Monday, January 14, 2008

Locking down configuration settings/overriding configuration settings

In addition to specifying path information using the <location>tag, you can also specify security so that settings cannot be overridden by another configuration file further down the configuration hierarchy. To lock down a group of settings, you can specify an allowOverride attribute on the surrounding <location>tag and set it to false. The following code locks down impersonation settings for two different applications.
<location allowoverride="false" path="app1"><system.web><identity username="app1" impersonate="false" password="app1pw"></location>
<location allowoverride="false" path="app2"><system.web><identity username="app2" impersonate="false" password="app2pw"></SYSTEM.WEB></location>
allowdefinition is used to allow child to define tags

allowoverride is used to allow child to override tags

<location path="." inheritInChildApplications="false">

<system.web> ... </system.web></location>

No comments: