It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be

转自：http://www.cnblogs.com/silentwater/articles/760590.html
出现错误信息：

Configuration Error

Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level.  This error can be caused by a virtual directory not being configured as an application in IIS.

解决方法：
情况1：When you create an new web application using visual studio.net, it automatically creates the virtual directory and configures it as an application.
However, if you manually create the virtual directory and it is not configured as an application, then you will not be able to browse the application and
may get the above error. The debug information you get as mentioned above, is applicable to this scenario.

To resolve it, Right Click on the virtual directory - select properties and then click on "Create" next to the "Application" Label and the textbox. It will
automatically create the "application" using the virtual directory's name. Now the application can be accessed.

当使用.net创建一个新的web程序时，通常会自动的创建虚拟目录并设置为网站程序。
但是如果你手工创建虚拟目录而没有设置为网站程序，你就不能浏览网站的网页并出现上述的错误。

右键单击“默认网站”->新建->虚拟目录，将虚拟目录指向程序所在处，设置网站程序，就可以访问了。

情况2：When you have sub-directories in your application, you can have web.config file for the sub-directory. However, there are certain properties which cannot
be set in the web.config of the sub-directory such as authentication, session state (you may see that the error message shows the line number where the
authentication or sessionstate is declared in the web.config of the sub-directory). The reason is, these settings cannot be overridden at the sub-directory level
unless the sub-directory is also configured as an application (as mentioned in the above point).

Mostly we have the practice of adding web.config in the sub-directory if we want to protect access to the sub-directory files (say, the directory is admin and we
wish to protect the admin pages from unathorized users).

But actually, this can be achieved in the web.config at the application's root level itself, by specifing the location path tags and authorization, as follows:-

<location path="Admin">
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>

However, if you wish to have a web.config at the sub-directory level and protect the sub-directory, you can just specify the Authorization mode as follows:-

<configuration>
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

Thus you can protect the sub-directory from unauthorized access.


当你把web.config放在网站程序中的子文件夹时，有一些属性不能设置，如authentication, session state
（错误信息显示子文件夹中web.config声明的authentication, session state 所在的行号）。
原因是这些设置不能被子文件夹的权限覆盖（override），除非子文件夹本身被设置成网站程序。
通常情况下我们希望把web.config放在子文件夹中来保护对子文件夹中文件的访问
（假设目录是admin，我们希望保护admin里面的文件不被未授权的用户访问）

实际上，当web.config在网站程序根目录时，也能做到，如下：
<location path="Admin">
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</location>

如果你想把web.config放在子目录，可以这样设置：
<configuration>
<system.web>
<authorization>
<allow roles="administrators" />
<deny users="*" />
</authorization>
</system.web>
</configuration>

这样可以做到保护子文件夹不被未授权的用户访问。

祝  好运！