I'm having difficulty with Windows authentication in a WCF REST app.
Using VS2010, I chose New Project>WCF REST Service Application.
I modified the web.config to assure windows authentication and deny anonymous users.
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Windows" />
<authorization>
<deny users="?"/>
</authorization>
</system.web>
I altered Service1.cs to return the username in the response:
[WebGet(UriTemplate = "",
RequestFormat= WebMessageFormat.Json,
ResponseFormat = WebMessageFormat.Json,
BodyStyle=WebMessageBodyStyle.Bare)]
public List<SampleItem> GetCollection()
{
// TODO: Replace the current implementation to return a collection of SampleItem instances
WebOperationContext.Current.OutgoingResponse.ContentType = "text/plain";
string fullID = ServiceSecurityContext.Current.WindowsIdentity.Name;
return new List<SampleItem>() { new SampleItem() { Id = 1, StringValue = "Hello " + fullID } };
}
I test it successfully running on local machine, then I publish it to IIS7 on Windows Server 2008. In IIS Manager, I enable Windows Authentication on the app and disable all other authentication types. I give it its own Application Pool with integrated managed pipeline mode.
I can successfully see it in windows explorer running on the Win2008 machine (http://localhost/JobManager/Service1/)
Using IE 7 from another machine, however, it prompts me twice for username/password, I fill it in twice but get a 401 error the second time. (Unauthorized: Access is denied due to invalid credentials.)