If you try to get Windows Authentication working in IIS for a WCF service (including the one I showed you earlier), you may get the following error:
Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.
The problem here is that IIS and WCF are fighting over security. You’ve told IIS to prevent Anonymous access and use Windows Authentication instead. WCF, however, knows nothing about this. The answer is simple. Change your web.config file like so:
<?xml version="1.0"?> <configuration> <system.serviceModel> <services> <service behaviorConfiguration="basicBehavior" name="WCFTest.Test"> <endpoint address="" binding="basicHttpBinding" contract="WCFTest.Test" bindingConfiguration="basicBinding" /> <endpoint address="mex" binding="basicHttpBinding" contract="IMetadataExchange" bindingConfiguration="basicBinding" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="basicBehavior"> <serviceMetadata httpGetEnabled="true" /> </behavior> </serviceBehaviors> </behaviors> <bindings> <basicHttpBinding> <binding name="basicBinding"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows"/> </security> </binding> </basicHttpBinding> </bindings> </system.serviceModel>
The key change here is a new binding configuration called basicBinding. Have a look at the <security> and <transport> nodes. These tell WCF that security will be handled by the transport layer, that only credentials will be confirmed, and that it should quit worrying and get back to work.