In order to facilitate the configuration of the web.config file, I wrote an example of a commonly used web.config file, which can be used as a template to modify as needed.
Three quick ways to create a web.config file:
1. Configure using the asp.net website configuration tool in VS2005
2. Write with reference to the machine.config file in the C:WINDOWSMicrosoft.NETFrameworkv2.0.50727 (.net framework version)CONFIG directory.
3. Make template modifications to the following file
Click here to expand the code
<?xml version="1.0" encoding="utf-8"?>
<!--
Note: Instead of manually editing this file, you can also use
Web management tool to configure the application's settings. You can use the
"Website" -> "Asp.Net Configuration" option.
A complete list of settings and annotations is at
machine.config.comments, which is usually located in
WindowsMicrosoft.NetFrameworkv2.xConfig
-->
<configuration xmlns=" http://schemas.microsoft.com/.NetConfiguration/v2.0 ">
<appSettings>
<!-- Enable data caching -->
<add key="EnableCaching" value="true"/>
</appSettings>
<connectionStrings>
<add name="strConnUserDB"
connectionString="Data Source=.;Initial Catalog=profile1;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<membership>
<providers>
<remove name="AspNetSqlMembershipProvider" />
<add name="AspNetSqlMembershipProvider"
type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
connectionStringName="strConnUserDB"
enablePasswordRetrieval="false"
enablePasswordReset="true"
requiresQuestionAndAnswer="true"
applicationName="/"
requiresUniqueEmail="false"
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7"
minRequiredNonalphanumericCharacters="1"
passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
description="Storage membership data"
/>
</providers>
</membership>
<profile enabled="true" defaultProvider="AspNetSqlProfileProvider" inherits="">
<providers>
<remove name="AspNetSqlProfileProvider" />
<add name="AspNetSqlProfileProvider"
connectionStringName="strConnUserDB"
applicationName="/"
type="System.Web.Profile.SqlProfileProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
description="Storage Profile data"
/>
</providers>
<properties>
<add name="Name"/>
<add name="BackColor" type="System.Drawing.Color" allowAnonymous="true" serializeAs="Binary"/>
</properties>
</profile>
<roleManager enabled="true" cacheRolesInCookie="true">
<providers>
<remove name="AspNetSqlRoleProvider" />
<add name="AspNetSqlRoleProvider"
connectionStringName="strConnUserDB"
applicationName="/"
type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
description="Storage Role data"
/>
</providers>
</roleManager>
<!-- Other roleManager attributes (and their defaults) include:
cookieName=".ASPXROLES"
cookieTimeout="30"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true" // Renew expiring cookies?
createPersistentCookie="false" // Issue persistent cookie?
cookieProtection="All" /> // Cookie protection level
-->
<compilation debug="false" />
<authentication mode="Forms" />
<!--
<anonymousIdentification
enabled="true"
cookieName=".ASPXANONYMOUS"
cookieTimeout="43200"
cookiePath="/"
cookieRequireSSL="false"
cookieSlidingExpiration="true"
cookieProtection="All"
cookieless="UseCookies"
/>
-->
<!--
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
<location path="user">
<system.web>
<authorization>
<allow roles="?" />
<deny users="*"/>
</authorization>
</system.web>
</location>
</configuration>
http://www.cnblogs.com/andymore/archive/2006/10/03/520759.html