Authorization header missing when calling WCF web service on IIS 7

We have a WCF web service that takes a "username:password" Authorization header. This service works fine on my development Windows 7 machine and on a Windows Server 2003 machine in production.

However, our development and new product开发者_运维知识库ion servers are Windows Server 2008 and the service fails to receive the Authorization header.

You can see the raw request from Fiddler below includes the Authorization header.

POST http://servername/service.svc/soap HTTP/1.1

Content-Type: text/xml; charset=utf-8

Authorization: test:test

VsDebuggerCausalityData: uIDPozpQ7mbpOVRFu79Tl0h3mkIAAAAAJMavDzJlIkqyjJDSIIxdVuKNB0y6n29OvukFtyRt0wwACQAA

SOAPAction: "..."

Host: servername

Content-Length: 152

Expect: 100-continue

Accept-Encoding: gzip, deflate

Connection: Keep-Alive

I haven't successfully enabled IIS Advanced Logging to see if I can get any extra information on the server.

The IIS website is configured for anonymous authentication.

The service implements IAuthorizationPolicy and the Evaluate method is definitely being called, which is where the authorization information is missing.

It feels like I've misconfigured something in IIS, but I have no idea what! Any help would be much appreciated.

It turns out I was dealing with two different problems.

On the development server, I found that the .NET 4.0 installation was broken. This was diagnosed by this brilliant tool.

On both servers, I changed the pipeline mode from Classic to Integrated, as nobody knew why it was set to Classic in the first place. A few tweaks the web config later, and the service was working!

The solution may also have required Basic Authentication, as suggested by Richard L, since that was missing from the production server. Note that Basic Authentication is not enabled on the service web site itself.

A very frustrating few days trying to get this working.