One of the strengths of ASP.NET is its configuration system. By
centralizing all of the settings that control the behavior of your ASP.NET
Web site in a single XML file (web.config), ASP.NET makes it
easy to be sure that you haven’t overlooked anything when you’re
customizing a site. But in ASP.NET 1.0 and 1.1 (the versions that shipped
with Visual Studio .NET 2002 and Visual Studio .NET 2003), this
convenience comes at the cost of needing to edit the XML file by hand.
While most developers are used to having to deal with XML files by now,
it’s always an annoyance to have to stare at angle brackets.
Apparently Microsoft’s developers were annoyed by this too, because
they came up with not one but two different ways to make the ASP.NET
configuration process easier in version 2.0. In this article, I’ll show
you the new tools. The Web Site Administration Tool is designed for use by
developers who are building ASP.NET 2.0 sites, and the ASP.NET
Configuration Tool is smoothly integrated with Internet Information
Services Manager for use by administrators. Between these two tools, you
may never need to look at an angle bracket again.
The Web Site Administration Tool
The Web Site Administration Tool is available from within Visual Studio
2005 while you’re designing an ASP.NET 2.0 Web site. To launch the tool,
select ASP.NET Configuration from the Website menu. This will open the
tool in a separate browser window, as shown in Figure 1.
The tool breaks its functionality down across three tabs:
- Security, for managing user accounts and roles.
- Application, for managing general application settings.
- Provider, for testing and assigning providers for membership and
This tool doesn’t let you configure every possible web.config setting,
but it does handle most of the ones that a developer will wand to alter
during the design process.
The Application Tab
As a developer, you’ll probably spend most of
your time on the Application tab. Here you can modify application
settings, set up an SMTP server within your ASP.NET application, modify
the application’s online state, or configure debugging and tracing.
Application settings are a mechanism for storing arbitrary name-value
pairs within the web.config file. For example, if you create an
application setting with the name UserLimit and the value 25, you’re
actually adding this XML fragment to the file:
<add key="UserLimit" value="25" />
ASP.NET doesn’t do anything with these settings itself. They’re for
your own use in configuring your Web applications as you see fit. You can
access them by using the
System.Configuration.ConfigurationManager class in your
SMTP e-mail settings let you determine how your ASP.NET application
will send e-mail. You can choose a server and port to use, the name to use
as the From address on outgoing mail, and the authentication information
to sign in with.
The Application Status section of the Application tab gives you a
one-click way to take an application offline (or to subsequently place an
offline application back online). An offline application won’t respond to
user requests. This is handy when you need to perform extended maintenance
such as changing a database schema and don’t want user interactions to
interfere with the process.
Finally, you can choose whether to enable debugging or capture tracing
information, and specify custom error pages for the application. Each
setting you can make in this section (such as setting the sort order for
tracing results) corresponds to an entry in the web.config file.
The Provider Tab
The Provider tab of the Web Site Administration Tool lets you select
test providers for site configuration information. You can either choose
a single provider for everything, or separate providers for membership
information and role information. By default, new ASP.NET sites use the
AspNetSqlProvider for all configuration information. It’s possible to
write custom data provider classes to store this information in places
other than the default SQL Server database. If you do, this tab lets you
test your customer provider as well.
The Security Tab
The Security tab of the Web Site Administration Tool is designed to
manage all aspects of securing an ASP.NET Web site. If you don’t need
security on your site, you’ll never need to touch this tab. But if you do
need security, you’ll find these operations here:
- Select the site’s authentication type.
- Use the Security Setup Wizard to walk you through configuring
- Create and manage users.
- Create and manage roles.
- Create and manage access rules.
The ASP.NET Configuration Tool
The Web Site Administration Tool is only available on computers where
Visual Studio 2005 is installed. This makes it less than useful on
production servers – it’s likely that your network administrators will
take a dim view of trying to install VS2005 on the corporate Web server.
Fortunately, there’s another tool to fill the gap for post-deployment
configuration. ASP.NET 2.0 integrates its own configuration tool directly
into Internet Information Services Manager, which is Microsoft’s standard
tool for managing IIS Web sites.
To launch this tool, follow these steps:
- Open IIS Manager
- Locate the ASP.NET Web application that you want to configure.
- Right-click on the application and select Properties.
- In the Properties dialog box, click the Edit Configuration button.
This will open the ASP.NET Configuration Settings dialog box, shown in
The ASP.NET Configuration Settings dialog box provides access to most
of the settings in the web.config file, organized across seven tabs:
- The Connection tab lets you add, edit, and delete connection
strings and arbitrary application settings.
- The Custom Errors tab lets you set the custom errors mode and
specify pages to handle individual errors.
- The Authorization tab shows you any inherited authorization rules,
and lets you add, edit, and delete local authorization rules.
- The Authentication tab lets you set the site authentication mode,
set forms authentication parameters, and select membership and role
- The Application Tab provides access to a variety of
application-wide settings, including page language and theme defaults,
globalization settings, and impersonation and identity settings.
- The State Management tab lets you pick a session state mode,
customize session state management, and specify the session timeout.
- The Locations tab lets you identify specific paths and
subdirectories that should have their own configuration settings.
As with the Web Site Administration Tool, everything here could
be changed directly in the web.config file. But it’s a whole lot easier to
make changes through the graphical user interface and let the tool worry
about keeping the XML up to date.
It’s All About Making Your Life Easier
Could we have configured all of our ASP.NET 2.0 sites without these new
tools? Sure; we got through ASP.NET 1.0 and 1.1 without them just fine.
But the point of new versions of software is to make hard things easy and
easy things easier. Little improvements like the Web Site Administration
Tool and the ASP.NET Configuration Settings tool remove a bit of the grunt
work from setting up ASP.NET 2.0 sites, and it’s nice to have them around
to help. Put enough little things together, and you’ve got a good reason
About the Author
Mike Gunderloy is the author of over 20 books and numerous articles on
development topics, and the Senior Technology Partner for Adaptive Strategy, a
Washington State consulting firm. When
he’s not writing code, Mike putters in the garden on his farm in eastern