0

The context is the following:

Create a WCF service: framework .NET 4.0

  • Deploy it under IIS 7
  • The web service contains
  • references to libraries that retrieve set of data
  • the WCF makes use of methods within arrays
  • I need to disable "Anonymous Authentication" and enable "Windows Authentication"
  • I consume the service as a Web Service (I don't want to use the file generated by the svcutil)
  • The endpoint of the webservice is "mywebpoint/mywcf_web_service.svc"

When I developed the solution with Visual Studio 2010 it was all OK and all working as expected.

I rebuild the solution with Visual Studio 2013 and now it's not working anymore as referencing the webservice it's asking for credentials on:

  • "mywebpoint/mywcf_web_service.svc/_vti_bin/ListData.svc" and
  • "mywebpoint/mywcf_web_service.svc/_vti_bin/ListData.svc/$metadata"

Made check the DNS and the proxy authentications... nothing wrong with it

Here the Web.Config:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>

  <system.web>
    <compilation debug="true" targetFramework="4.0" />
    <authentication mode="Windows" />
    <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />

    <webServices>
      <protocols>
        <add name="HttpGet" />
        <add name="HttpPost" />
        <add name="HttpSoap12" />
        <add name="HttpSoap" />
      </protocols>
    </webServices>

    <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm" />
  </system.web>

  <system.serviceModel>

    <bindings>
      <basicHttpBinding>
        <binding name="myBasicHttpBinding" bypassProxyOnLocal="true">
          <security mode="TransportCredentialOnly">
          <!--<security mode="Transport">-->
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>

    <services>
      <service name="WCF_MyWebService.Service" behaviorConfiguration="WCF_MyWebService.ServiceBehaviour">
        <endpoint address="" binding="basicHttpBinding" bindingConfiguration="myBasicHttpBinding" name="BasicHttpEndpoint" contract="WCF_MyWebService.IService" >
          <identity>
            <dns value="" />
          </identity>
        </endpoint>
        <endpoint contract="IMetadataExchange" binding="mexHttpBinding" address="mex" /> ??? I didn't need this with Visula Studio 2010!!!
      </service>
    </services>

    <behaviors>
      <serviceBehaviors>
        <behavior name="WCF_MyWebService.ServiceBehaviour">
          <serviceMetadata httpGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>

    <serviceHostingEnvironment multipleSiteBindingsEnabled="true" />

  </system.serviceModel>

  <system.webServer>
    <modules runAllManagedModulesForAllRequests="true" />
    <!--
        To browse web app root directory during debugging, set the value below to true.
        Set to false before deployment to avoid disclosing web app folder information.
      -->
    <directoryBrowse enabled="true" />

  </system.webServer>



</configuration>

And here the error I get on the webpage wen I try to open the url on the IIS server:

Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service. 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

Source Error: 

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.  

Stack Trace: 


[NotSupportedException: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.]
   System.ServiceModel.Activation.HostedAspNetEnvironment.ValidateHttpSettings(String virtualPath, Boolean isMetadataListener, Boolean usingDefaultSpnList, AuthenticationSchemes& supportedSchemes, ExtendedProtectionPolicy& extendedProtectionPolicy, String& realm) +198236
   System.ServiceModel.Channels.HttpChannelListener.ApplyHostedContext(String virtualPath, Boolean isMetadataListener) +104
   System.ServiceModel.Channels.HttpTransportBindingElement.BuildChannelListener(BindingContext context) +156
   System.ServiceModel.Channels.Binding.BuildChannelListener(Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, BindingParameterCollection parameters) +166
   System.ServiceModel.Description.DispatcherBuilder.MaybeCreateListener(Boolean actuallyCreate, Type[] supportedChannels, Binding binding, BindingParameterCollection parameters, Uri listenUriBaseAddress, String listenUriRelativeAddress, ListenUriMode listenUriMode, ServiceThrottle throttle, IChannelListener& result, Boolean supportContextSession) +393
   System.ServiceModel.Description.DispatcherBuilder.BuildChannelListener(StuffPerListenUriInfo stuff, ServiceHostBase serviceHost, Uri listenUri, ListenUriMode listenUriMode, Boolean supportContextSession, IChannelListener& result) +583
   System.ServiceModel.Description.DispatcherBuilder.InitializeServiceHost(ServiceDescription description, ServiceHostBase serviceHost) +2020
   System.ServiceModel.ServiceHostBase.InitializeRuntime() +82
   System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout) +64
   System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout) +789
   System.ServiceModel.HostingManager.ActivateService(String normalizedVirtualPath) +255
   System.ServiceModel.HostingManager.EnsureServiceAvailable(String normalizedVirtualPath) +1172

