Silverlight 3 + WCF and IIS basic authentication

Question

Hi all,

I have the following problem. On my machine I have a SL 3 application, which basically consists of:

* Client app (SL)
* Web app (.Net 3.5)
* Communication with the database handled by WCF

The site is hosted on my IIS, with the following authentication set up:

* Anonymous access: off
* Basic authentication: on
* Integrated Windows authentication: on

My bindings are set up as follows:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="BasicHttpBinding_IWcfPortal" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647">
                    <security mode="TransportCredentialOnly" />
                </binding>
            </basicHttpBinding>
        </bindings>
        <client>
            <endpoint address="http://localhost/MyApp/WCFPortal.svc" binding="basicHttpBinding"
                bindingConfiguration="BasicHttpBinding_IWcfPortal" contract="WcfPortal.IWcfPortal"
                name="BasicHttpBinding_IWcfPortal" />
        </client>
    </system.serviceModel>
</configuration>

Web.config:

  <authentication mode="Windows" />
  <identity impersonate="true" />

When I navigate to my site, I am prompted for an username and password. When filled in correctly, I can access the site but the db communication does not work. When I go to localhost/MyApp/WcfPortal.svc, I get the following error:

Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

I tried adding <transport clientCredentialType="Windows" /> to the security in the basicHttpBinding, but VS gives me the warning "The 'clientCredentialType' attribute is not declared.".

If anyone can help me with this, I would be very grateful.

Answer 1

Unfortunately, to host this service under IIS6, you must turn on Anonymous Authentication.

Answer 2

I fixed my issue. Turned out I had to change the basicHttpBinding in two places: ServiceReferences.ClientConfig and Web.Config

ServiceReferences.ClientConfig:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_IWcfPortal" maxBufferSize="2147483647"
            maxReceivedMessageSize="2147483647">
          <security mode="TransportCredentialOnly" />
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://localhost/MyApp/WCFPortal.svc" binding="basicHttpBinding"
          bindingConfiguration="BasicHttpBinding_IWcfPortal" contract="WcfPortal.IWcfPortal"
          name="BasicHttpBinding_IWcfPortal" />
    </client>
  </system.serviceModel>
</configuration>

Web.config:

...

    <authentication mode="Windows" />
...

    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpBinding_IWcfPortal" maxBufferSize="10000000" maxReceivedMessageSize="10000000" receiveTimeout="00:10:00" sendTimeout="00:10:00" openTimeout="00:10:00" closeTimeout="00:10:00">
            <security mode="TransportCredentialOnly">
                <transport clientCredentialType="Ntlm" />
            </security>
            <readerQuotas maxBytesPerRead="10000000" maxArrayLength="10000000" maxStringContentLength="10000000"/>
        </binding>
      </basicHttpBinding>
    </bindings>