I am currently preventing anonymous users access to my root application.

/web.config

  <system.web>
    <authorization>
      <deny users="?" />
    </authorization>
  </system.web>

But am allowing anonymous access to public resources (Images, CSS, etc.):

  <location path="Images">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

Now, I would like to add a virtual directory which should be accessible to anonymous users. I added a configuration based on the Images path, but whenever I try to access that location, I get redirected to the login page with the ReturnURL set to the virtual directory.

  <location path="virtualDirectory">
    <system.web>
      <authorization>
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

In addition, I tried to specify the global authorization within my virtual directory's web.config but get an error saying I can only have that once

/virtualDirectory/web.config:

  <system.web>
    <authorization>
      <allow users="*" />
    </authorization>
  </system.web>

How can I allow anonymous access to a virtual directory when my root application is preventing anonymous access?

Related posts

Recent Viewed