14

When developing (works fine live) the pages for our website don't pick up the correct CSS until the user has authenticated (logged on).

So the Logon and Logoff forms look bad, but once inside the site, the CSS works again.

I'm guessing it's some kind of authentication issue? Haven't really looked into it too much because it's only when working on dev so not a huge issue, but would be nice to know how to fix it.

Improve this question

4 Answers 4

Reset to default
17

To allow an unauthenticated user to see your .css files (or any other file/directory) you can add a location element to your web.config file pointing to the .css file.

<configuration>
   <system.web>
      // system.web configuration settings.
   </system.web>
   <location path="App_Themes/Default/YourFile.css">
      <system.web>
         <authorization>
            <allow users="*"/>
         </authorization>
      </system.web>
   </location>
</configuration>
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

15

Check and make sure that the CSS file itself is not in an area that you are securing. You can manually exclude the file via the web.config if needed.

Improve this answer

6 Comments

Manually exclude by adding the following in the <Configuration> section: <location path="css"> <system.web> <authorization> <allow users="*"></allow> </authorization> </system.web> </location>
This is good. Then how is it working in your production evironment? You should have the same problem there unless this section is missing in your dev web.config
I have this exact same issue - login page is unstyled on dev and fine on production. web.config is exactly the same except for connection strings and debug settings. This solution didn't solve the problem for me.
Correction: Had a dumb moment, it does work if you specify the whole path e.g. path="App_Themes/Theme" or path="App_Themes/Theme/file.css"
I found this didn't solve my version of the problem. I found for some people it was related to IIS 7. See if these help: stackoverflow.com/questions/6531250/… or forums.iis.net/p/1173012/1961218.aspx
|
10

I just ran into this problem myself and manually adding the location made no difference. I found that I had given the IIS_IUSRS access to the folders so my application pool had no problem accessing the files but IIS was using the IUSR account for anonymous access.

To fix it, I opened IIS Manager -> IIS: Authentication -> Select 'Anonymous Authentication' -> Click Actions: Edit.. (or right click) -> Select 'Application pool identity'

Now anonymous access attempts use the IIS_IUSRS which have the correct file permissions.

Improve this answer

Comments

3

Can you try using a tool like Fiddler or HttpWatch and check if a request actually goes for the .css file from the login page. Verify the return codes are 200. Could be because of relative path issue in your dev box.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.