Geek Answers Handbook

How to disable authentication schemes for WCF data services

When I deployed my WCF data services to production hosting, I started getting the following error (or similar, depending on which authentication schemes are active):

IIS authentication schemes are "Basic, Anonymous", but binding only supports the exact definition of a single authentication scheme. Valid authentication schemes are Digest, Negotiation, NTLM, Basic or Anonymous. Change the IIS settings so that only a single authentication scheme is used.

Obviously, WCF Data Services (WCF in general?) Cannot handle an active active authentication scheme.

OK, so I know that I can disable only one authentication scheme in a web application through the IIS control panel .... through a support request!

Is there a way to specify a single authentication scheme for each service level in the web.config file?

I thought it might be as straightforward as making changes to <system.serviceModel> , but ... it turns out that WCF Data Services are not configured in a web configuration . If you look at the DataService<> class, it does not implement [ServiceContract] , so you cannot refer to it in <service><endpoint> ..., which I suppose will be required to change its configuration via XML.

PS Our host uses II6, but both solutions for IIS6 and IIS7 appreciated.

+7
wcf wcf-data-services
source share
1 answer

First, you can configure data services in a web configuration file. The contract used by the DataService is called System.Data.Services.IRequestHandler.

Here is what you can do in the web configuration file to configure it.

In the Service tag of the system.servicemodel element add

 <service name="{you service type name including the namespace ie myapplication.myservice}"> <endpoint address="" binding="webHttpBinding" contract="System.Data.Services.IRequestHandler"> </endpoint> </service>

After that, you can start customizing all mans using the standard WCF configuration items.

Secondly, to enable or disable authentication methods for a specific service in IIS, you can do the following:

In the IIS snap-in, right-click your utility file (i.e. yourservice.svc) and click properties. In the properties, go to the "File Security" tab and click the "Edit" button in the "Authentication and Access Control Group" field. after that, this is exactly the same as configuring directory security in IIS.

As a final suggestion for any troubleshooting problem, it is important to turn on the wcf indication when you configure it using the xml configuration written to WCF, wcf data logging is rich and very informative.

You can learn more about this at WCF Administration and Diagnostics

Hope I was able to help you with your problem.

let me know how things are.

Hi

Daniel Portella

UPDATE:

Hi Schneider

To specify an authentication scheme in xml below

For example Windows authentication

 <?xml version="1.0" encoding="utf-8"?> <configuration> <system.serviceModel> <bindings> <webHttpBinding> <binding name="MyBindingName" > <security mode="Transport"> <transport clientCredentialType="Windows" /> </security> </binding> </webHttpBinding> </bindings> <services> <service name="{you service type name including the namespace ie myapplication.myservice}"> <endpoint address="" binding="webHttpBinding" bindingConfiguration="MyBindingName" contract="System.Data.Services.IRequestHandler"> </endpoint> </service> </services> </system.serviceModel> </configuration>

For other types of authentication, please check the MSDN libraries for examples.

Common Security Scenarios

+16
source share

More articles:


All Articles