I am trying to host a WCF web service in IIS using Windows Authentication. Due to restrictions, we have to use the basicHttpBinding & use impersonation (impersonate the caller's identity for accessing resources down the chain).
I have declaratively enabled impersonation on the operation contract of my WCF service:
[OperationBehavior(Impersonation = ImpersonationOption.Required)]
My web.config is:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<bindings>
<basicHttpBinding>
<binding name="basic">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows">
</transport>
</security>
</binding>
</basicHttpBinding>
</bindings>
<serviceHostingEnvironment multipleSiteBindingsEnabled="true" />
<services>
<service name="NotesService">
<endpoint address="http://Client1.osp.local:15000/NotesService/NotesService.svc" bindingConfiguration="basic" binding="basicHttpBinding" contract="NotesService.ServiceContract.INotesService">
<identity>
<servicePrincipalName value="HTTP/Client1.osp.local:15000"/>
</identity>
</endpoint>
</service>
</services>
</system.serviceModel>
However, I am getting an activation error. What am I missing?
The error I am getting is:
The contract operation 'Process' requires Windows identity for automatic
impersonation. A Windows identity that represents the caller is not provided by
binding ('BasicHttpBinding','http://tempuri.org/') for contract
('NotesService','http://tempuri.org/'.