Hi,
I have an issue with my webservice that I just published on IIS 6. This is just for test purposes.
Webservice settings:
<authentication mode="None"/>
.
.
<security>
<authentication>
<anonymousAuthentication enabled="true"/>
</authentication>
</security>
IIS Settings:
I have a designated account for this matter called realtime, and I added this account to the permissions under the webservice. In addition, I checked only enable anonymous access with the same user name and password.
So far, everything works on the server itself, I can send a value and get a response through the web browser. Now, when I try it from a different computer, I get the results below plus I get the windows authentication window asking me for a user name and password after I get the response below. Is there a way to not ask for a password since I disabled everything and enabled anonymous calling in IIS and in the webservice? what am I missing? please help
This is my Request:
POST /realtime.asmx HTTP/1.1
SOAPAction: "http://www.myRealtime.com/Realtime/QuickEligibility"
Content-Type: text/xml
User-Agent: Borland SOAP 1.2
Host: localhost:8080
Content-Length: 500
Connection: Keep-Alive
Cache-Control: no-cache
<?xml version="1.0"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><SOAP-ENV:Header><AuthSoapHd xmlns="http://www.myRealtimecom/"><CIN>user</CIN><Password>password</Password></AuthSoapHd></SOAP-ENV:Header><SOAP-ENV:Body><QuickEligibility xmlns="http://myRealtime.com/"><value>Test</value></QuickEligibility></SOAP-ENV:Body></SOAP-ENV:Envelope>
This is my reponse:
HTTP/1.1 401 Unauthorized
Content-Length: 1656
Content-Type: text/html
Server: Microsoft-IIS/6.0
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Tue, 12 Aug 2008 17:55:21 GMT
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>You are not authorized to view this page</h1>
You do not have permission to view this directory or page using the credentials that you supplied because your Web browser is sending a WWW-Authenticate header field that the Web server is not configured to accept.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe you should be able to view this directory or page.</li>
<li>Click the <a href="BLOCKED SCRIPTlocation.reload()">Refresh</a> button to try again with different credentials.</li>
</ul>
<h2>HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to <a href="http://go.microsoft.com/fwlink/?linkid=8180">Microsoft Product Support Services</a> and perform a title search for the words <b>HTTP</b> and <b>401</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>About Security</b>, <b>Authentication</b>, and <b>About Custom Error Messages</b>.</li>
</ul>
</TD></TR></TABLE></BODY></HTML>