IIS 7+ MVC static content not rendering on login page (for unauthenticated users)

Question

I have a login page page that should be available to unauthenticated users. On my local ASP.Net dev server it all works well. However, when deployed on IIS 7, all static content such as pictures and scripts are not downloading. Only when the user logs in the first time does it return the pictures and scripts. The server returns HTTP 302 for unauthenticated users. I am using forms authentication & ASP.Net membership provider.

Answer 1

Step 1: Make sure the appropriate directories ('Content' and 'Scripts' by default for MVC) have been enabled for 'Anonymous Authentication' in web.config (inside ) e.g.:

<location path="Content">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>
<location path="Scripts">
    <system.web>
        <authorization>
            <allow users="*"/>
        </authorization>
    </system.web>
</location>

Step 2: Check that the 'IUSR' built-in account has read access to these directories. This user is used by default for all anonymous requests.

Note: You can change which account is used for anonymous access by editing applicationHost.config in C:\Windows\System32\inetsrv\config . On 64-bit machines this file can only be edited by 64-bit applications (i.e. not Visual Studio). Notepad works well. Make sure to take backups before you edit. You are looking for the next line:

<anonymousAuthentication enabled="true" userName="IUSR" />