I'm running an Asp.NET MVC 2 app under IIS 6.
All pages are behind Windows Integrated Authentication except for some pages that accepts anonymous access.
We setup these pages in the web.config with the location element like this
<location path="MyPath/ToThePage">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
Since this is an Asp.NET MVC app, the path indicated in the path attribute points to an action method not a physical location.
When this was running under IIS 7 integrated mode it was working fine. But when we switched to IIS 6 we get the login prompt even with the pages that are set to accept anonymous users.
How to make IIS 6 authorize anonymous access to non physical paths ?