I have a winforms app running through a wcfhost (app server), setup pretty much like the ProjectTracker example (csla 3.6.3) using csla authentication.
The problem I'm having is that unless (on the client - using user accounts -> manage your network passwords) I store the user credentials of a known user account on the application server against its web address, the client is unable to access the wcfhost service. This network password feature is disabled by default as domain policy.
My question is how do I (can I ) configure the web server (IIS7 on w2008 svr) to allow anoymous access to the wcfhost service but to process the csla authentication as normal. I've tried changing various settings on IIS but so far nothing works.
Any help / advice would be greatly appreciated as I've been banging my head against a wall for some time on this.
Is there any reason you can't use Windows authentication? Turn it on as the only option on your WCF site, and then in your client application as soon as you start set the current thread's principal to a new WindowsPrincipal( WindowsIdentity.GetCurrent ). Also, you'll have to configure Csla to use Windows authentication as well.
Copyright (c) Marimer LLC