wcf security - WCF Windows Authentication not working -
i've created wcf service , i'm trying set disable anonymous access. i'm getting following error when trying add service reference in application:
security settings service require 'anonymous' authentication not enabled iis application hosts service.
below configuration file wcf service:
<?xml version="1.0"?> <configuration> <system.diagnostics> <sources> <source name="system.servicemodel" switchvalue="all" propagateactivity="true"> <listeners> <add name="tracelistener" type="system.diagnostics.xmlwritertracelistener" initializedata= "c:\log\traces.svclog" /> </listeners> </source> </sources> </system.diagnostics> <system.web> <compilation debug="true" targetframework="4.0" /> <authentication mode="windows"/> <customerrors mode="off" /> </system.web> <appsettings> </appsettings> <system.servicemodel> <bindings> <basichttpbinding> <binding name="mybinding"> <security mode="transportcredentialonly"> <transport clientcredentialtype="windows" /> </security> </binding> </basichttpbinding> </bindings> <behaviors> <servicebehaviors> <behavior> <!-- avoid disclosing metadata information, set value below false , remove metadata endpoint above before deployment --> <servicemetadata httpgetenabled="true"/> <!-- receive exception details in faults debugging purposes, set value below true. set false before deployment avoid disclosing exception information --> <servicedebug includeexceptiondetailinfaults="true"/> </behavior> </servicebehaviors> </behaviors> <servicehostingenvironment multiplesitebindingsenabled="true" /> </system.servicemodel> <system.webserver> <modules runallmanagedmodulesforallrequests="true"/> </system.webserver> </configuration> what needs change use windows authentication?
edit *
jeff, here error message:
the request failed error message: -- <html> <head> <title>security settings service require 'anonymous' authentication not enabled iis application hosts service.</title> <style> body {font-family:"verdana";font-weight:normal;font-size: .7em;color:black;} p {font-family:"verdana";font-weight:normal;color:black;margin-top: -5px} b {font-family:"verdana";font-weight:bold;color:black;margin-top: -5px} h1 { font-family:"verdana";font-weight:normal;font-size:18pt;color:red } h2 { font-family:"verdana";font-weight:normal;font-size:14pt;color:maroon } pre {font-family:"lucida console";font-size: .9em} .marker {font-weight: bold; color: black;text-decoration: none;} .version {color: gray;} .error {margin-bottom: 10px;} .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; } </style> </head> <body bgcolor="white"> <span> <h1> server error in '/' application.<hr width="100"% size="1" color="silver"> </h1> <h2> <i>security settings service require 'anonymous' authentication not enabled iis application hosts service.</i> </h2> </span> <font face="arial, helvetica, geneva, sunsans-regular, sans-serif "> <b> description: </b>an unhandled exception occurred during execution of current web request. please review stack trace more information error , originated in code. <br> <br> <b> exception details: </b>system.notsupportedexception: security settings service require 'anonymous' authentication not enabled iis application hosts service.<br> <br> <b>source error:</b> <br> <br> <table width="100"% bgcolor="#ffffcc"> <tr> <td> <code> unhandled exception generated during execution of current web request. information regarding origin , location of exception can identified using exception stack trace below. </code> </td> </tr> </table> <br> <b>stack trace:</b> <br> <br> <table width="100"% bgcolor="#ffffcc"> <tr> <td> <code> <pre> [notsupportedexception: security settings service require 'anonymous' authentication not enabled iis application hosts service.] system.servicemodel.activation.hostedaspnetenvironment.validatehttpsettings(string virtualpath, boolean ismetadatalistener, boolean usingdefaultspnlist, authenticationschemes& supportedschemes, extendedprotectionpolicy& extendedprotectionpolicy, string& realm) +198300 system.servicemodel.channels.httpchannellistener.applyhostedcontext(string virtualpath, boolean ismetadatalistener) +104 system.servicemodel.channels.httptransportbindingelement.buildchannellistener(bindingcontext context) +156 system.servicemodel.channels.binding.buildchannellistener(uri listenuribaseaddress, string listenurirelativeaddress, listenurimode listenurimode, bindingparametercollection parameters) +166 system.servicemodel.description.dispatcherbuilder.maybecreatelistener(boolean actuallycreate, type[] supportedchannels, binding binding, bindingparametercollection parameters, uri listenuribaseaddress, string listenurirelativeaddress, listenurimode listenurimode, servicethrottle throttle, ichannellistener& result, boolean supportcontextsession) +393 system.servicemodel.description.dispatcherbuilder.buildchannellistener(stuffperlistenuriinfo stuff, servicehostbase servicehost, uri listenuri, listenurimode listenurimode, boolean supportcontextsession, ichannellistener& result) +583 system.servicemodel.description.dispatcherbuilder.initializeservicehost(servicedescription description, servicehostbase servicehost) +2020 system.servicemodel.servicehostbase.initializeruntime() +82 system.servicemodel.servicehostbase.onopen(timespan timeout) +64 system.servicemodel.channels.communicationobject.open(timespan timeout) +789 system.servicemodel.hostingmanager.activateservice(string normalizedvirtualpath) +255 system.servicemodel.hostingmanager.ensureserviceavailable(string normalizedvirtualpath) +1172 [serviceactivationexception: service '/sltocrm.svc' cannot activated due exception during compilation. exception message is: security settings service require 'anonymous' authentication not enabled iis application hosts service..] system.runtime.asyncresult.end(iasyncresult result) +901424 system.servicemodel.activation.hostedhttprequestasyncresult.end(iasyncresult result) +178702 system.web.asynceventexecutionstep.onasynceventcompletion(iasyncresult ar) +107 </pre> </code> </td> </tr> </table> <br> <hr width="100"% size="1" color="silver"> <b>version information:</b> microsoft .net framework version:4.0.30319; asp.net version:4.0.30319.237 </font> </body> </html> <!