Sunday, March 20, 2011

WCF Basic Authentication:Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

I was testing the service to authenticate users with basic authentication over http (not https). To Achieve this, I used basicHttpBinding as binding and configured it for TransportClientCredentialOnly security mode.

<binding name="http_transport_basic">
<security mode="TransportCredentialOnly">
<transport clientCredentialType ="Basic"/>

Everything was looking good so far until I hit the f5 to visit the familiar yellow error page complaining about InvalidMexHttpPoint

But why. I am using basic authentication and basic authentication is enabled in the IIS. Thanx to the Mapelli for the post which points the cause of the problem. I removed the mex point and hit F5 again. There is no more error page. But now the question arises, Is there any way to include the mex point?. Answer is yes. I just replaced the mex binding from  “mexHttpBinding” to basicHttpBinding and created the bindingConfiguration similar to the service endpoint’s binding configuration. This change enabled me to use the mex point which is also configured for basic authentication.

1 comment: