Answered by:
ServiceActivationException - IIS Specifies more than 1 Authentication Scheme

Question
-
I have a data service that works fine under Cassini, but when I move it to IIS I get this exception. Has anyone seen this before? Unchecking integrated security causes VS to given an error that it can't enter debugging because integrated security isn't available.
Server Error in '/SilverlightPathTest.Web' Application.
IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.InvalidOperationException: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[InvalidOperationException: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.]
System.ServiceModel.Web.WebServiceHost.SetBindingCredentialBasedOnHostedEnvironment(ServiceEndpoint serviceEndpoint, AuthenticationSchemes supportedSchemes) +446124
System.ServiceModel.Web.WebServiceHost.AddAutomaticWebHttpBindingEndpoints(ServiceHost host, IDictionary`2 implementedContracts, String multipleContractsErrorMessage) +709
System.ServiceModel.Web.WebServiceHost.OnOpening() +203
System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +229
System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +121
System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +479
[ServiceActivationException: The service '/SilverlightPathTest.Web/WebDataService1.svc' cannot be activated due to an exception during compilation. The exception message is: IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used..]
System.ServiceModel.AsyncResult.End(IAsyncResult result) +11527290
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +194
System.ServiceModel.Activation.HostedHttpRequestAsyncResult.ExecuteSynchronous(HttpApplication context, Boolean flowContext) +176
System.ServiceModel.Activation.HttpHandler.ProcessRequest(HttpContext context) +23
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +181
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
Version Information: Microsoft .NET Framework Version:2.0.50727.3053; ASP.NET Version:2.0.50727.3053
EDIT - Based on a previous thread it appears I can change the web.config to choose a single authentication method for the data service. Could someone point me in the right direction as to how to do this?
TIA!
JamesFriday, October 10, 2008 7:07 PM
Answers
-
Well it is actually pretty simple. A default created website supports both anonymous and integrated Windows authentication and SVC services obviously do not like that.
To fix this, right-click the website in your IIS manager and choose "properties". Then click the "Directory" tab, click the "Edit" button in the "Anonymous access and authentication control" area. You will see that both Anonymous access and Integrated Windows Authentication are selected. Unselect one of them, then restart IIS. After that, the application should work smoothly.
See http://dotnetbyexample.blogspot.com/2008/02/calling-wcf-service-from-javascript.html for more details
Cheers, Joost
Wednesday, October 15, 2008 11:38 AM
All replies
-
Well it is actually pretty simple. A default created website supports both anonymous and integrated Windows authentication and SVC services obviously do not like that.
To fix this, right-click the website in your IIS manager and choose "properties". Then click the "Directory" tab, click the "Edit" button in the "Anonymous access and authentication control" area. You will see that both Anonymous access and Integrated Windows Authentication are selected. Unselect one of them, then restart IIS. After that, the application should work smoothly.
See http://dotnetbyexample.blogspot.com/2008/02/calling-wcf-service-from-javascript.html for more details
Cheers, Joost
Wednesday, October 15, 2008 11:38 AM -
In IIS 7 there is no "Properties" menu item to click on. While there is an Advanced Settings, this does not contain the authentication information. I am having the same issue as the original poster.
I tried going into Authentication for the site and turning off Windows Integrated authentication but this has not made any difference.Friday, December 12, 2008 10:08 PM -
I am running my Data service on a shared hosted box and get the same problem as above. How I do I disable “Integrated Windows Authentication” via the web.config file? as I have no acccess to the IIS manager.
Wednesday, October 14, 2009 10:51 PM -
Nice question. I have the same problem.
Is any possibility to disable that authentication via web.config?
Thursday, November 18, 2010 11:32 AM -
I have the exact problem on godaddy shared hosting account.
i read somewhere that you put this in your web.config.
<system.webServer>
<security>
<authentication>
<basicAuthentication enabled="false"/>
</authentication>
</security>
</system.webServer>you can also replace basicAuthentication with anonymouseAuthentication.
for me, it doesn't work. now i'm stuck.
Saturday, November 27, 2010 5:29 AM -
Use following settings and it works
<security>
<authentication>
<anonymousAuthentication enabled="true"/>
<windowsAuthentication enabled="false"/>
<basicAuthentication enabled="false"/>
</authentication>
</security>Regards
Rajneesh Noonia
Blog : www.rajneeshnoonia.com
Wednesday, December 22, 2010 9:51 PM -
When hosting the site on IIS7, you get the following error:
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
The configuration section needs to be unlocked at the global or site level which would not be possible without having access to IIS.
0gTuesday, May 24, 2011 3:15 PM -
Thanks a lot, LocalJoost.
I had the same problem with IIS 7.5. The steps I took are as following:
1. Click the website in IIS Manager.
2. Double-click the Authentication icon under IIS in the window on the right.
3. Disable Windows Authentication.
HongTuesday, May 24, 2011 5:52 PM -
Thanks a lot, LocalJoost.
I had the same problem with IIS 7.5. The steps I took are as following:
1. Click the website in IIS Manager.
2. Double-click the Authentication icon under IIS in the window on the right.
3. Disable Windows Authentication.
Hong
works... solve the problemMonday, January 16, 2012 8:55 PM -
thanks a lot, Rajnish NooniaThursday, August 23, 2012 9:48 AM