0

When I enable basic authentication for my Orchard website then styles/images/js files get redirected to the forms authentication login URL (ex: "/styles/login.css" is redirected to "/AccessDenied?ReturnUrl=/styles/login.css").

I'm using IIS 8.5 on Windows Server 2012. I already installed the Static Content feature for IIS. The user I'm using for basic authentication is an administrator and has full permissions to all of the Orchard files. I added <allow users="*" /> to the web.config in the appropriate directories but that made no difference.

Community
  • 1
  • 1
Keith
  • 20,636
  • 11
  • 84
  • 125
  • Some background: I'm using basic authentication on top of forms authentication because this is a private demo of a login-based site. The end product will use only forms authentication, but for now we're using basic authentication to prevent any portion of the site from being public. I'm open to alternatives if they're easier to set up. – Keith Oct 30 '14 at 17:07
  • I'm not sure what point there is in protecting stylesheets and js files. – Bertrand Le Roy Oct 30 '14 at 19:13
  • @BertrandLeRoy There isn't, but I'd rather not have to explicitly set anonymous access on all of the various folders that contain such files. – Keith Oct 30 '14 at 19:17
  • So now I'm totally confused: why don't you just remove permissions from the anonymous role? Why do you have to use basic auth at all? – Bertrand Le Roy Nov 02 '14 at 07:26

0 Answers0