I’m having some problems running a webservice on my local machine. it’s an asp.net webservice, which is using a .Net 4.0 Classic application pool. It works fine on everybody else’s machine, and the live servers.

The problem: most request rely on basic authentication, which fails every time, with the correct credentials. Debugging, I can see that the basic authentication part of the header has been removed by something along the chain.

also, Application_BeginRequest in global.asax gets hit twice. Once with the original header (which then appears not hit any of the webservice endpoints) and then with the basicauth-less version.

The issue seems to go away if I switch the app pool to integrated, but unfortunately this isn’t an issue as it fails for different reasons then.

I’d welcome any ideas of what is removing the basic auth from the header. I thought perhaps something in my IIS config, but I’ve reinstalled IIS without any luck.