I've created a WCF 4.5 service and deployed it. This service is a facade for another service provided by a 3rd-party. If I enable Anonymous authentication, I can access my service and it works fine. When I disable Anonymous authentication (leaving only Basic enabled), my service fails to authenticate. BTW: A web page on this server is using Basic authentication successfully.
I've been through every SO article with similar messages and issues but none have provided successful resolution. This error is presented:
The authentication schemes configured on the host ('Basic') do not allow those configured on the binding 'BasicHttpsBinding' ('Anonymous'). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.
Web.config (descriptions of names in brackets rather than actual labels)
<configuration>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5" />
<customErrors mode="Off" />
</system.web>
<system.serviceModel>
<client>
<endpoint
address="[HTTPS URL to 3rd-party service]"
binding="basicHttpBinding"
bindingConfiguration="[Configuration name of 3rd-party service]"
contract="[Contract of 3rd-party service"
name="[Name of 3rd-party service]" />
</client>
<services>
<service name="[Name of my service]">
<endpoint
address="[HTTPS URL to my service]"
binding="basicHttpsBinding"
bindingConfiguration="[Configuration name for my service]"
contract="[Contract name for my service]"
name="[Binding name for my service]" />
</service>
</services>
<bindings>
<basicHttpBinding>
<binding name="[Binding name for 3rd-party service]">
<security mode="Transport" />
</binding>
</basicHttpBinding>
<basicHttpsBinding>
<binding name="[Binding name for my service]">
<security mode="Transport">
<transport
clientCredentialType="Basic"
proxyCredentialType="None"
realm="[Realm for my service]" />
</security>
</binding>
</basicHttpsBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<!-- To avoid disclosing metadata information, set the values below to false before deployment -->
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
<!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="true" />
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<validation validateIntegratedModeConfiguration="false" />
<security>
<authentication>
<basicAuthentication enabled="true" defaultLogonDomain="[Domain for my service]" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
<directoryBrowse enabled="false" />
</system.webServer>
<system.diagnostics>
<trace autoflush="true" indentsize="4">
<listeners>
<add name="WarrantyReturnService" type="System.Diagnostics.TextWriterTraceListener" initializeData="D:\Temp\WarrantyReturnService.log" />
<remove name="Default" />
</listeners>
</trace>
</system.diagnostics>
</configuration>
