Reputation: 1495
Disabling Anonymous authentication for web application causes error
I am trying to enable Windows authentication and disable anonymous authentication for an intranet application. I have already enabled Windows authentication and disabled anonymous in IIS7, and set my Web.Config to use Windows authentication.
<system.web>
<authentication mode="Windows" />
<compilation debug="true" targetFramework="4.0" />
</system.web>
When I deploy and run my application, only the page header will load. When I navigate to my Service.svc file in Chrome or IE, I get the following error:
Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.
System.NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.
I would assume that this is a problem with my Web.Config or Service.svc.cs, but I cannot identify it. This only happens for one service. Enabling Anonymous authentication in IIS7 will resolve the issue, but I need it disabled.
In my ServiceRefernces.ClientConfig, I have:
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://OHARA-WIN7/nightlyweb/Service.svc"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService"
contract="ServiceReference2.IService"
name="BasicHttpBinding_IService" />
</client>
</system.serviceModel>
</configuration>
I have seen a lot of posts where people were told to set TransportClientCredentialType to Ntlm, but VisualStudio does not recognize this element.
Upvotes: 0
Views: 7039
Answers (1)
Reputation: 1495
I finally figured it out. After further comparison with one of my manager's projects, I noticed that I was supposed to add this code to my Web.COnfig, and NOT my ServiceReferences.ClientConfig like I thought I needed to.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding>
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
Upvotes: 3
Related Questions
- IIS Mixed Anonymous and Windows Authentication
- IIS Web Application Allowing Anonymous Access Although this is Disabled
- IIS7.0 : how to enable only "Anonymous Authentication" in IIS
- IIS7 -- 401.2 Error with Forms/Anonymous Auth Enabled
- Force windows authentication and allow anonymous
- MVC Windows Authentication App Attempting Anonymous Authentication
- ASP.NET Forms authentication requires Anonymous enabled
- Why do I need Windows Authentication? my Anonymous Authentication is broken
- anonymous access disabled but
- IIS: Anonymous and WIndows Authentication