Search
Close this search box.

You may receive the error “It is an error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level” in asp.net

You may get this error when trying to browse an asp.net application.

The debug information shows that “This error can be caused by a virtual directory not being configured as an application in IIS.”

However, this error occurs primarily out of 2 scenarios.

1. When you create an new web application using visual studio.net, it automatically creates the virtual directory and configures it as an application.
However, if you manually create the virtual directory and it is not configured as an application, then you will not be able to browse the application and
may get the above error. The debug information you get as mentioned above, is applicable to this scenario.

To resolve it, Right Click on the virtual directory – select properties and then click on “Create” next to the “Application” Label and the textbox. It will
automatically create the “application” using the virtual directory’s name. Now the application can be accessed.

2. When you have sub-directories in your application, you can have web.config file for the sub-directory. However, there are certain properties which cannot
be set in the web.config of the sub-directory such as authentication, session state (you may see that the error message shows the line number where the
authentication or sessionstate is declared in the web.config of the sub-directory). The reason is, these settings cannot be overridden at the sub-directory level
unless the sub-directory is also configured as an application (as mentioned in the above point).

Mostly we have the practice of adding web.config in the sub-directory if we want to protect access to the sub-directory files (say, the directory is admin and we
wish to protect the admin pages from unathorized users).

But actually, this can be achieved in the web.config at the application’s root level itself, by specifing the location path tags and authorization, as follows:-

<location path="Admin">
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>

However, if you wish to have a web.config at the sub-directory level and protect the sub-directory, you can just specify the Authorization mode as follows:-

<configuration>
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

Thus you can protect the sub-directory from unauthorized access.

Cheers.

This article is part of the GWB Archives. Original Author: Project Cool

Related Posts