WCF Exception: ... this service requires "anonymous" authentication, but it is not enabled for the IIS application hosting this service
I've seen this asked here and everywhere many times, but I can't keep my head down.
This is what I want to do. I need to host a WCF service in IIS 6. I need username / password protection and I don't want them to go unencrypted, so I am using HTTPS. I have it all running locally on my IIS, but when I come to deploy it, I get anonymous access with the error enabled. On my local IIS, anonymous access is enabled, on a deployed server it is not and we don't want to enable it. The problem is clear. The solution is not obvious to me ....
If I navigate to the page in IE or add a service link from Visual Studio, I get this error after entering my username / password. So this shows that my certificate and HTTPS are working fine and the username and password are correct. Here are the relevant settings from web.config:
<services>
<service name="SecureWcfTestsApplication.Service1">
<endpoint address=""
binding="wsHttpBinding"
bindingConfiguration ="Binding2"
contract="SecureWcfTestsApplication.IService1" />
</service>
</services>
<bindings>
<basicHttpBinding>
</basicHttpBinding>
<wsHttpBinding>
<binding name="Binding2">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="Windows" algorithmSuite="Default" />
</security>
</binding>
</wsHttpBinding>
</bindings>
I am using wsHttpBinding because it didn't like basicHttpBinding with clientCredentialType set on Windows. Having said that, I prefer to use basicHttp, but it wants the username as clientCredentialType, and I'm not sure what the difference is between UserName and Windows security.
The best
Ray
source to share
The exception you are getting is normal unless you are configuring transport security using Windows Authentication, http://msdn.microsoft.com/en-us/library/ms733089.aspx
Tag
<transport>
is necessary in this case, although you already have the tag set <message>
.
source to share
In IIS Manager click on your site. You need to be "in object view" (not "content view")
In the IIS "Feature view" section, select the so called "Authentication" feature and doulbe click on it. You can enable Windows Authentication here. It is also possible (I think in one of the suggestions in the thread) by setting in the web.config (...)
But maybe you have a web.config that you don't want to crawl too much with. Then this thread won't be too helpful, so I added this answer
Anonymous authentication can and in some cases should be enabled for the service, but not for the site.
So, make sure your site's root authentication is enabled for Windows Authentication only. Then expand your site, select the service folder, and make sure your service has Windows and Anonymous Authentication support enabled.
At least I had identical error message with Basic Website and Master Data Services MSSQL and that was the solution. I got an error when starting only the service, but the site was working almost fine, MDS Explorer was not working because the credentials of the service were wrong at the beginning. Can this missing configuration be caused by an error in MDS Configuration Manager when creating a new MDS site?
So, in my case, the problem was not fixed by doing any special editing in the web.config or ApplicationHost.config file, but simply to select the correct authentication options for the website and serve it in IIS Manager. I'm not sure if this is the case, but it might be worth trying?
source to share
At a particularly dumb moment, I was also getting this error:
WCF Exception: ... this service requires "anonymous" authentication, but it is not enabled for the IIS application hosting this service
Eventually I realized that my web.config does not have an "authentication" tag in the "system.web" at all. Unsurprisingly, IIS was complaining about authentication issues!
The solution to the problem was as easy as adding:
<system.web>
<authentication mode="Windows" />
Silly, I know ... but I hope this helps!
source to share