使用windows身份验证在IIS中承载WCF服务，而不进行匿名访问

我想在启用集成windows身份验证和禁用匿名访问的情况下使用IIS（5/6）中托管的WCF服务。我试图通过以下方式来实现此目的，但收到一个错误，表示未安装证书。但我不需要SSL。我没有任何客户机需要较旧的ASMX服务，因此我不需要使用basicHttpBinding（而且它也不安全），所以我尝试使用wsHttpBinding

如何使具有windows身份验证的wsHttpBinding在没有SSL的情况下工作？这是一个常见的要求，但我找不到任何解决方案。有人可以发布客户端和服务器的配置吗？我正在使用ASP.NET客户端

我的配置如下。确切的错误信息是：

向发出HTTP请求时出错 . 这可能是因为 服务器证书未使用HTTP.SYS正确配置 在HTTPS案例中。这也可能是由于 客户端和服务器之间的安全绑定

我使用“svcUtil”实用程序为客户端生成代理类和配置

server:
    <system.serviceModel>
        <bindings>
            <wsHttpBinding>
                <binding name="wsHttpEndpointBinding">
                    <security mode="Transport"/>
                </binding>
            </wsHttpBinding>
        </bindings>
        <services>
            <service behaviorConfiguration="WCFTest.Service1Behavior" name="WCFTest.Service1">
                <endpoint address="" binding="wsHttpBinding" bindingConfiguration="wsHttpEndpointBinding" name="wsHttpEndpoint" contract="WCFTest.IService1"/>
            </service>
        </services>
        <behaviors>
            <serviceBehaviors>
                <behavior name="WCFTest.Service1Behavior">
                    <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
                    <serviceMetadata httpGetEnabled="true"/>
                    <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
                    <serviceDebug includeExceptionDetailInFaults="false"/>
                </behavior>
            </serviceBehaviors>
        </behaviors>
    </system.serviceModel>

client:
  <system.serviceModel>
    <bindings>
      <wsHttpBinding>
        <binding name="wsHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
            receiveTimeout="00:10:00" sendTimeout="00:01:00" bypassProxyOnLocal="false"
            transactionFlow="false" hostNameComparisonMode="StrongWildcard"
            maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true"
            allowCookies="false">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <reliableSession ordered="true" inactivityTimeout="00:10:00"
              enabled="false" />
          <security mode="Transport">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="Windows" negotiateServiceCredential="true"
                establishSecurityContext="true" />
          </security>
        </binding>
      </wsHttpBinding>
    </bindings>
    <client>
      <endpoint address="https://mymachine/WCFTest/Service1.svc"
          binding="wsHttpBinding" bindingConfiguration="wsHttpEndpoint"
          contract="IService1" name="wsHttpEndpoint">
        <identity>
          <userPrincipalName value="mymachine\ASPNET" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel> 

服务器：
客户：

我最终使用了文章中解释的basicHttpBinding。如果有人感兴趣，请在下面发布客户端和服务器的配置。客户端配置是使用“svcutil”生成的

服务器配置：
客户端配置：

发布您的绑定（服务器/客户端）和确切错误。windows身份验证不需要SSL。绑定表明要使用传输安全性。我不是100%肯定，但我认为传输安全性与SSL的含义相同。正如这个问题的标题所说，我想要的是，在IIS中使用windows身份验证和匿名访问托管WCF服务，我需要做哪些更改@阿利奥斯塔德提出了一些改变，但仍然不起作用，他的评论也被删除了？

server config:    
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpointBinding">
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <services>
      <service behaviorConfiguration="WCFTest.Service1Behavior" name="WCFTest.Service1">
        <endpoint address="" binding="basicHttpBinding"
          bindingConfiguration="BasicHttpEndpointBinding"
          name="BasicHttpEndpoint" contract="WCFTest.IService1">
        </endpoint>
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="WCFTest.Service1Behavior">
          <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment -->
          <serviceMetadata httpGetEnabled="true"/>
          <!-- To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information -->
          <serviceDebug includeExceptionDetailInFaults="false"/>
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>

client config:
  <system.serviceModel>
    <bindings>
      <basicHttpBinding>
        <binding name="BasicHttpEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
            receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
            bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
            maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
            messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
            useDefaultWebProxy="true">
          <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
              maxBytesPerRead="4096" maxNameTableCharCount="16384" />
          <security mode="TransportCredentialOnly">
            <transport clientCredentialType="Windows" proxyCredentialType="None"
                realm="" />
            <message clientCredentialType="UserName" algorithmSuite="Default" />
          </security>
        </binding>
      </basicHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://machinename/WCFTest/Service1.svc"
          binding="basicHttpBinding" bindingConfiguration="BasicHttpEndpoint"
          contract="IService1" name="BasicHttpEndpoint" />
    </client>
  </system.serviceModel>