I am trying to implement a file handler for my web service. I can't even figure out how to grant everyone access to a specific folder. I'm trying to use location in my web.config to allow all through, but that does not even work. It always prompts me for a login when trying to access an image file in the specific folder (just testing via entering full path in the url). When connecting via my Android App, even after login I get a permission denied error trying to access an image directly. Any ideas?
Here is my web.config:
<?xml version="1.0"?><configuration> <system.web><compilation debug="false" strict="false" explicit="true" targetFramework="4.5"/><customErrors mode="Off"/><authentication mode="None"/><sessionState timeout="120"/><membership defaultProvider="AspNetSqlMembershipProvider" userIsOnlineTimeWindow="15"><providers><remove name="AspNetSqlMembershipProvider"/><clear/><add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer" applicationName="ss" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" minRequiredPasswordLength="8" requiresUniqueEmail="true" passwordFormat="Hashed"/></providers></membership><roleManager enabled="true" defaultProvider="MySqlRoleProvider"><providers><clear/><add name="MySqlRoleProvider" connectionStringName="LocalSqlServer" applicationName="ss" type="System.Web.Security.SqlRoleProvider"/></providers></roleManager><pages controlRenderingCompatibilityVersion="4.0"/></system.web><system.serviceModel><bindings><basicHttpBinding><binding name="ssBinding"><security mode="Transport"><transport clientCredentialType="None"/></security></binding></basicHttpBinding></bindings><services><service name="ssService.ss" behaviorConfiguration="metadataBehavior"><endpoint address="" binding="basicHttpBinding" bindingConfiguration="ssBinding" contract="ssService.IService1"/></service></services><behaviors><serviceBehaviors><behavior name="metadataBehavior"><!-- To avoid disclosing metadata information, set the values below to false before deployment --><serviceMetadata httpGetEnabled="false" httpsGetEnabled="true"/><!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --><serviceDebug includeExceptionDetailInFaults="true"/><serviceAuthorization principalPermissionMode="UseAspNetRoles" roleProviderName="MySqlRoleProvider"><authorizationPolicies><add policyType="AuthorizationPolicy.AuthorizationPolicy.HttpContextPrincipalPolicy, AuthorizationPolicy, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"/></authorizationPolicies></serviceAuthorization></behavior></serviceBehaviors></behaviors><serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/></system.serviceModel><system.webServer><handlers> <add name="FileHandler" verb="*" path="*.jpg" type="FileHandler"/></handlers><modules><remove name="BasicAuthenticationModule"/><add name="BasicAuthenticationModule" type="UserAuthenticator.Module.UserNameAuthenticator, UserAuthenticator"/></modules></system.webServer><location path="pics"><system.web><authorization><allow users="*"/> </authorization></system.web></location></configuration>