I am trying to enable Windows authentication and disable anonymous authentication for an intranet application. I have already enabled Windows authentication and disabled anonymous in IIS7, and set my Web.Config to use Windows authentication.
<system.web>
<authentication mode="Windows" />
<compilation debug="true" targetFramework="4.0" />
</system.web>
When I deploy and run my application, only the page header will load. When I navigate to my Service.svc file in Chrome or IE, I get the following error:
Security settings for this service require ‘Anonymous’ Authentication but it is not enabled for the IIS application that hosts this service.
System.NotSupportedException: Security settings for this service require ‘Anonymous’ Authentication but it is not enabled for the IIS application that hosts this service.
I would assume that this is a problem with my Web.Config or Service.svc.cs, but I cannot identify it. This only happens for one service. Enabling Anonymous authentication in IIS7 will resolve the issue, but I need it disabled.
In my ServiceRefernces.ClientConfig, I have:
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IService" maxBufferSize="2147483647"
maxReceivedMessageSize="2147483647">
<security mode="None" />
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://OHARA-WIN7/nightlyweb/Service.svc"
binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IService"
contract="ServiceReference2.IService"
name="BasicHttpBinding_IService" />
</client>
</system.serviceModel>
</configuration>
I have seen a lot of posts where people were told to set TransportClientCredentialType to Ntlm, but VisualStudio does not recognize this element.
I finally figured it out. After further comparison with one of my manager’s projects, I noticed that I was supposed to add this code to my Web.COnfig, and NOT my ServiceReferences.ClientConfig like I thought I needed to.