asp.net.ph
Home  
Getting Started  
Skip Navigation Links
Web Forms  
Skip Navigation Links
Data Access  
Skip Navigation Links
Web Apps  
Skip Navigation Links
Web Basics  
Skip Navigation Links
Show Me   Search
Thursday, January 9, 2025 

Skip Navigation LinksHome > ASP.NET Applications > ASP.NET Configuration > Hierarchical Configuration Architecture > Locking Configuration Settings

Locking Configuration Settings

ASP.NET Web Applications   ASP.NET Configuration   Hierarchical Configuration Architecture

By default, configuration files located in child directories override and extend all configuration settings defined in parent configuration files.

In certain cases, though, administrators may need to lock or make specific configuration settings unchangeable to prevent modification. For example, an administrator may want to lock the sandbox security settings for hosted applications to reduce the risk of malicious attacks on the system.

To lock an entire configuration section:

  1. Declare a <location> directive having an allowOverride attribute set to false. 
    <location ... allowOverride = "false">
  2. Within the <location> element, define the configuration section you need to lock. 
    <location ... allowOverride = "false">
   <system.web>
      ... section to lock ...
   </system.web>
</location>

ASP.NET will throw an exception if a lower-level configuration file attempts to override any configuration section that is defined within this locked <location> element.

The following configuration file example ( which could be stored at either the main system level or at the applcation level ) locks the application identity of two different ASP.NET applications ( application1 and application2 ) and configures the applications to run only under specific accounts.

<configuration>
   <location path = "application1" allowOverride = "false">
      <system.web>
         <identity impersonate = "true" userName = "application1" 
            password = "pwd1" />
      </system.web>
   </location>
  
   <location path = "application2" allowOverride = "false">
      <system.web>
         <identity impersonate = "true" userName = "application2"
            password = "pwd2" />
      </system.web>
   </location>
</configuration>

Any attempt to override the configuration settings in the previous example using the configuration settings in the following example would generate a configuration system error.

<configuration>
   <system.web>
      <identity userName = "MyName" password = "MyPwd" />
   </system.web>
</configuration>

ASP.NET also includes other <location> attributes that may be used to lock individual configuration elements, such as lockItem, lockAttributes, lockElements, and so on. For more information, see Shared Configuration Attributes.

See Also

ASP.NET Configuration Sections   Configuration Inheritance   Configuration <location> Settings




Home
Suggested Reading

© 2025 Reynald Nuñez and asp.net.ph. All rights reserved.

If you have any question, comment or suggestion
about this site, please send us a note