Security settings for this service require ‘Anonymous’ Authentication but it is not enabled for the IIS application that hosts this service.


This error occurred, because I had an endpoint configured in mine wcf service web.config with a identity tag, as shown below:

<endpoint address="" binding="wsHttpBinding" contract="Tpp.Pegaso.MaintenanceService.IMaintenanceService">
        <dns value="localhost"/>

This identity element should be removed or replaced to reflect the identity under which the deployed service runs. If removed, WCF will infer an appropriate identity automatically.

To avoid disclosing metadata information, I set the serviceMetadata httpGetEnabled to false:

<serviceMetadata httpGetEnabled="true"/>

and removed the mex endpoint:

<endpointaddress="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>


  1. hii..

    If i remove the mex endpoint,how will my service exchange metadata ??mex is basically used to exchange metadata information ,right??then i set httpGetEnabled to false and remove the mex endpoint ,wouldn’t that give a problem in metadata exchange ??


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.