We are using IIS 7.5 with only windows authentication enabled. providers are ntlm and negogiate ( since we want it to be accessible via internet).
The client is silverlight calling wcf services. even though we have session established the client sends the negotiate and server return 401 with some authentication token. this happends intermettinetly , with many sucessful calls ( intermingled with failed calls)
Many calls work fine and just send sessionid and everthing works fine.
In fiddler we see below
Client sends
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==
ASP.NET_SessionId=0ix0fqf02j1imrpfc4awit3w
Server sends
WWW-Authenticate: Negotiate TlRMTVNTUAACAAAACgAKADgAAAAVgonitqRU/FVLp9EAAAAAAAAAAI4AjgBCAAAABgGxHQAAAA9BAEQATABBAEIAAgAKAEEARABMAEEAQgABAA4AQwBJAFIAVAAtAEQAMwAEABYAYQBkAGwAYQBiAC4AbABvAGMAYQBsAAMAJgBDAEkAUgBUAC0ARAAzAC4AYQBkAGwAYQBiAC4AbABvAGMAYQBsAAUAFgBhAGQAbABhAGIALgBsAG8AYwBhAGwABwAIAMsTFgtFNc4BAAAAAA==