We have an internal ASP.NET Webforms application running on a Windows 2008/IIS7 server which has been running fine until we installed MVC3.

Now any requests redirect to /Account/Login?ReturnUrl=%2f.

The website is Webforms not MVC. Because it is an internal only site we have Windows Authentication enabled for the root folder.

We have several other websites on the same server that have not been affected by this problem, but this is the only site where the root folder is set to Windows Authentication.

I solved the problem by adding the following lines to the AppSettings section of my web.config file:

<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>

I fixed it this way

1. Go ot IIS
2. Select your Project
3. Click on "Authentication"
4. Click on "Anonymous Authentication" > Edit > select "Application pool identity" instead of "Specific User".
5. Done.

Updated answer for MVC 4, heavily borrowed from this page and ASP.NET MVC issue with configuration of forms authentication section (and answered on both pages)

<appSettings>
   ...
   <add key="PreserveLoginUrl" value="true" />
</appSettings>

...

<authentication mode="Forms">
      <forms loginUrl="~/Account/LogOn" timeout="43200" /> <!--43,200 in minutes - 30 days-->
</authentication>

Just remove

 <authorization>
      <deny users="?"/>
    </authorization>

from your web.config file

that did for me

My solution was to add the tag

[AllowAnonymous]

over my GET request for the Register page. It was originally missing from the code I was mantaining!

A solve this adding in the option defaultURL the path my application

<forms loginUrl="/Users/Login" protection="All" timeout="2880" name="001WVCookie" path="/" requireSSL="false" slidingExpiration="true" defaultUrl="/Home/Index" cookieless="UseCookies" enableCrossAppRedirects="false" />

It's resolved the IIS request auto redirect to default page(default.aspx or login page)

By adding the following lines to the AppSettings section of my web.config file:

<add key="autoFormsAuthentication" value="false" />
<add key="enableSimpleMembership" value="false"/>

We added some WCF SOAP related things to an existing IIS site and it caused this problem, with the site refusing to honour the web.config authentication redirect.

We tried the various fixes listed without success, and invented a work around of mapping the new weird URL back to the one we've been using for years:

<urlMappings enabled="true">
<add mappedUrl="~/loginout.aspx" url="~/Account/Login"/>
</urlMappings>

That worked but it's ugly. Eventually we traced it down to a web.config entry added by Visual Studio some time earlier:

<add key="webpages:Enabled" value="true" />

As we'd been unable to work out precisely what that does, we took it out, which solved the problem for us immediately.

Open web.config,then Change

<authentication mode="Forms">
  <forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>

To

<authentication mode="Forms">
  <forms loginUrl="~/Login.aspx" timeout="2880" />
</authentication>

change to ~/Default.aspx

Be ware with this:

RegisterGlobalFilters(GlobalFilterCollection filters) {
  filters.Add(new System.Web.Mvc.AuthorizeAttribute());
}

After 4 hours, of trying everything... Windows 2008 R2 the files were green in Window Explorer. The files were marked for encryption and arching that came from the zip file. unchecking those options in the file property fixed the issue for me.

If nothing works then add authentication mode="Windows" in your system.web attribute in your Web.Config file. hope it will work for you.

Drezus - you solved it for me. Thanks so much.

In your AccountController, login should look like this:

    [AllowAnonymous]
    public ActionResult Login(string returnUrl)
    {
        ViewBag.ReturnUrl = returnUrl;
        return View();
    }

Similar setup, identical problem. Some installations would work, but most would start redirecting (http 302) to /Account/Login?ReturnUrl=%2f after a successful login, even though we're not using Forms Authentication. In my case after trying everything else, the solution was to switch the Application Pool Managed Pipeline Mode from from Integrated to Classic, which cleared up the problem immediately.