My colleague is using an HttpHandler for compression of javascript and CSS (YUI Compressor for .NET) on an ASP.NET Web Application.
He also set up Forms Authentication. The Forms Authentication appears to be blocking the CSS and JavaScript (served by the HttpHandler) from downloading on the login page. Is there a way to exclude this HttpHandler from Forms Authentication?
Add a location tag for those resource paths in your web.config:
<location path="/js">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="/css">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>