anonymous users are unable to access DependencyHandler.axd with forms authentication and outpucache.
Enable forms authentication
<authentication mode="Forms">
<forms loginUrl="~/account/" slidingExpiration="true" timeout="10080" requireSSL="true" />
</authentication>
Configure output cache
<caching>
<outputCache enableOutputCache="true" defaultProvider="Memcached">
<providers>
<add name="Memcached" type="Enyim.Caching.Web.MemcachedOutputCacheProvider, Enyim.Caching.Web" />
</providers>
</outputCache>
</caching>
Configure CDF:
<clientDependency loggerType="" version="15">
<fileRegistration>
<providers>
<clear />
</providers>
</fileRegistration>
<compositeFiles defaultFileProcessingProvider="CompositeFileProcessor" defaultFileMapProvider="XmlFileMap" compositeFileHandlerPath="~/DependencyHandler.axd">
<fileProcessingProviders>
<clear />
<add name="CompositeFileProcessor" type="ClientDependency.Core.CompositeFiles.Providers.CompositeFileProcessingProvider, ClientDependency.Core" urlType="Base64QueryStrings" persistFiles="false" />
</fileProcessingProviders>
</compositeFiles>
</clientDependency>
it looks like FormsAuthenticationModule skips .axd files, so it does not initialize the User then when execute OutputCacheModule it throws exception because the user is null onLeave event.
the exception is in line 1882 in RequestRequiresAuthorization()
exception details:
System.NullReferenceException: Object reference not set to an instance of an object.
at System.Web.HttpContext.RequestRequiresAuthorization()
at System.Web.Caching.OutputCacheModule.OnLeave(Object source, EventArgs eventArgs)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
allow DefaultAuthentication solved the problem
I had these configuration in the config file
Removing the above 2 lines fixed the problem