How to use ASP.NET Authorization Yet Permit Access to .css Files?

Question

<authentication mode="Forms">
      <forms loginUrl="Login.aspx"/>
</authentication>
<authorization>
      <deny users="?"/>
</authorization>

I am using forms authentication, and when i place the arguments cited above, the css formatting I have done for the whole document is not being implemented, it's vanishing. what should i be doing so that the CSS remains intact.

Answer 1

I assume that your login form has an external CSS file, and that you're using Cassini or IIS 7 integrated mode.

Your <deny users="?"/> is preventing anonymous users from seeing the login form's CSS files.

You need to use the <location> element to allow anonymous users to see the CSS files, like this:

<location path="CSS">
    <system.web>
        <authorization>
            <allow users="?"/>
        </authorization>
    </system.web>
</location>

Answer 2

Use the location element to allow access to your css:

<configuration>
   <location path="style.css">
      <system.web>
         <authorization>
            <allow users="?"/>
         </authorization>
      </system.web>
   </location>
</configuration>