I am experimenting with the integrated authentication mode for static content in IIS7. I followed the instructions in this article: http://aspnet.4guysfromrolla.com/articles/122408-1.aspx It is working fine if I allow/deny access by login status (like in the article). However I want to allow/deny access based on roles (using the ASP.NET built in Roles Provider). When I put an allow rule for the role "Admin" in the web.config and deny rule for all other users I am not able to access the static files even when I login as an admin. The same folder contains non-static content (aspx pages) that are accessed just fine based on the Role Provider information.
Any ideas?