The authentication schemes configured on the host ('Anonymous') do not allow those configured on the binding 'BasicHttpBinding' ('Negotiate'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.
9 Answers
This error may be shown when you don't have authentication modes installed in your local IIS Webserver. Go to Control Panel -> Programs -> Turn Windows features on or Off
Check Internet Information services -> Wold wide web Services -> Security -> and enable Basic, Windows, Digest Authentication modes. Open IIS and navigate to your application and go to the authentication section and Enable the required authentication modes. For me the authentication modes didn't show up immediately after the installation or after webserver restart. Doing a machine reboot showed them in the webapplication.
If necessary - install features as described above, open IIS Manager, open the server features:
open the feature "Authentication":
enable/disable needed ones:
When this happened to me, I found was that Visual Studio was using the 'Default Web Site' to host my service when adding the service reference using the 'Discover' button. So to fix, I had to enable the authentication my service was using on the 'Default Web Site' in IIS. Since I was using Windows Authentication, enabling it for the 'Default Website' in IIS and this seems to have fixed my problem. Of course if your service is using another type of auth, you will have to enable the correct authentication.
To configure the auth, open IIS. Under 'Sites', select the 'Default Web Site' and then Authentication.
This was occurring for me as the site had WCF configured for Windows Authentication...
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
However IIS had Windows Authentication Disabled and Anonymous Authentication Enabled. The fix was to Enable Windows Authentication in IIS.
In my case, the problem was in bad configuration of service after refactoring. If the name attribute in service tag does not point to existing class, you may get this exception, which will totaly mislead you.
So mind the name:
<service behaviorConfiguration="FooBehavior" name="Fully.Qualified.Name.Of.Class.Implementing.Service.Contract.Here">
If you are trying to configure a service for 'Basic Authentication' in IIS (ie, it prompts for a username/password), then the security transport settings should be set as follows:
For basicHttpBinding
<security mode="Transport">
<transport clientCredentialType="Basic" />
<message clientCredentialType="UserName" />
</security>
For webHttpBinding
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>