The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Negotiate').

Question

The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Negotiate'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.

Answer 1

This was occurring for me as the site had WCF configured for Windows Authentication...

<security mode="Transport">
    <transport clientCredentialType="Windows" />
</security>

However IIS had Windows Authentication Disabled and Anonymous Authentication Enabled. The fix was to Enable Windows Authentication in IIS.

Answer 2

If you are trying to configure a service for 'Basic Authentication' in IIS (ie, it prompts for a username/password), then the security transport settings should be set as follows:

For basicHttpBinding

<security mode="Transport">
  <transport clientCredentialType="Basic" />
  <message clientCredentialType="UserName" />
</security>

For webHttpBinding

<security mode="Transport">
  <transport clientCredentialType="Basic" />
</security>

Answer 3

just restarting IIS fixed my issue

Answer 4

In my case, the problem was in bad configuration of service after refactoring. If the name attribute in service tag does not point to existing class, you may get this exception, which will totaly mislead you.

So mind the name:

<service behaviorConfiguration="FooBehavior" name="Fully.Qualified.Name.Of.Class.Implementing.Service.Contract.Here"> 

Answer 5

I solved this issue adding Negotiate to IIS Authentication Providers:

Answer 6

If necessary - install features as described above, open IIS Manager, open the server features:

open the feature "Authentication":

enable/disable needed ones:

Answer 7

If you face this problem while debugging in Visual Studio, select your project and change authentication in properties.

Answer 8

When this happened to me, I found was that Visual Studio was using the 'Default Web Site' to host my service when adding the service reference using the 'Discover' button. So to fix, I had to enable the authentication my service was using on the 'Default Web Site' in IIS. Since I was using Windows Authentication, enabling it for the 'Default Website' in IIS and this seems to have fixed my problem. Of course if your service is using another type of auth, you will have to enable the correct authentication.

To configure the auth, open IIS. Under 'Sites', select the 'Default Web Site' and then Authentication.

Answer 9

This error may be shown when you don't have authentication modes installed in your local IIS Webserver. Go to Control Panel -> Programs -> Turn Windows features on or Off

Check Internet Information services -> Wold wide web Services -> Security -> and enable Basic, Windows, Digest Authentication modes. Open IIS and navigate to your application and go to the authentication section and Enable the required authentication modes. For me the authentication modes didn't show up immediately after the installation or after webserver restart. Doing a machine reboot showed them in the webapplication.