[ServiceActivationException: The service '/WCF_Excelnet_CoreSvc/WCF_Excelnet_Core.svc' cannot be activated due to an exception during compilation.  The exception message is: Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service..]
   System.Runtime.AsyncResult.End(IAsyncResult result) +901424
   System.ServiceModel.Activation.HostedHttpRequestAsyncResult.End(IAsyncResult result) +178638
   System.Web.AsyncEventExecutionStep.OnAsyncEventCompletion(IAsyncResult ar) +107

This is so frustrating and disappointing...

If I clean up well the Web.confing and I resotre the Anonymous Authentication it's all good though.

There must be something fishy consuming the webservice, but I'm running out of options...

Naveed Butt
  • 2,861
  • 6
  • 32
  • 55
Emilio.NT
  • 81
  • 2
  • 4
  • What happens if you open the version that works in vs2010 open it up in vs2013 and if the conversion dialog comes up let vs2013 handle it also check out this link if it helps http://msdn.microsoft.com/en-us/library/vstudio/dd483478%28v=vs.100%29.aspx – MethodMan Jan 16 '15 at 19:02
  • Does identity of app pool under which your service is running have access on physical folder of service? – Pankaj Kapare Jan 16 '15 at 19:45
  • Any idea why _vti_bin is part of the picture? Is SharePoint involved here somewhere? – John Saunders Jan 16 '15 at 22:45
  • MethodMan: the first and working version was made with vs2010. I could open it with vs2013 and until I didn't rebuild the version all was ok. Damn me, I added a method to the WCF, and I did it with vs2013... and since than all the problems started... – Emilio.NT Jan 19 '15 at 11:14
  • Pankaj Kapare: yes it does – Emilio.NT Jan 19 '15 at 11:14
  • John Saunders: no SharePoint involved. I still don't understand why the "_vti_bin" stated to come out, but it's after I rebuilt the solution with 2013. With 2010 I've never seen it... – Emilio.NT Jan 19 '15 at 11:15

3 Answers3

0

Based on this:

I need to disable "Anonymous Authentication" and enable "Windows Authentication"

In the <system.web> section of your config file, add this below <authentication mode="Windows">:

<system.web>
  <authentication mode="Windows" />
  <authorization>
    <allow users="*" />
  </authorization>
  <pages />
  <identity impersonate="false" />
</system.web>

Now, down in the <system.webServer> section, add this <security> node:

<system.webServer>
    <security>
        <authentication>
            <anonymousAuthentication enabled="false" />
        </authentication>
    </security>
</system.webServer>

It may not work for you, but for me this just solved a week's worth of headaches.

  • Hi jp2code, I've just tried and about the first part, it doesn't seem to have any kind of effect. The second part, instead, created another issue:>overrideModeDefault="Deny"< which is a IIS feature that I wouldn't like to change. In fact I set anonymousAuthentication enabled=false by the web page set up directly on IIS as per common practice, resulting though on the error page mentioned at the start of the topic... Thank you anyway for the hints. – Emilio.NT Jan 19 '15 at 11:20
  • Go to my [answer on another question](http://stackoverflow.com/a/27828132/153923) and see if anything there helps (from my post or any of the others). –  Jan 19 '15 at 15:19
0

Well at last I solved the problem... but you're not going to like it. Basically the same solution runs well only under IIS 8.0. This means that you have to install Win Server 2012 etc etc... Also, do not forget to set in the properties the "Windows Authenticated" = Enabled.

This is the only way I managed to make it working... sorry.

Emilio.NT
  • 81
  • 2
  • 4
0

I got the same problem (../_vti_bin/ListData.svc/$metadata asking for credentials) when converting a projet from VS2010 to VS2013. My problem came from clientCredentialType set to "Ntlm" instead of "Windows".

Dominic
  • 1
  • 1