Nov 24, 2014 04:54 PM|Kruddler|LINK
I'm starting to think that the answer to my question is to allow anonymous/forms access on the root folder, but disable anonymous access on the subfolder which is supposed to be secured. This seems to be the obvious solution, but none of the articles I read
recommended this. Instead, all the articles I read recommended using the <location> element to define subfolders which are supposed to be secure. The articles mentioned above certainly recommend that, but none of those articles seem to work.
Why is such a simple thing so hard in ASP/IIS?