web.config in .NET

authentication : Sets the authentication mode and specifies settings for the mode selected

authorization : Specifies who is allowed to access resources in this directory and its subdirectories

browserCaps : Maps user-agent data to browser capabilities

clientTarget : Maps user-agent data to browser types

compilation : Specifies run-time compilation settings such as whether executables should be compiled with debug symbols, maps file name extensions and Language attributes to compilers, and identifies the assemblies that ASP.NET links to.

customErrors : Enables the use of custom error pages and specifies how errors should be reported on clients and servers

httpRuntime : Specifies request time-outs and other settings used by the ASP.NET runtime

globalization : Specifies character encodings for requests and responses

httpHandlers : Maps URLs to HTTP handlers (for example, maps requests for ASPX files to System.Web.UI.PageHandlerFactory)

httpModules : Identifies HTTP modules called in response to HTTP requests

identity : Controls the identity that ASP.NET assigns to individual requests

machineKey : Specifies encryption and validation settings (for example, the key and algorithm used to encrypt authentication cookies)

pages : Specifies page-level configuration settings such as whether output buffering, session state, and view state are enabled

processModel : Specifies configuration settings for ASP.NET worker processes

securityPolicy : Maps trust levels to CONFIG files containing security policies

sessionState : Specifies session state settings (for example, where session state is stored)

trace : Enables and disables tracing and specifies trace settings

trust : Specifies the code access security trust level

webControls : Identifies the location on the server of client scripts used by ASP.NET Web controls

webServices : Contains Web service settings