In the HttpModules section, add some "remove" elements, one for every module you whish to disable. If HttpModules section is not present, you can add it yourself.
Here are the default HttpModules that are present and can eventually be disabled:
Check C:\WINDOWS\microsoft.NET\Framework\<version>\CONFIG\Web.config for more things you can emit. There are probably some more things you can override in your own Web.config...
Now assume you have a public and protected part on your website. The public part is www.example.com, the private part is www.examle.com/protected. Thanks to ASP.NET's configuration cascading model, you can now disable FormsAuthentication for www.example.com, as no authentication will be needed there. In the www.private.com/protected folder, you can now put another Web.config file, enabling FormsAuthentication on that folder. How cool is that!
I'm on my way to vacation. No blog posts next week, unless I spot a bear somewhere.
This is an imported post. It was imported from my old blog using an automated tool and may contain formatting errors and/or broken images.