Vista - Security settings for this service require Windows Authentication

06-19-2007

Hi,

I am Hosting WCF service in IIS 5.1

Config is set to transport layer security. SSL is installed and configured
on the virtual folder and BasicHTTP bidings are being used for connection.

Authentication in web.config is set to Windows

Authorization in web.config is set to Deny Users="?" and Allow Users="*"

When trying to connect to the service using IE, it throws exception that

"Security settings for this service require Windows Authentication but it is
not enabled for the IIS application that hosts this service. "

Can some one tell me what is missing?

Do I have to set anything in Web.Config?

I need to achieve following using Basic HTTP binding

Transport Layer security (SSL), Windows Domain Authentication, Use user's
Domain identity to impersonate the user in service

Please suggest the settings if any. Please note that the same functionality
and config settings works when hosting in Windows Service.

Thanks

06-22-2007

On Jun 19, 2:00 pm, Hiten <H...@discussions.microsoft.com> wrote:
> Hi,
>
> I am Hosting WCF service in IIS 5.1
>
> Config is set to transport layer security. SSL is installed and configured
> on the virtual folder and BasicHTTP bidings are being used for connection.
>
> Authentication in web.config is set to Windows
>
> Authorization in web.config is set to Deny Users="?" and Allow Users="*"
>
> When trying to connect to the service using IE, it throws exception that
>
> "Security settings for this service require Windows Authentication but it is
> not enabled for the IIS application that hosts this service. "
>
> Can some one tell me what is missing?
>
> Do I have to set anything in Web.Config?
>
> I need to achieve following using Basic HTTP binding
>
> Transport Layer security (SSL), Windows Domain Authentication, Use user's
> Domain identity to impersonate the user in service
>
> Please suggest the settings if any. Please note that the same functionality
> and config settings works when hosting in Windows Service.
>
> Thanks

Do you have the Security settings set in IIS Manager? Under Directory
Security, do you have Digest or Basic authentication enabled? You
may also turn off Anonymous access to ensure that these are being
used. But, this means that you will then have to pass the name/
password details via the client proxy ClientCredentials.

Also, my understanding is that the system.web <authorization> plays no
role in WCF applications. That the only role enforcement available is
check the role in code using IsInRole or use the role permission
Attributes on the service. I am suspecting that the <authentication>
node in system.web is also the case.

If still not the case, post your web.config to view

Ron

06-19-2007	#1 (permalink)
Hiten n/a posts	Security settings for this service require Windows Authentication Hi, I am Hosting WCF service in IIS 5.1 Config is set to transport layer security. SSL is installed and configured on the virtual folder and BasicHTTP bidings are being used for connection. Authentication in web.config is set to Windows Authorization in web.config is set to Deny Users="?" and Allow Users="*" When trying to connect to the service using IE, it throws exception that "Security settings for this service require Windows Authentication but it is not enabled for the IIS application that hosts this service. " Can some one tell me what is missing? Do I have to set anything in Web.Config? I need to achieve following using Basic HTTP binding Transport Layer security (SSL), Windows Domain Authentication, Use user's Domain identity to impersonate the user in service Please suggest the settings if any. Please note that the same functionality and config settings works when hosting in Windows Service. Thanks
My System Specs

06-22-2007	#2 (permalink)
ronscottlangham@yahoo.com n/a posts	Re: Security settings for this service require Windows Authentication On Jun 19, 2:00 pm, Hiten <H...@discussions.microsoft.com> wrote: > Hi, > > I am Hosting WCF service in IIS 5.1 > > Config is set to transport layer security. SSL is installed and configured > on the virtual folder and BasicHTTP bidings are being used for connection. > > Authentication in web.config is set to Windows > > Authorization in web.config is set to Deny Users="?" and Allow Users="*" > > When trying to connect to the service using IE, it throws exception that > > "Security settings for this service require Windows Authentication but it is > not enabled for the IIS application that hosts this service. " > > Can some one tell me what is missing? > > Do I have to set anything in Web.Config? > > I need to achieve following using Basic HTTP binding > > Transport Layer security (SSL), Windows Domain Authentication, Use user's > Domain identity to impersonate the user in service > > Please suggest the settings if any. Please note that the same functionality > and config settings works when hosting in Windows Service. > > Thanks Do you have the Security settings set in IIS Manager? Under Directory Security, do you have Digest or Basic authentication enabled? You may also turn off Anonymous access to ensure that these are being used. But, this means that you will then have to pass the name/ password details via the client proxy ClientCredentials. Also, my understanding is that the system.web <authorization> plays no role in WCF applications. That the only role enforcement available is check the role in code using IsInRole or use the role permission Attributes on the service. I am suspecting that the <authentication> node in system.web is also the case. If still not the case, post your web.config to view Ron
My System Specs

Similar Threads
Thread	Forum
Web Service Authentication in ASP.NET (C#)	.NET General
Wireless authentication settings?	Vista networking & sharing
Security Service and Windows Wireless Service stopped working	Vista General
security settings and many java windows	Vista security