Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Css and Scripts don't work until the user log in the website - Asp.NET MVC 3 Web Site

I've a asp.net mvc 3 site and i publish it in iis 7.5 (framework 4.0), and the problem is that the css and the scripts don't work util the user log in the website. So:

  • The website was created like virtual directory and converted into a application.
  • The mode is forms authentication.
  • I enable in the iis the forms and anonymous authentication.

The web config has:

<location path="Content" allowOverride="true">
    <system.web>
        <authorization>
            <allow users="*" />
        </authorization>
    </system.web>
</location>
<location path="Scripts" allowOverride="true">
    <system.web>
        <authorization>
            <allow users="*" />
        </authorization>
        <globalization culture="pt-BR" uiCulture="pt-BR" />
    </system.web>
</location>

<authorization>
    <deny users="?"/>
</authorization>

Obs: the dlls that i add in bin directory: System.Web.Helpers.dll, System.Web.Mvc.dll, System.Web.Routing.dll, System.Web.WebPages.dll.

I tried to change the path in the localtion as "~/Content", but i got the same result.

I tried to put the tag allow in the autorization tag as:

<authorization>
    <deny users="?"/>
    <allow users="*"/>
</authorization>

But i got the same result.

What am i missing?

like image 553
Vinicius Ottoni Avatar asked Feb 07 '12 14:02

Vinicius Ottoni


3 Answers

I figured it out. It was something I missed from my checklist when setting up a new IIS application: Select the application, double-click "Authentication", select "Anonymous Authentication", then Edit, and change it to use the Application Pool Identity. Make sure that user has permissions on the folder that contains the site like the others said.

like image 127
Vinicius Ottoni Avatar answered Nov 15 '22 10:11

Vinicius Ottoni


I've had this problem too and it's not the asp.net authorization that is the problem it's the rights to the files in the filesystem.

You need to make sure the website runs under an account that has access to the files. For my internal testing I usually make the website run under my account but I guess this wouldn't be good idea security wise if you host it in public. You can set this under advanced settings -> Physical Path Credentials for the website.

like image 33
Mikael Eliasson Avatar answered Nov 15 '22 11:11

Mikael Eliasson


Try to allow content path, where your scripts and css files are stored:

<configuration>
  <location path="content" allowOverride="true">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  <system.web>
    <authorization>
      <allow roles="admin" />
      <deny users="?" />
    </authorization>
  </system.web>
</configuration>
like image 4
oyaebunterkrah Avatar answered Nov 15 '22 12:11

oyaebunterkrah