I have WCF services that is deployed on IIS 7 server. My services requires sessions because of object states that needed to be managed. I don’t transport or message security. This would be handled internally by the services. To accomplish this, I disabled security and enbled sessions using these properties.
<reliableSession enabled=”false”/>
<security mode= “None”></security>
Here’s an example of where these properties go in your configuration file.
<bindings>
<wsHttpBinding>
<binding name=”Binding1″>
<reliableSession enabled=”false”/>
<security mode= “None”></security>
</binding>
</wsHttpBinding>
</bindings>
If WCF is not configured properly, you may run into these exceptions.
“The caller was not authenticated by the service…”
“Contract requires Session, but Binding ‘WSHttpBinding’ doesn’t support it or isn’t configured properly to support it”