I've run into this issue before with being redirected to 'login.aspx'. It only happens when the "Anonymous Authentication" user isn't set properly.
Open IIS and go to the website in question. Once there, under IIS, double-click the "Authentication" icon. Next, select "Anonymous Authentication" and click the "Edit" link in the Actions pane. The user specified here needs to match the user used for the application pool and the user used for the "connect as" user on the Basic Settings for the site.
You could set the Application Pool Identity and then configure the "Anonymous Authentication" to use "Application pool identity" and the "Connect As" user on the Basic Settings to be "Application user". Doing this will ensure that all three are using the same thing and you don't have to update the user in three places if the user needs to change for some reason.
Hope this helps,