Deploying a Silverlight Application and WCF Service to IIS

While deploying a Silverlight application on IIS today, I learned several new things. Let me express my observations; This post is going to describe the security settings for WCF service in web.config. To start, I assume that you are using either Windows or Forms authentication and denying all the anonymous users as described in a previous post.

First, make sure to remove the mexHttpBinding endpoint as this requires you to enable anonymous access to the website in IIS. The mexHttpBinding endpoint will look something like:

<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>


Typically, in your application, you will also be using some custom basicHttpBinding configuration for your WCF service endpoint, like this one:

<endpoint address="" binding="basicHttpBinding"
 bindingConfiguration="myCustomBasicHttpBinding" />

Using a custom binding allows you to configure buffers and quotas as described in this post. The definition of this custom binding will look something like:

  <binding name="myCustomBasicHttpBinding">
  <security mode="TransportCredentialOnly">
   <transport clientCredentialType="None"/>

The <transport clientCredentialType=”None”/> is the main point of interest here. If you are using Forms Authentication, you need to allow anonymous access through IIS and set the clientCredentialType to None. If you want to run your application under Windows Authentication, you should use clientCredentialType="xxxx" where xxxx is the corresponding IIS authentication type. So, to work with Integrated Windows/Basic/Digest/NTLM Authentication, the xxxx should be replaced by Windows/Basic/Digest/Ntlm respectively.


Update: Custom Binary Binding

Similar change is required for custom binary binding:

 <binding name="myCustomBinaryBinding">
  <binaryMessageEncoding >
   <readerQuotas ... />
  <httpTransport authenticationScheme="Anonymous" ... />

Again, the point of interest is the authenticationScheme attribute in the httpTransport element that needs to match the IIS authentication setting (e.g. Anonymous for Forms Authentication, Ntlm/Basic/Digest for Windows Authentication).

This way, the WCF service should work without any problems.


8 Responses to “Deploying a Silverlight Application and WCF Service to IIS”

  1. peteohanlon Says:

    Nice article there. You might just have saved me some headaches.

  2. Syed Mehroz Alam Says:

    Glad to learn that, Pete.

    Thank you.

  3. mknopf Says:

    Thanks for the info, much appreciated.

  4. Lou G. Says:

    Good information, thanks. However the title is a bit off the mark. I will definately use this information when I am successful in actually deploying my WCF service to IIS 7. Thanks

  5. JobLot Says:

    You are a gem. I think people like you should be doing webcast and MSDN for MS. I had been banging my head whole day long to get my Silverlight app communicate with WCF service hosted in IIS but to no avail. After going through your post things worked like a charm.

    I believe so called MS geeks and technology leaders should start putting together some pragmatic references rather than floating videos and text around on creating armature Hello World applications.

  6. K.Kong Says:

    I have switched to .NET Framework 4.0. The web.config is totally different – it’s now only a few lines. Any idea how to translate the above to 4.0? Thanks.

  7. swetha Says:

    I exactly follow the above procedure. But, i am getting the following error when i am opening wcf service after deploying it onto IIS

    The type ‘WebPage.Web.Service1’, provided as the Service attribute value in the ServiceHost directive, or provided in the configuration element system.serviceModel/serviceHostingEnvironment/serviceActivations could not be found.

    please, can any one help?

  8. Alps Says:


    I’m getting a similar error as swetha is.

    I’m using IIS7(Vista).

    Should the web.config file be in same place where the .svc file is?

    Thanks in advance.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: