close

Gfi Endpoint Security Price

Whilst testing a WCF web service I got the error

The authentication schemes configured on the host (‘IntegratedWindowsAuthentication’) do not allow those configured on the binding ‘BasicHttpBinding’ (‘Anonymous’). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration file at the <serviceAuthenticationManager> element, by updating the ClientCredentialType property on the binding, or by adjusting the AuthenticationScheme property on the HttpTransportBindingElement.

Now this sort of made sense as the web services was mean to be secured using Windows Authentication, so the IIS setting was correct, anonymous authentication was off

Turns out the issue was, as you might expect, an incorrect web.config entry

httpGetEnabled=”true”/>          <!– To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information –>          <serviceDebug includeExceptionDetailInFaults=”true”/>        </behavior>      </serviceBehaviors>    </behaviors>  </system.serviceModel>

The problem was the basicHttpBinding had a named binding windowsSecured and no non-named default. When the service was bound to the binding it did not use the name binding, just the defaults (which were not shown in the config file).

The solution was to remove the name=”windowsSecured” entry, or we could have added a name to the service binding


endpoint security client cannot register to the server     endpoint security business

TAGS

CATEGORIES