I am not sure we are on the same page here.
Starting with the SL Business Template, I add an ASPNETDB connection string which is the database for the users.
Then the user goes to the Registration Page and registers. This works until I want to disallow anonymous access to the business entities. So I go into the web.config to the object server settings like this:
<serverSettings useAspNetSecurityServices="true" loginManagerRequired="true" allowAnonymousLogin="false" />
In other words, I need to verify that anyone connecting to the DevForce WCF service is authenticated so I don't get a hacker somehow making calls on the database. To do that I change the object server settings to allowAnonymousLogin to false. At that point, however, a person can no longer register because he is an anonymous user when he is registering which is disallowed. Thus if I want to allow registering, I have to allow anonymous logon.
So of course I would like to allow people to register, as well as not allow anonymous calls to the Data. The only suggestion on this in the past has been to allow anonymouslogin, and then check every request on the server to see if it should be allowed or not. This seems like an unworkable solution. Surely there must be a better way.