Forms auth redirecting css/script includes to the login page with HTTP 302

Question

I have some includes on a login page, a css file and a js file.

<link rel="stylesheet" type="text/css" href="../../ext/resources/css/ext-all.css" /> <script type="text/javascript" src="../../ext/bootstrap.js"></script> 

Unfortunately the requests the browser makes for these get the 302 response. Forms Auth is seeing the request as unauthorized and redirecting them to the login page. It doesn't realise that the request are coming from the login page in the first place.

GET http://localhost:50880/ext/resources/css/ext-all.css HTTP/1.1  HTTP/1.1 302 Found <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="/Account/LogOn?ReturnUrl=%2fext%2fresources%2fcss%2fext-all.css">here</a>.</h2> </body></html> 

I thought perhaps setting the permissions of the includes folder (ext) to everyone might help.

I've not had this issue in other projects.

Answer 1

I had the same problem. Here's how I solved it.

In IIS7, click on your website, then double-click the Authentication button. Click on Anonymous Authentication, then click the Edit... link on the right hand side. Make sure the "Application pool identity" checkbox is checked.

My application pool is running under the "Network Service" user (not "ApplicationPoolIdentity"). You can choose the Identity in the Advanced Settings of your application pool in IIS. This user has been given full access to the file system for the website.