Web.Config at IIS Root

Discussion in 'ASP .Net' started by Chad, Jun 14, 2007.

  1. Chad

    Chad Guest

    We want to share common parameters across multiple web apps using a shared
    web.config at the IIS root level.

    Out Sys Admin objects to thhis for security reasons.

    What is the best practice? Is there an increeased risk here? If so, why?
     
    Chad, Jun 14, 2007
    #1
    1. Advertising

  2. re:
    !> Is there an increased risk here? If so, why?

    None.
    If there's risk in one app, there'd be risk for all apps...but there isn't one.

    However, I would set machine-wide settings in machine.config
    ....not in a web.config in the IIS root.




    Juan T. Llibre, asp.net MVP
    asp.net faq : http://asp.net.do/faq/
    foros de asp.net, en espaƱol : http://asp.net.do/foros/
    ======================================
    "Chad" <> wrote in message news:f4sdj3$9o8$...
    > We want to share common parameters across multiple web apps using a shared web.config at the IIS
    > root level.


    > Out Sys Admin objects to thhis for security reasons.


    > What is the best practice? Is there an increeased risk here? If so, why?
     
    Juan T. Llibre, Jun 14, 2007
    #2
    1. Advertising

  3. It's unlikely you'd have security issues (but it's possible depending
    on what you declare in the web.config). It is possible you can end up
    with problelms where some apps don't really want to share the same
    things. This is particularly true if you have apps on the same server
    running different versions of asp.net.

    hth,

    Sam

    ------------------------------------------------------------
    We're hiring! B-Line Medical is seeking .NET
    Developers for exciting positions in medical product
    development in MD/DC. Work with a variety of technologies
    in a relaxed team environment. See ads on Dice.com.



    On Thu, 14 Jun 2007 17:56:50 -0400, "Chad"
    <> wrote:

    >We want to share common parameters across multiple web apps using a shared
    >web.config at the IIS root level.
    >
    >Out Sys Admin objects to thhis for security reasons.
    >
    >What is the best practice? Is there an increeased risk here? If so, why?
    >
    >
     
    Samuel R. Neff, Jun 15, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    1,266
  2. dotnetprogram
    Replies:
    1
    Views:
    732
    Joey Powell
    Dec 27, 2003
  3. Jiong Feng
    Replies:
    3
    Views:
    2,056
    Chris Moore
    Apr 30, 2004
  4. Benny Ng
    Replies:
    9
    Views:
    10,168
    Benny Ng
    Oct 13, 2005
  5. CSharpner
    Replies:
    0
    Views:
    1,109
    CSharpner
    Apr 9, 2007
Loading...

Share This Page