After a series of extremely frustrating failures I managed to set up Silverlight using windows authentication following these steps in iis7.5 http://rouslan.com/2009/03/20-steps-to-get-together-windows-authentication-silverlight-and-wcf-service/
(I had to build my own windows server box, which was a learning experience in itself).
However, our environment uses IIS6, and I cant get anything to work in IIS6. From what I have read all I should have to do is:
- Changed
<transport clientCredentialType="Windows" />to<transport clientCredentialType="Ntlm" /> - Removed the "mexHttpBinding" bindings from my services' sections in Web.config.
- Turn on Anonymous access in IIS
But, I have done all of this and when I try and run my Silverlight web site I get a username and password screen that (that does not work!)
Unfortunately this means we may end up dumping Silverlight entirely, and I certainly do not want that to happen ;(
NOTE: The service works with a consol app.
Copy of my Web.Config File
<?xml version="1.0"?>
<configuration>
<connectionStrings>
<add name="TTASConnectionString" connectionString="Data Source=stdev07;Initial Catalog=IRF;Integrated Security=True"
providerName="System.Data.SqlClient" />
<add name="PlaygroupConnectionString" connectionString="Data Source=WIN-B1JAITZ6H0N;Initial Catalog=Playgroup;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<system.diagnostics>
<sources>
<source name="System.ServiceModel.MessageLogging" switchValue="Warning, ActivityTracing">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelMessageLoggingListener">
<filter type="" />
</add>
</listeners>
</source>
<source name="System.ServiceModel" switchValue="Warning, ActivityTracing"
propagateActivity="true">
<listeners>
<add type="System.Diagnostics.DefaultTraceListener" name="Default">
<filter type="" />
</add>
<add name="ServiceModelTraceListener">
<filter type="" />
</add>
</listeners>
</source>
</sources>
<sharedListeners>
<add initializeData="C:\Users\Administrator\Documents\Visual Studio 2010\Moe.Tactical.Irf.Silverlight\Moe.Tactical.GenericData.Wcf\Web_messages.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelMessageLoggingListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
<add initializeData="C:\Users\Administrator\Documents\Visual Studio 2010\Moe.Tactical.Irf.Silverlight\Moe.Tactical.GenericData.Wcf\Web_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
</system.diagnostics>
<appSettings/>
<system.web>
<compilation debug="true" targetFramework="4.0">
</compilation>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/></system.web>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.serviceModel>
<diagnostics>
<messageLogging logMalformedMessages="true" logMessagesAtTransportLevel="true" />
</diagnostics>
<extensions>
<behaviorExtensions>
<add name="silverlightFaults" type="Moe.Tactical.GenericData.Wcf.SilverlightFaultBehavior, Moe.Tactical.GenericData.Wcf, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
</behaviorExtensions>
</extensions>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true"/>
<bindings>
<basicHttpBinding>
<binding name="winAuthBasicHttpBinding">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Ntlm"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
<services>
<service behaviorConfiguration="Moe.Tactical.GenericData.Wcf.GenericDataServiceBehavior" name="Moe.Tactical.GenericData.Wcf.GenericDataService">
<endpoint address=""
binding="basicHttpBinding"
bindingConfiguration="winAuthBasicHttpBinding"
behaviorConfiguration="SilverlightFaultBehavior"
contract="Moe.Tactical.GenericData.Wcf.IGenericDataService">
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<!--<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>-->
</service>
</services>
<behaviors>
<endpointBehaviors>
<behavior name="SilverlightFaultBehavior">
<silverlightFaults />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="Moe.Tactical.GenericData.Wcf.GenericDataServiceBehavior">
<serviceMetadata httpGetEnabled="true" />
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
</configuration>