Hello,
We have an IIS web site with sub applications inside it created via a MSI using IIS configuration and scripting.
For the root IIS web site in the authentication settings the anonymous authentication is enabled by default. So ideally for all the child applications below the root web site should also inherit anonymous authentication = true. But this is not working correctly.
We have many child applications (which are different WCF web services) within the root web site which do not work on initial setup. Even though in IIS the sub applications show anonymous authentication enabled, these services dont work and throw error "Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service" when browsing to the .svc file in the browser.
And this error goes away if we explicitly open authentication settings at each sub application and then click Anonymous authentication. And first Disable it and then again Enable it. After this the svc file can be correctly seen in the browser. Why is it so? Does anyone know how to fix this problem?
These WCF services have the following SSL binding setup:
<binding name="DefaultBinding_SSL" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="2147483647" maxBufferPoolSize="2147483647"
maxReceivedMessageSize="2147483647" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true">
<readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384"/>
<security mode="Transport">
<transport clientCredentialType="None" proxyCredentialType="None" realm=""/>
<message clientCredentialType="UserName" algorithmSuite="Default"/>
</security>
</binding>
===============
Please let me know how to fix this issue.
Regards,
Chetna