We run into an interesting problem today at work while working with JSON WCF Web Services built with Visual Studio 2008 and .NET 3.5.
The web application we are working on is to be released in a couple of weeks. It has been running fine on the test server for a number of iterations now, but today we installed an SSL certificate on this server and configured the application to require secure channel. Suddenly, the web application started to ask us for a username and password...
I looked closer into the logs and noticed the HTTP Error Code 401 (authorization error) coming back from web services when the web application requested our java script proxies. It turns out that in order to allow communication with the services via SSL, you need to configure additional binding configuration. See below our sample service model configuration. Hope it will save you a few hours of troubleshooting.
<system.serviceModel>
<behaviors>
<endpointBehaviors>
<behavior name="jsonBehavior">
<enableWebScript />
</behavior>
</endpointBehaviors>
<serviceBehaviors>
<behavior name="myServiceBehavior">
<serviceMetadata httpGetEnabled="true" httpGetUrl="" />
<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceThrottling maxConcurrentCalls="100"
maxConcurrentInstances="1000"
maxConcurrentSessions="1000"/>
</behavior>
</ serviceBehaviors>
</behaviors>
<bindings>
<webHttpBinding>
<binding name="sslBinding">
<security mode="Transport"/>
</binding>
</webHttpBinding>
</bindings>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
<services>
<service behaviorConfiguration="myServiceBehavior"
name="CourseCatalog">
<endpoint contract="CourseCatalog"
address=""
behaviorConfiguration="jsonBehavior"
binding="webHttpBinding"
bindingConfiguration="sslBinding"/>
<endpoint contract="IMetadataExchange"
address="mex"
binding="mexHttpBinding" />
</service>
</services>
</system.serviceModel>
Happy coding!