Why is my style sheet redirecting me to login?

Question

I am sure this has something to do with IIS but I can't figure it out.

I have a website using forms authentication. When my website tries to access any file resources (javascript files, css, etc), I am redirected to the forms login page set in my web.config. I also get redirected if I just type the address into the address bar.

The web.config entry for forms auth is pretty basic:

<authentication mode="Forms">   <forms loginUrl="~/Account/LogOn" timeout="2880" /> </authentication> 

There are also two location nodes to deny users from other parts of the site:

<location path="n2">   <system.web>     <authorization>       <allow roles="Editors" />     </authorization>   </system.web> </location> <location path="web.config">   <system.web>     <authorization>       <deny users="*" />     </authorization>   </system.web> </location> 

I am using the standard IIS7 install on Windows Server 2008 R2.

Edit So, if I add a random auth cookie (FormsAuthentication.SetAuthCookie()), the resources become available, I know it has to be my authentication model that's messed up somehow. It works on another server (I just copied it over). Any ideas how I can track the problem down?

Answer 1

I had the same error, in my case the trick was setting Anonymous Authentication to use the App Pool identity instead of IUSR in IIS

1. Open IIS
2. Expand Sites
3. Select [YourWebSite]
4. Double click Authentication (will be under the IIS "Area" or the Security "Category")
5. Select Anonymous Authentication
6. Click Edit in the Actions pane
7. Click the 'Application pool identity' radio button