Reputation: 2810
WCF service with WsHttpBinding & windows authentication failing with anonymous access error
Good day. I've written a service in WCF that uses message-level security, which is set to use Windows authentication. The relevant configuration is shown below:
<wsHttpBinding>
<binding name="WsHttpBinding" closeTimeout="00:30:00" openTimeout="00:30:00"
receiveTimeout="00:30:00" sendTimeout="00:30:00" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647">
<readerQuotas maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="2147483647" />
<security mode="Message">
<message clientCredentialType="Windows" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
The developer of the calling client requested that my service is configured using these details. I also do not have access to the configuration of the client binding unfortunately, but I can only assume it is configured properly, since other services that are consumed by it is working.
The service is hosted through IIS, as an application under the default website. The Authentication for the service application is set to Windows, with Anonymous authentication turned off. It also doesn't have a SSL certificate bound to it.
When the service gets called from the client, the following error is reported in the logs: The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.
Any help resolving this issue will be greatly appreciated.
Additional Info
In an effort to find a solution, I had thrown together a WinForms test client to call the service. The client binding is configured as follows:
<wsHttpBinding>
<binding name="WSHttpBinding_IEAIEndpointService" closeTimeout="00:10:00"
openTimeout="00:10:00" receiveTimeout="00:10:00" sendTimeout="00:10:00"
maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
<security mode="Message">
<message clientCredentialType="Windows" establishSecurityContext="true" />
</security>
</binding>
</wsHttpBinding>
Before making calls using the client proxy, I have the following code to set the Windows user account I want the service to authenticate with:
client.ClientCredentials.Windows.ClientCredential = new System.Net.NetworkCredential("Username", "Password", "DOMAIN");
Even with this configuration, I am still receiving the above-mentioned error.
Upvotes: 1
Views: 1848
Answers (1)
Reputation: 6886
IIS authentication is transport security. Your client requested message security, so you need to disable it. Message security will be handled by WCF, not IIS.
Upvotes: 2
Related Questions
- WCF - Windows authentication - Security settings require Anonymous
- wsHTTPBinding authentication error
- WCF doesn't work with disabled anonymous authentication option in IIS
- WCF service authentication fails
- Can't authenticate using wsHttpBinding with ClientCredentialsType=Username
- WCF issue - wsHttpBinding with Username Authentication and TransportWithMessageCredentials
- wsHttpBinding on WCF service on IIS7 with windows auth only
- WCF service show exception when securing service with wshttpbinding and username authentication
- wcf wsHttpBinding and disabling anonymous access
- WCF Service webHttpBinding Anonymous Authentication