none
ServiceActivationException - IIS Specifies more than 1 Authentication Scheme

    Question

  • I have a data service that works fine under Cassini, but when I move it to IIS I get this exception.  Has anyone seen this before?  Unchecking integrated security causes VS to given an error that it can't enter debugging because integrated security isn't available.

    Server Error in '/SilverlightPathTest.Web' Application.

    IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.InvalidOperationException: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.

    Source Error:

    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

    Stack Trace:

    [InvalidOperationException: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.]
    System.ServiceModel.Web.WebServiceHost.SetBindingCredentialBasedOnHostedEnvironment(ServiceEndpoint serviceEndpoint, AuthenticationSchemes supportedSchemes) +446124
    System.ServiceModel.Web.WebServiceHost.AddAutomaticWebHttpBindingEndpoints(ServiceHost host, IDictionary`2 implementedContracts, String multipleContractsErrorMessage) +709
    System.ServiceModel.Web.WebServiceHost.OnOpening() +203
    System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +229
    System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +121
    System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +479

    [ServiceActivationException: The service '/SilverlightPathTest.Web/WebDataService1.svc' cannot be activated due to an exception during compilation. The exception message is: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used..]
    System.ServiceModel.AsyncResult.End(IAsyncResult result) +11527290
    System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +194
    System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication context, Boolean flowContext) +176
    System.ServiceModel.Activation.HttpHandler.ProcessRequest(HttpContext context) +23
    System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75


    Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053



    EDIT - Based on a previous thread it appears I can change the web.config to choose a single authentication method for the data service.  Could someone point me in the right direction as to how to do this?

    TIA!
    James
    Friday, October 10, 2008 7:07 PM

Answers

  • Well it is actually pretty simple. A default created website supports both anonymous and integrated Windows authentication and SVC services obviously do not like that.

     

    To fix this, right-click the website in your IIS manager and choose "properties". Then click the "Directory" tab, click the "Edit" button in the "Anonymous access and authentication control" area. You will see that both Anonymous access and Integrated Windows Authentication are selected. Unselect one of them, then restart IIS. After that, the application should work smoothly.

    See http://dotnetbyexample.blogspot.com/2008/02/calling-wcf-service-from-javascript.html for more details

     

    Cheers, Joost

    Wednesday, October 15, 2008 11:38 AM

All replies

  • Well it is actually pretty simple. A default created website supports both anonymous and integrated Windows authentication and SVC services obviously do not like that.

     

    To fix this, right-click the website in your IIS manager and choose "properties". Then click the "Directory" tab, click the "Edit" button in the "Anonymous access and authentication control" area. You will see that both Anonymous access and Integrated Windows Authentication are selected. Unselect one of them, then restart IIS. After that, the application should work smoothly.

    See http://dotnetbyexample.blogspot.com/2008/02/calling-wcf-service-from-javascript.html for more details

     

    Cheers, Joost

    Wednesday, October 15, 2008 11:38 AM
  • In IIS 7 there is no "Properties" menu item to click on. While there is an Advanced Settings, this does not contain the authentication information. I am having the same issue as the original poster.

    I tried going into Authentication for the site and turning off Windows Integrated authentication but this has not made any difference.
    Friday, December 12, 2008 10:08 PM
  • I am running my Data service on a shared hosted box and get the same problem as above. How I do I disable “Integrated Windows Authentication” via the web.config file? as I have no acccess to the IIS manager.

    Wednesday, October 14, 2009 10:51 PM
  • Nice question. I have the same problem.

    Is any possibility to disable that authentication via web.config?

    Thursday, November 18, 2010 11:32 AM
  • I have the exact problem on godaddy shared hosting account.

    i read somewhere that you put this in your web.config.

      <system.webServer>
        <security>
            <authentication>
                <basicAuthentication enabled="false"/>
            </authentication>
        </security>
      </system.webServer>

     

    you can also replace basicAuthentication with anonymouseAuthentication.

    for me, it doesn't work. now i'm stuck.

    Saturday, November 27, 2010 5:29 AM
  • Use following settings and it works

     <security>
            <authentication>
              <anonymousAuthentication enabled="true"/>
              <windowsAuthentication enabled="false"/>
              <basicAuthentication enabled="false"/>
            </authentication>
          </security>

    Regards

    Rajneesh Noonia

    Blog : www.rajneeshnoonia.com

     

    Wednesday, December 22, 2010 9:51 PM
  • When hosting the site on IIS7, you get the following error:

    This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".

    The configuration section needs to be unlocked at the global or site level which would not be possible without having access to IIS.

     


    0g
    Tuesday, May 24, 2011 3:15 PM
  • Thanks a lot, LocalJoost.

    I had the same problem with IIS 7.5. The steps I took are as following:

    1. Click the website in IIS Manager.

    2. Double-click the Authentication icon under IIS in the window on the right.

    3. Disable Windows Authentication.


    Hong
    Tuesday, May 24, 2011 5:52 PM
  • Thanks a lot, LocalJoost.

    I had the same problem with IIS 7.5. The steps I took are as following:

    1. Click the website in IIS Manager.

    2. Double-click the Authentication icon under IIS in the window on the right.

    3. Disable Windows Authentication.


    Hong

    works... solve the problem
    Monday, January 16, 2012 8:55 PM
  • thanks a lot, Rajnish Noonia
    Thursday, August 23, 2012 9:48 AM