I have hosted my WCF windows service on WINDOWS 7 OS and have client application on windows-XP PC. WIN-7 firewall is blocking my XP client app, when I disabled firewall on Win-7, client app is working nicely. how I can overcome this problem. I am using security mode="none" for all lan based client app.
Client side config file
<system.serviceModel>
<bindings>
<netNamedPipeBinding>
<binding name="NetNamedPipeBinding_IDataService" >
<security mode="Transport">
<transport protectionLevel="EncryptAndSign" />
</security>
</binding>
</netNamedPipeBinding>
<netTcpBinding>
<binding name="NetTcpBinding_IDataService">
<security mode="None">
</security>
</binding>
</netTcpBinding>
</bindings>
<client>
<endpoint address="net.tcp://localhost:8523/DataServices" binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_IDataService" contract="DataServiceReference.IDataService"
name="NetTcpBinding_IDataService" />
<endpoint address="net.pipe://localhost/" binding="netNamedPipeBinding"
bindingConfiguration="NetNamedPipeBinding_IDataService" contract="DataServiceReference.IDataService"
name="NetNamedPipeBinding_IDataService">
</endpoint>
</client>
</system.serviceModel>
Or, you can add/enable Windows Communication Foundation Net.TCP Listener Adapter (TCP-In) in Inbound Rules in Windows Firewall with Advanced Security
You do not need to disable firewall. Your config has 2 endpoints defined here. While net.tcp would be blocked by firewall, net.pipe would not be affected. So just use NetNamedPipeBinding_IDataService endpoint in your clients.
If for some reason this is not working or client is not on the same domain (extent of net.pipe) you can use wsHttpBinding or even simpler basicHttpBinding. This would use Http over port 80 which is most likely open if your server has IIS installed.
You overcome the problem by disabling the firewall. There is nothing you can do within the WCF config that can get round a firewall on the host machine. If the port you bind to is blocked then no data will ever reach the end point.
Related
I have a problem accessing a .Net WCF Service that uses Basic authentication. The server's web.config file has the service configured as such:
<services>
<service behaviorConfiguration="serviceBehavior" name="api.GlobalService">
<endpoint address="" behaviorConfiguration="restBehavior" binding="basicHttpBinding"
bindingConfiguration="Basic" contract="api.IGlobalService" />
</service>
</services>
with the binding:
<bindings>
<basicHttpBinding>
<binding name="Basic">
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Basic"/>
</security>
</binding>
</basicHttpBinding>
</bindings>
In my IIS Express config file I enabled basic authentication as such:
<basicAuthentication enabled="true" />
I am running it in debug mode, on localhost, and I don't want a custom basic authentication, I want it to authenticate against Windows credentials. I access the server directly, from the browser, and enter my windows credentials when prompted, or from Postman using basic authentication and credentials, however I always get a 401. I am not authorized to access a server I run on my own machine with my own credentials. Any help on what I'm doing wrong?
You can try the following, in the application that consumes the WCF Service
WCFServiececlient.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
WCFServiececlient.ChannelFactory.Credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
There is external SOAP API which supports requests over HTTPS only.
I am having Windows Service written in C# and calling this web service.
Below is the configuration on Windows Service's config -
<system.serviceModel>
<client>
<endpoint address="https://myExtAPI.com/api_1234/service.asmx"
binding="basicHttpBinding" bindingConfiguration="myExtAPI"
contract="myExtAPI" name="myExtAPI" />
</client>
<bindings>
<basicHttpBinding>
<binding name="myExtAPI">
<security mode="Transport" />
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
When call is made to API method I am getting this error - "No connection could be made because the target machine actively refused it".
I have written another web application. With same configuration, I am able to make successful call to API method.
UPDATE: Windows Service is running under Network Service account.
What am I missing? Any suggestions?
Thanks in advance.
I have service with transport level security when I have changed http to https , i am unable to expose operation contract as it is showing site can't be reached in browser itself.
