'Anonymous' Authentication Required? RRS feed

  • Question

  • Hi everyone,

    I have an issue with my WCF service hosted in my ASP.NET application. I'm using Windows authentication for the site, and the services are hosted in a sub-directory "Services/ServiceName.svc".

    In IIS6, I get the following error when hosting:

    Exception information:
        Exception type: NotSupportedException
        Exception message: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

    There are NO configured MEX endpoints. The httpGetEnabled is set to false in serviceMetadata. Below is my binding:

    <binding name="WindowsBinding" maxReceivedMessageSize="2147483647" maxBufferSize="2147483647"
                closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:01:00" sendTimeout="00:01:00">
              <security mode="TransportCredentialOnly">
                <transport clientCredentialType="Windows" />

    So I enabled Anonymous access along with Windows authentication. BUT, it should not work like this. It required an IIS reset for these settings to take effect, and every now and then the application displays a login window when making a service request.

    Has anyone else experienced this issue as well?

    It is reproducible across the entire production server farm and in our development environment.

    Wednesday, April 13, 2011 5:14 PM