-- [notsupportedexception]: security settings service require 'anonymous' authentication not enabled iis application hosts service. @ system.servicemodel.activation.hostedaspnetenvironment.validatehttpsettings(string virtualpath, boolean ismetadatalistener, boolean usingdefaultspnlist, authenticationschemes& supportedschemes, extendedprotectionpolicy& extendedprotectionpolicy, string& realm) @ system.servicemodel.channels.httpchannellistener.applyhostedcontext(string virtualpath, boolean ismetadatalistener) @ system.servicemodel.channels.httptransportbindingelement.buildchannellistener[tchannel](bindingcontext context) @ system.servicemodel.channels.binding.buildchannellistener[tchannel](uri listenuribaseaddress, string listenurirelativeaddress, listenurimode listenurimode, bindingparametercollection parameters) @ system.servicemodel.description.dispatcherbuilder.maybecreatelistener(boolean actuallycreate, type[] supportedchannels, binding binding, bindingparametercollection parameters, uri listenuribaseaddress, string listenurirelativeaddress, listenurimode listenurimode, servicethrottle throttle, ichannellistener& result, boolean supportcontextsession) @ system.servicemodel.description.dispatcherbuilder.buildchannellistener(stuffperlistenuriinfo stuff, servicehostbase servicehost, uri listenuri, listenurimode listenurimode, boolean supportcontextsession, ichannellistener& result) @ system.servicemodel.description.dispatcherbuilder.initializeservicehost(servicedescription description, servicehostbase servicehost) @ system.servicemodel.servicehostbase.initializeruntime() @ system.servicemodel.servicehostbase.onopen(timespan timeout) @ system.servicemodel.channels.communicationobject.open(timespan timeout) @ system.servicemodel.servicehostingenvironment.hostingmanager.activateservice(string normalizedvirtualpath) @ system.servicemodel.servicehostingenvironment.hostingmanager.ensureserviceavailable(string normalizedvirtualpath) [serviceactivationexception]: service '/sltocrm.svc' cannot activated due exception during compilation. exception message is: security settings service require 'anonymous' authentication not enabled iis application hosts service.. @ system.runtime.asyncresult.end[tasyncresult](iasyncresult result) @ system.servicemodel.activation.hostedhttprequestasyncresult.end(iasyncresult result) @ system.web.httpapplication.asynceventexecutionstep.onasynceventcompletion(iasyncresult ar) --><!-- error page might contain sensitive information because asp.net configured show verbose error messages using <customerrors mode="off"/>. consider using <customerrors mode="on"/> or <customerrors mode="remoteonly"/> in production environments.--> --. metadata contains reference cannot resolved: 'xxxx/sltocrm.svc'. http request unauthorized client authentication scheme 'anonymous'. authentication header received server 'negotiate,ntlm'. remote server returned error: (401) unauthorized. if service defined in current solution, try building solution , adding service reference again. i tried creating new wcf service , i'm getting same issue. here updated config file in wcf service:
<?xml version="1.0"?> <configuration> <system.diagnostics> <sources> <source name="system.servicemodel" switchvalue="all" propagateactivity="true"> <listeners> <add name="tracelistener" type="system.diagnostics.xmlwritertracelistener" initializedata= "c:\log\traces.svclog" /> </listeners> </source> </sources> </system.diagnostics> <system.web> <compilation debug="true" targetframework="4.0" /> <customerrors mode="off" /> <authentication mode="windows" /> <authorization> <allow users="*" /> </authorization> </system.web> <appsettings> </appsettings> <system.servicemodel> <bindings> <basichttpbinding> <binding name="mybinding"> <security mode="transportcredentialonly"> <transport clientcredentialtype="windows" /> </security> </binding> </basichttpbinding> </bindings> <services> <service name="sltocrm"> <endpoint address="" binding="basichttpbinding" bindingconfiguration="mybinding" contract="crmwcf.isltocrm" /> <endpoint address="mex" binding="mexhttpbinding" contract="imetadataexchange" /> </service> <service name="sltosql"> <endpoint address="" binding="basichttpbinding" bindingconfiguration="mybinding" contract="crmwcf.isltosql" /> <endpoint address="mex" binding="mexhttpbinding" contract="imetadataexchange" /> </service> </services> <behaviors> <servicebehaviors> <behavior name="crmbehavior"> <!-- avoid disclosing metadata information, set value below false , remove metadata endpoint above before deployment --> <servicemetadata httpgetenabled="true"/> <!-- receive exception details in faults debugging purposes, set value below true. set false before deployment avoid disclosing exception information --> <servicedebug includeexceptiondetailinfaults="true"/> </behavior> </servicebehaviors> </behaviors> <servicehostingenvironment multiplesitebindingsenabled="true" /> </system.servicemodel> <system.webserver> <modules runallmanagedmodulesforallrequests="true"/> </system.webserver> </configuration> just grins, here 1 of interfaces used in endpoints:
namespace crmwcf { [servicecontract] public interface isltosql { [operationcontract] ienumerable<dictionary<string, string>> getoptionset(string connectionstring, int objecttypecode, string optionsetname); } } do need in config file of application i'm trying add service to?
thanks
you need add services section. way can give service endpoint, , tell use bindingconfiguation created.
<system.servicemodel> <services> <service name="servicename" > <endpoint address="" binding="basichttpbinding" bindingconfiguration="mybinding" contract="namespace.icontract" /> <endpoint address="mex" binding="mexhttpbinding" contract="imetadataexchange" /> </service> </services> </system.servicemodel>
Comments
Post a Comment