What are the Configuration Files used by the .NET Framework?

When examining the uses for ASP.NET’s configuration files, we must look at the machine.config file as well as the web.config file. The main difference between these two files is that the machine.config file is applied system-wide while the web.config is applied to each application based on the inheritance rules. Each configuration option set within the machine.config file is applied to every application and by using the allowOverride attribute in conjunction with the tag, you can prevent individual web.config files from overriding these settings.

When ASP.NET is initially installed, a default machine.config file is set up for your system with the standard configuration section handlers used within ASP.NET as well as many other configuration items. You can edit this default file to tailor your ASP.NET configuration to your requirements. You can also configure the same options in the lower-level web.config files in order to give you more granular control over individual applications.

You can configure almost all functional items of ASP.NET through the configuration files. The options available to you using the default ASP.NET machine.config file includes everything from browser compatibility options to secure authentication options.

Standard Configuration Tags:

<appSettings>: It allows the configuration of custom settings for your applications.
<authentication>: It allows configuration of ASP.NET’s authentication support.
<authenticationModules>: It allows the definition of modules necessary for ASP.NET’s authentication
support.
<authorization>: It allows configuration of ASP.NET’s authorization support.
<browserCaps>: It allows configuration of settings for the browser capabilities component.
<compilation>: It allows configuration of all ASP.NET compilation settings.
<connectionManagement>: It allows configuration of client connection options.
<customErrors>: It allows the definition of custom error messages for your application.
<defaultProxy>: It allows the configuration of proxy server usage by ASP.NET.
<globalization>: It allows the configuration of globalization settings for your applications.
<httpHandlers>: It allows mapping of incoming URL requests to appropriate IHttpHandler classes or IhttpHandlerFactory classes.
<httpModules>: It allows the configuration of HTTP modules used within an application.
<httpRuntime>: It allows the configuration of HTTP runtime settings.
<identity>: It controls the identity used by your application.
<machineKey>: It allows configuration of keys for encryption and decryption of form’s authentication cookie data.
<pages>: It allows configuration of page- specific settings.
<processModel>: It allows configuration of ASP.NET process model settings.
<securityPolicy>: It allows the mapping of defined security levels to policy files.
<sessionState>: It allows configuration of the session state HTTP module.
<trace>: It allows configuration of the ASP.NET trace service.
<trust>: It allows configuration of the code access security permission set used to run your application.
<webRequestModules>: It allows configuration of ASP.NET’s use of modules for request processing based on the prefix.
<webServices>: It allows configuration of ASP.NET Web Services settings.