Many friends know that Windows authentication is supported in Web service. But it's not that much to use good friends, because there are a few special points to be aware of.
1. How to configure on the server side
Note here that authentication mode defaults to Windows, but it is useless to set this pattern alone. You must also set the authorization rule. And don't just allow, you must finally deny all users or groups that have not been allow.
The service must be published to the IIS server before it can be truly debugged. If you are not publishing, and just debugging in VS, you can't make some settings, such as what type of Windows Validation mode is, and so on.
2. Publishing services
It is generally necessary to disable anonymous access. At the same time you may need to select a specific validation mode (basic, or integrated)
If you select Basic, the client can dynamically specify a user name and password. However, it should be noted that at this time the user name and password is sent in clear text, there are security risks. (Can be used with SSL) to solve the problem
If you select integration, then the client will automatically negotiate with the server to determine whether to use NTLM or Korbers authentication, which means that the client's Windows credentials need to be automatically sent to the service side.