Hosting WCF service in IIS with windows authentication and without anonymous access

http://msdn.microsoft.com/en-us/library/ff648431.aspx http://msdn.microsoft.com/en-us/library/ff648431.aspx

How do I get wsHttpBinding with windows authentication to work without SSL? This is such a common requirement, but I couldn t find any solution for this. Can someone post the configuration for the client and the server please? I am using ASP.NET client.

My configuration below. and the exact error message is:

An error occurred while making the HTTP request to https://mymachine/WCFTest/Service1.svc https://mymachine/WCFTest/Service1.svc that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server.

I used "svcUtil" utility to generate the proxy class and configuration for the client.

server:
    <system.serviceModel>
        <bindings>
            <wsHttpBinding>
                <binding name="wsHttpEndpointBinding">
                    <security mode="Transport"/>
                </binding>
            </wsHttpBinding>
        </bindings>
        <services>
            <service behaviorConfiguration="WCFTest.Service1Behavior" name="WCFTest.Service1">
                <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding" name="wsHttpEndpoint" contract="WCFTest.IService1"/>
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="WCFTest.Service1Behavior">
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="false"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>
    </system.serviceModel>

client:
  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="wsHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
            receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
            transactionFlow="false" hostNameComparisonMode="StrongWildcard"
            maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
            allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00"
              enabled="false" />
          <security mode="Transport">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="Windows" negotiateServiceCredential="true"
                establishSecurityContext="true" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="https://mymachine/WCFTest/Service1.svc"
          binding="wsHttpBinding" bindingConfiguration="wsHttpEndpoint"
          contract="IService1" name="wsHttpEndpoint">
        <identity>
          <userPrincipalName value="mymachineASPNET" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel> 

http://msdn.microsoft.com/en-us/library/ff648505.aspx http://msdn.microsoft.com/en-us/library/ff648505.aspx

server config:    
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="WCFTest.Service1Behavior" name="WCFTest.Service1">
        <endpoint address="" binding="basicHttpBinding"
          bindingConfiguration="BasicHttpEndpointBinding"
          name="BasicHttpEndpoint" contract="WCFTest.IService1">
        </endpoint>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WCFTest.Service1Behavior">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

client config:
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
            receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
            bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
            useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://machinename/WCFTest/Service1.svc"
          binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint"
          contract="IService1" name="BasicHttpEndpoint" />
    </client>
  </system.serviceModel>