I am authenticating a user on to a WCF service via IIS7 using Windows Authentication and ASP.NET Impersonation.
When debugging locally I am able to see the System.Security.Principal.WindowsIdentity.GetCurrent().Name as equal to my Windows credentials. When I deploy this service to a server, the WCF fails to run unless Anonymous Authentication is enabled.
So, how do we get this WCF service to run on a server with Anonymous Authentication disabled?
UPDATE 1: Error message after trying both suggestions:
The authentication schemes configured on the host
('IntegratedWindowsAuthentication') do not allow those configured on
the binding 'WebHttpBinding' ('Anonymous'). Please ensure that the
SecurityMode is set to Transport or TransportCredentialOnly.
Additionally, this may be resolved by changing the authentication
schemes for this application through the IIS management tool, through
the ServiceHost.Authentication.AuthenticationSchemes property, in the
application configuration file at the
element, by updating the ClientCredentialType property on the binding,
or by adjusting the AuthenticationScheme property on the
HttpTransportBindingElement.
UPDATE 2: The authentication has been set in the following way:
Application Pool:
- Identity = NetworkService
Web Site:
- Anonymous Authentication = disabled
- ASP.NET Authentication = enabled
- Windows Authentication = enabled
WCF Application:
- Anonymous Authentication = disabled
- ASP.NET Authentication = enabled
- Windows Authentication = enabled
Best Answer
this is a common problem. You need to set the security mode and corresponding transport element - If you use basicHttpBinding - put following text in config
Read following posts - http://blogs.msdn.com/b/drnick/archive/2007/03/23/preventing-anonymous-access.aspx http://blogs.msdn.com/b/wenlong/archive/2006/05/18/600603.aspx