I am trying to configure a WCF service to allow for both Windows/NTLM and Basic Authentication. Unfortunately, given this configuration only Windows/NTLM works and basic authentication fails with an http status code of 401 Unauthorized.
Our IIS 7.5 server is configured to allow for both of these types of authentication.
What is wrong with the below configuration that is preventing basic authentication from working?
<wsHttpBinding>
<binding name="webBinding">
<security mode="Transport">
<transport clientCredentialType="Windows" />
<transport clientCredentialType="Basic" realm="XXX.YYY.com" />
</security>
</binding>
</wsHttpBinding>
I have also tried using basicHttpBinding, as a forum post indicated that wsHttpBinding might prevent basic authentication if WCF felt the password was being passed in clear text.