I have one service located at US servers say
http://myservice/ProfileManagerWS/ProfileMGRWS.asmx
When any client make a call, I need to check request header property. If property say its a call for Canadian instance, then redirect call to http://ca-myservice/ProfileManagerWS/ProfileMGRWS.asmx
Previously service was only located at US servers and we have hosted service into Canadian servers just now.
We do not want to make any code changes at consumers of
http://myservice/ProfileManagerWS/ProfileMGRWS.asmx
Should I write HTTPModule or soap extension for US instance?
Also, should I add proxy to US instance to call Canadian instance?
First of all, unless your client application has functionality that will accept a redirect response you won't be able to alter your web service get that functionality.
What you would probably want to do is to implement Geographical Load Balancing at your DNS server. If a Canadian requests the IP address for myservice, give them an IP address that goes to your Candian server that is also configured to accept requests for the myservice domain.
Related
How can i create wcf service at runtime, I've searched but every question and answer I found is how to consume dynamic WCF services. But I want to create new adresses on the host or change the adress/name of an existing service.
ex
If a have my wcf service at some adress http://somewhare:5751/default.svc and I like to dynamiclly create a new service on the same host with the same contract,bindings etc just another adress http://somewhare:5751/defaultCopy.svc and it's going to be persistent.
Is this possible or should I do some sort of redirect traffic to the default.svc ?
Edit:
Why I want this is just because of it will be more user friendly, the user will create his own database(SDF). I could send parameters along with the calls to the service that defines the correct database, but It would be alot nicer if a user can specify their own name of the service.
I developed a WCF Service hosted in a Windows Service which would send a request to the thirdparty webservice and expects a response.So all i would be given is the url/wsdl information of the thirdparty service where its hosted.
I want to implement say a test service which would give response to my request and Create a single proxy of that service by adding service reference in the visual studio to the actual service.So there can be any number of third party applications which would provide their urls in the future for communication.
My question about the WCF is can i create a single proxy client once and just send the request to a webservice based on the url on the fly ? Is it possible to use the same proxy client for both HTTP and HTTPS by just passing the binding and address parameters dyanmically ?
Once you have create the proxy you cannot change its address. You could have several open proxies, one per 3rd party. In addition a single proxy cannot be reused for http and https since they use different bindings (in addition to the reason above).
One reason for this behavior (which may or may not be relevant in your case) id that proxy can keep state with the server, for example an open security session.
I have a challenge and I believe there is a developer smarter than me that can provide some insight.
I have a web service. This web service is written with ASP.NET MVC in C#. I want to allow developers to call this web service. When developers are writing code, I recognize that web apps typically run from localhost. When they call this service, I want to be able to identify if the request is coming from localhost. However, if I look at the IP address, its the IP address of their machine.
Is there a way for me to even do this? Clearly Request.IsLocal won't work as my web service is running on an entirely different machine.
When you call a web service, the browser usually passes the page in the Referer header. So you can check if that value starts with "http://localhost". Virtually anything in an http request can be forged (including this), so be careful what kind of decisions you make based on this data.
Without passing some additional data along with the request from the app, there's not going to be any way for you to know.
You'll only be able to get the IP address or Host name that was used to make the request to your Web Service and it sounds like you want to be able to find the Host Name (localhost) that was used to make the request to the app (which then triggers the call to the Web Service).
How will you then define local (from the perspective of your service)? You'd be better off setting up a development service on a different API end point instead of attempting to guess this.
All production level API calls can go to something like api.yourservice.com with all development level requests coming in via dev.yourservice.com.
You can then have two separate services or have your service read the URL being requested and differentiate based on this.
I'm building a complex, public web service in WCF that send email to a specific address, similar to a contact form but with some features.
With jQuery I get the data from the textbox and with Ajax and json I send to the web service the strings to proceed at the send.
Now, is there a good way to make it secure?
I mean.. the service is public so someone can have access to it and starting to spam on this address. Can I restrict the users to use the web service only from the correct web site?
Thanks.
IF the WCF service is hosted in the IIS you can allow calls only from a specific IP address, look at the directory security settings under IIS.
By far the simplest way is to have your web service require some type of access key in order to run the operation.
Something simple like a base64 encoded GUID would work. It doesn't even have to change. Just add a parameter called "AccessKey" or something similar. Have your app pass that and let the service validate that it is good.
Another idea is to have the web service check the http headers to see if it came from the page you authorized to use it.
Neither of those are perfect. The first one means that your "key" will be inside the html you send to the client. The second one can be spoofed.
Personally, I'd probably not bother at this level and just log what the service is doing. If the traffic counts to the service start to exceed what you think it ought to be, then I'd investigate ways to mitigate it. Most likely, given that it's a service you won't see any issues.
Duplicate: This is the exact same question, from the exact same person, as Issue with Incorrect URLs in the WSDL of a .NET Web Service, and has the exact same answer. Let's please close this and merge it with the other.
We have installed an ASP.NET web site on a client's server. This site has a web service with a couple of web methods that are called by a Flash object in order to display a news feed. If you browse to their site (ex: www.domain.com), everything's working fine except the flash.
The issue is that when we browse to the .asmx, the header shows that the Host is a subdomain internal to their network (internal.domain.com). Obviously this doesn't resolve to any public IP when browsing from outside of their network. This causes the Flash to fail since the flash object is embedded on a page and is therefore running client side.
I checked the computer name on the server in question, and it doesn't even match "internal.domain.com" - it is something completely different. Where is it getting this information from. It is not coming from IIS, since we have no host headers set up, and the IP for the site is set to (all unassigned).
We either need to force the web service to run against a specific host, or we need to change something on the server so that it resolves to a valid public-facing host name. Any and all help is greatly appreciated!!!!
Web service host names are usually configured in the web.config when being consumed by .NET. When they are being consumed by flash you might need to go looking in the flash file. (my guess is that it is still configured for some sort of SIT environment.
I'm not sure of the details of this, but I've seen this complaint with respect to WCF. The answer had to do with setting the host headers in IIS.
It's IIS that passes the host name to ASP.NET or WCF, and it passes the host header when that is configured. If it's not configured, then I suppose it won't send that header as the "host name", even if the client sets that header in the request.