WCF Exception: ...this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service

Question

I've seen this asked here and everywhere lots of times but I can't get my head around it.

Here's what I want to do. I need to host a WCF Service in IIS 6. I want user name / password security and I don't want these passed unencrypted so I'm using HTTPS. I have this working all locally on my IIS, but when I come to deploy it I get the anonymous access not enabled error. On my local IIS anonymous access is enabled, on the deployed server it isn't, and we don't want to enable it. Problem understood. Solution not obvious to me....

If I navigate to the page in IE, or do add service reference from Visual Studio, I get this error after entering my username / password. So this shows that my certificate and HTTPS is working OK, and the username and password are correct. Here are the relevant settings from web.config:

<services>
  <service name="SecureWcfTestsApplication.Service1">
    <endpoint address=""
      binding="wsHttpBinding"
      bindingConfiguration ="Binding2"
      contract="SecureWcfTestsApplication.IService1" />
  </service>
</services>

<bindings>
  <basicHttpBinding>
  </basicHttpBinding>
  <wsHttpBinding>
    <binding name="Binding2">
      <security mode="TransportWithMessageCredential">
        <message clientCredentialType="Windows" algorithmSuite="Default" />
      </security>
    </binding>        
  </wsHttpBinding>
</bindings>

I am using wsHttpBinding because it didn't like basicHttpBinding with clientCredentialType set to Windows. Having said that I'd rather use basicHttp but it wants UserName as the clientCredentialType, and I'm not sure what the difference is between UserName and Windows security.

Best

Ray

score 1 · Answer 1 · answered Mar 27 '14 at 11:36

In IIS Manager click on your site. You need to be "in feature view" (rather than "content view")

In the IIS section of "feature view" choose the so-called feature "authentication" and doulbe click it. Here you can enable Windows Authentication. This is also possible (by i think in one of the suggestions in the thread) by a setting in the web.config ( ...)

But maybe you have a web.config you do not want to scrue too much around with. Then this thread wouldnt be too much help, which is why i added this answer

score 1 · Accepted Answer · answered Mar 17 '12 at 03:25

1

The exception you get is normal if you don't configure transport security using Windows authentication, http://msdn.microsoft.com/en-us/library/ms733089.aspx

<transport> tag is needed in this case, though you already have <message> tag defined.

answered Mar 17 '12 at 03:25

Lex Li

60,503
9
116
147

Hi - I added this and still getting the same error - I now have this: – RBrowning99 Mar 20 '12 at 17:13
In case anyone comes to this later the easiest way I found to do it. – RBrowning99 Mar 21 '12 at 03:51

score 0 · Answer 3 · answered Jan 30 '13 at 08:26

Anonymous authentication can, and in some cases must be enabled for the service but not for the site.

So check that your site's "root" authentication has only Windows Authentication enabled. Then expand your site, select 'service' folder and make sure that your service has Windows and Anonymous Authentication enabled.

At least I had identical error message with basic MSSQL Master Data Services web site & service and this was the solution. I did get the error when running just the service but the site worked almost ok, MDS Explorer did not work because service's authentication settings were wrong at first. Cause of this miss-configuration might be a bug in MDS Configuration Manager when creating new MDS site?

So in my case the problem was not to be fixed by doing any special editing to the web.config nor the ApplicationHost.config files, but just selecting correct authentication settings for the web site and it's service in IIS manager. I am not sure that this is the case in here, but maybe worth to try?

score 0 · Answer 4 · answered Oct 21 '13 at 11:18

In a particularly dumb moment, I was also getting this error:

WCF Exception: …this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service

I eventually realised that my web.config didn't have an "authentication" tag in the "system.web" at all. No wonder IIS was complaining about authentication issues !

Solving the issue was as simple as adding:

  <system.web>
    <authentication mode="Windows" />

Stupid, I know... but I hope this helps !

WCF Exception: ...this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service

4 Answers4