My MVC app has, until a few minutes ago, been working fine (with asp/net membership as part of the solution). However, without knowingly changing anything relevant every request, even to my homecontroller (which doesn't have any authorization attributes etc).

I've taken all the entries out of the web.config for now relating to authorization, and I've check the applicationhost.config which has the following:

<access sslFlags="None" />

        <applicationDependencies>
            <application name="Active Server Pages" groupId="ASP" />
        </applicationDependencies>

        <authentication>

            <anonymousAuthentication enabled="true" userName="" />

            <basicAuthentication enabled="false" />

            <clientCertificateMappingAuthentication enabled="false" />

            <digestAuthentication enabled="false" />

            <iisClientCertificateMappingAuthentication enabled="false">
            </iisClientCertificateMappingAuthentication>

            <windowsAuthentication enabled="false">
                <providers>
                    <add value="Negotiate" />
                    <add value="NTLM" />
                </providers>
            </windowsAuthentication>

        </authentication>

        <authorization>
            <add accessType="Allow" users="*" />
        </authorization>

Can anyone suggest what may be causing this?

Thanks

Further information on this, I switched to using full IIS and its working fine now, so it looks like its an IIS Express issue. Any clues as to the cause? Is there no full IIS express gui other than the system tray icon?