Testing the app locally as a non admin authenticated user, glimpse.axd handler generates 3 redirects to the login action (did I mention it is an MVC 5 app).
an example displaying one of the redirects below:
GET http://localhost:44308/Glimpse.axd?n=glimpse_metadata&hash=eaabef1a&callback=glimpse.data.initMetadata HTTP/1.1
and the redirect
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
after exploring the issue for about 10 minutes and enough scratching my head,
why would a login request be made when the request is already authenticated? hmmm
hmm, U know what?
as a temporary fix, add the following 2 liners to the login action
return new ContentResult();