0
votes

When I host the "WCF 4 Rest Service Template" project (from template) in IIS Developer Express I get the following:

IIS specified authentication schemes 'IntegratedWindowsAuthentication, Anonymous', but the binding only supports specification of exactly one authentication scheme. Valid authentication schemes are Digest, Negotiate, NTLM, Basic, or Anonymous. Change the IIS settings so that only a single authentication scheme is used.

I have not changed any configuration explicitly other than setting automaticFormatSelectionEnabled to false in order to return JSON:

<system.serviceModel>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    <standardEndpoints>
      <webHttpEndpoint>
            <!--Configure the WCF REST service base address via the global.asax.cs file and the default endpoint 
            via the attributes on the <standardEndpoint> element below-->
        <standardEndpoint name="" 
                          helpEnabled="true" 
                          automaticFormatSelectionEnabled="false"
                          />
      </webHttpEndpoint>
    </standardEndpoints>
  </system.serviceModel>

If the endpoint configuration not being set explicitly is the issue then how would I do so for this kind of service, in order to set the authentication scheme for the service explicitly to avoid this issue with iis developer express?

Note: I have the following assemblies Microsoft.Web.dll & Microsoft.Web.Administration.dll in the web service projects /bin folder of the application as described in workaround for hopsting WCF services here on the iss team blog: http://blogs.iis.net/vaidyg/archive/2010/07/21/wcf-workaround-for-webmatrix-beta.aspx

1

1 Answers

2
votes

You will need to disable the authentication scheme that is not needed, my guess Windows authnetication. So:

  1. Launch Notepad
  2. Open in Notepad file: %userprofile%\Documents\IISExpress8\config\applicationhost.config
  3. Search for <windowsAuthentication
  4. Change the enabled attribute from true to false
  5. Save

That will disable Windows Authentication for all sites, you could alternatively add a location path at the bottom of the file right before the last </configuration> line for the specific site (YourSite in this case) add:

<location path="YourSite" overrideMode="Allow">
    <system.webServer>
        <security>
            <windowsAuthentication enabled="false" />
        </security>
    </system.webServer>
</location>

This will only disable that for the specific site.