Reputation: 254
Does IIS 8.5 Root site web.config settings affect the application site(s) web.config settings?
There is a web.config for the Default Web Site with authentication settings such as Impersonation, Windows Auth, Basic which is set to false at the moment.
Then we have the mypictures application with its own Web.config and it has its own authentication settings..
I've been told the default site web.config settings trickle down to the application sites.
Does this mean that authentication should be set at the Root Level (Default Web Site)? I'm confused on this subject and clarification would be greatly appreciated.
Upvotes: 0
Views: 470
Answers (2)
Reputation: 3494
The setting in root folder will affect applications. If you try to add an authorization rule in root level. Then you will receive
You could put</clear> in your sub application to prevent inherit operation.
Of course, if you enable windows auth in root level and disable windows auth in application level. Then the status of windows auth will be disabled. Application level setting can override root level setting.
Upvotes: 1
Reputation: 40928
Does this mean that authentication should be set at the Root Level (Default Web Site)?
Not necessarily. If you want the authentication to apply at the root of the site, then yes. If you don't care what happens at the root of the site, then just apply the authentication to the web.config of the application.
Upvotes: 0
Related Questions
- Does the web.config file settings override IIS settings?
- Does the appsettings file attribute override what is in the app.config?
- Will a child application inherit from its parent web.config?
- applicationSettings and Web.config
- Are Sitecore settings always preferrable to ASP.NET app settings in the Web.config?
- how Web.config inherits IIS configuration settings?
- Is web.config protected by IIS?
- Editing a web.config file through web application will cause any security problem?
- Root web.config used instead of site web.config
- Does web.config override any app.configs?