WCF Hosted on IIS6

Question

I am trying to prevent annonymous access being allowed to my WCF service however i keep getting an error message "Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service."

I have tried various ideas such as removing the mex endpoint and setting the security mode as Transport credential only but this does not work.

Config:

My App pool identity is configured to a network account which sits on my domain, My Website has Anonymous access unticked and Integrated Windows Authentication ticked. My Service config is:

<services>      
  <service behaviorConfiguration="CRMDataDashboard_Service.CoreServiceBehavior"
    name="CRMDataDashboard_Service.CoreService">
    <endpoint address="http://crmb1:8900/CoreService.svc" binding="basicHttpBinding" contract="CRMDataDashboard_Service.ICoreService">
      <identity>
        <dns value="localhost" />
      </identity>
    </endpoint>
   </service>
</services>
<behaviors>
  <serviceBehaviors>
    <behavior name="CRMDataDashboard_Service.Service1Behavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
    <behavior name="CRMDataDashboard_Service.ChartDataBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
    <behavior name="CRMDataDashboard_Service.DataDashboardServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
    <behavior name="CRMDataDashboard_Service.CoreServiceBehavior">
      <serviceMetadata httpGetEnabled="true" />
      <serviceDebug includeExceptionDetailInFaults="false" />
    </behavior>
  </serviceBehaviors>
</behaviors>

Any help with this will be appreciated

score 0 · Answer 1 · edited May 23 '17 at 12:26

0

Are you using basicHttpBinding?

This answer may help: IIS hosted WCF-service + Windows auth in IIS + TransportCredentialOnly/Windows auth in basicHttpBinding

edited May 23 '17 at 12:26

Community

1
1

answered Mar 25 '11 at 12:00

DaveRead

3,371
1
21
24

Also http://stackoverflow.com/questions/5150612/net-4-0wcfwindows-authentication-iis – MattC Mar 25 '11 at 13:08
Tried these and my setting are all the same. – Bruie Mar 25 '11 at 13:20

Aliostad · Answer 2 · 2011-03-25T13:04:29.083

0

You need to create a binding in the config which defines windows authentication as transport security:

<bindings>
  <basicHttpBinding>
    <binding name="BasicHttpEndpointBinding">
      <security mode="TransportCredentialOnly">
        <transport clientCredentialType="Windows" />
      </security>
    </binding>
  </basicHttpBinding>
</bindings>

Have a look here.

UPDATE

You need to put the above code just under <system.serviceModel>. You also need to point to the binding in your config (in bindingConfiguration use the BasicHttpEndpointBinding since this is what we have defined the binding as):

<endpoint address="http://crmb1:8900/CoreService.svc" binding="basicHttpBinding" contract="CRMDataDashboard_Service.ICoreService" bindingConfiguration="BasicHttpEndpointBinding">
  <identity>

edited Mar 25 '11 at 13:04

answered Mar 25 '11 at 12:04

Aliostad

80,612
21
160
208

Where in the config would that have to go? – Bruie Mar 25 '11 at 13:00
I have that it as above but it is still passing the same error. - Is there anything else i need in the config i.e Integrated Security = True etc. – Bruie Mar 25 '11 at 13:12
Put your new binding here. And read that link I sent make sure you have done it all. – Aliostad Mar 25 '11 at 13:14
Checked the link - here are my bindings – Bruie Mar 25 '11 at 13:32
And my service - – Bruie Mar 25 '11 at 13:33

WCF Hosted on IIS6

2 Answers2

UPDATE