Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service

Question

I am using IIS V5.1. Integrated windows authentication

I have a following web config:

<system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="wsHttpEndpointBinding">
          <security mode="Transport" />
        </binding>
      </wsHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="DXDirectory.Service1Behavior"
        name="DXDirectory.DXDirectoryService">
        <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding"
          name="wsHttpEndpoint" contract="DXDirectory.IDXDirectoryService" />
        <endpoint address="mex" binding="mexHttpsBinding" bindingConfiguration=""
          name="MexHttpsBindingEndpoint" contract="IMetadataExchange" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="DXDirectory.Service1Behavior">
          <serviceMetadata httpGetEnabled="false" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

When I choose to see svc file in browser it will show the following error:

Exception:
Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service.

This error is removed when I remove the Mex endpoint.

But when I try to add the service reference in client application it gives the following error :

the document at the url http://localhost/DXDirectory/DXDirectoryService.svc was not recognized as a known document type.

The error message from each known type may help you fix the problem:

• Report from 'http://localhost/DXDirectory/DXDirectoryService.svc' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
• Report from 'DISCO Document' is 'There was an error downloading 'https://hes-ashu.abc.com/DXDirectory/DXDirectoryService.svc?disco'.'.
  • The underlying connection was closed: An unexpected error occurred on a send.
  • Authentication failed because the remote party has closed the transport stream.
• Report from 'WSDL Document' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'.
• Report from 'XML Schema' is 'The document format is not recognized (the content type is 'text/html; charset=UTF-8').'. Metadata contains a reference that cannot be resolved: 'http://localhost/DXDirectory/DXDirectoryService.svc'.

The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Negotiate,NTLM'.

The remote server returned an error: (401) Unauthorized.

If the service is defined in the current solution, try building the solution and adding the service reference again.

Answer 1

When you specify Transport security mode WCF expects https. Try fixing this and see what error you get.

Also check your system.web tag.

The response you are getting back "text/html", is probably an error page, so if you have the possibility of looging it, you will get a better error message.