subdirectories inside your virtual directory. 
These subdirectories can contain their own web.config files. 
ASP.NET uses configuration inheritance so that each subdirectory acquires the settings from the parent directory.
If settings conflict, the settings from a web.config in a nested directory always override the settings inherited from the parent.

The following web.config file uses the <location> element to create two groups of settings.
One for the current directory and one that applies only to files in the subdirectory named Secure:
<configuration xmlns="http://schemas.microsoft.ru/.NetConfiguration/v2.0">
    <system.web>
        <!-Basic configuration settings go here. -->
    </system.web>
    <location path="/Secure">
        <system.web>
            <!-Configuration settings for the Secure subdirectory go here. -->
        </system.web>
    </location>
</configuration>