I cannot figure out how to see why my IIS server is doing redirects on some pages but not others. I am using forms auth, and in my login page, I need some resources like some .js files, a manifest.json, etc. on the login page (prior to authentication) and some of the resources are not loading becuase it throws a 302 redirect back to the login page for those resources.
I even put some 'hello world' html pages in the root and 1 works fine and the other 2 redirect to the login page.
www.mydomain.com/test.html -- 200 response www.mydomain.com/test2.html -- 302 response
I turned on logging in IIS and all it shows is a 'get' for test2.html and a 302 but doesn't say why (am I looking in the wrong place?).
I made sure that an 'allow all users' mode is in the .NET Authorization rules for that site and that Anonymous Authentication is enabled (all others are disabled) and an 'Allow all users' authorization rule is there.
In desparation, I even put
<authorization>
<allow users="*" />
<allow users="*" />
</authorization>
in web.config but no help. I have googled around but I can't seem to find anything else to try...
I ended up opening a case with Microsoft on this; turns out that I had 'Specific User' selected as my Anonymous user identity and that was set to the default user of 'IUSR', so for un-authenticated users, it was using that user which did not have the proper file level permissions. I set it to 'Application Pool Identity' and all is well.
in IIS manager, select the application, then click "Authentication", then edit the 'Anonymous Authentication' node and change it to 'Application Pool Identity'.