Below is my config file
<wsHttpBinding>
<binding name="transport">
<security mode="Transport">
<transport clientCredentialType="None">
</transport>
</security>
</binding>
</wsHttpBinding>
<service name="WcfService1.Service1">
<endpoint address="" binding="wsHttpBinding" bindingConfiguration="transport" contract="WcfService1.IService1"></endpoint>
</service>
My service is hosted via IISExpress where Project URL is as below
https://localhost:49500/
And also SSL is enabled with SSL URL which is different from http URL.
I have tried many possible way as stated in SO but couldn't able to find solution for this.
Please help!
I have a C# application which is using Travelport Universal API interfaces through SOAP communication.
In C# I used the wsdls for generating the SOAP client.
I have this config settings for HTTPS connection (this was generated by Visual Studio from WSDL):
<system.serviceModel>
<bindings>
<basicHttpsBinding>
<binding name="AirLowFareSearchBinding" maxBufferSize="2097152" maxReceivedMessageSize="2097152">
<security mode="Transport">
<transport clientCredentialType="Basic" />
</security>
</binding>
</basicHttpsBinding>
</bindings>
<client>
<endpoint address="https://emea.universal-api.travelport.com/B2BGateway/connect/uAPI/AirService" binding="basicHttpsBinding" bindingConfiguration="AirLowFareSearchBinding" contract="AirServiceReference.AirLowFareSearchPortType" name="AirLowFareSearchPort" />
</client>
About this SSL3.0 vulnerability Travelport want to disabling SSL3, and I could use just over TLS.
My question is what should I change on this config, or should I change anything for TLS connection on https instead of SSL3.
In you code before calling to the service:
system.Net.ServicePointManager.SecurityProtocol=SecurityProtocolType.Tls12;
Here is a blog post Here
I have seen several posts related to this but I have not found an answer to my problem
So I have a client sending messages to a MSMQ using WCF netmsmq binding. This works fine.
I have a web site hosted in my local IIS7 (Windows 7) exposing a WCF MSMQ endpoint.
When I publish a message from the client, the messages are not being consumed, they just stay in queue forever UNTIL, I manually browse the service, after that the messages are sent to the service hosted in IIS
So what do I need to do in order to consume the messages automatically by my WCF service hosted in IIS?
Note: I just noticed that after calling any WCF service hosted in my web applicaiton in IIS wakes up the service or something and suddenly the queue messages are consumed...
Client Configuration
<system.serviceModel>
<client>
<endpoint name="Service.ServiceContracts.QueueLoggingService NET MSMQ"
address="net.msmq://localhost/private/Service.WebHost/QueueLoggingService.svc"
binding="netMsmqBinding"
contract="Service.ServiceContracts.IQueueLoggingService">
</endpoint>
</client>
<bindings>
<netMsmqBinding>
<binding exactlyOnce="true" durable="true" maxRetryCycles="15" receiveRetryCount="15">
<security mode="None">
<message clientCredentialType="None" />
<transport msmqAuthenticationMode="None" />
</security>
</binding>
</netMsmqBinding>
</bindings>
</system.serviceModel>
Server configuration
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true">
</serviceHostingEnvironment>
<services>
<service name="Service.ServiceImplementations.QueueLoggingService">
<endpoint
address="net.msmq://localhost/private/Service.WebHost/QueueLoggingService.svc"
binding="netMsmqBinding"
contract="Service.ServiceContracts.IQueueLoggingService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<bindings>
<netMsmqBinding>
<binding exactlyOnce="true" durable="true" maxRetryCycles="15" receiveRetryCount="15">
<security mode="None">
<message clientCredentialType="None" />
<transport msmqAuthenticationMode="None" />
</security>
</binding>
</netMsmqBinding>
</bindings>
</system.serviceModel>
Things that I have tried:
Message Queuing service running
Message Queuing Triggers service running
Net.Msmq Listener Adapter service running
Net.Pipe Listener Adapter service running
Net.Tcp Listener Adapter service running
Net.Tcp Port Sharing Service service running
Distributed Transaction Coordinator service running
MSMQ Active Directory Domain Service Integration installed
MSMQ HTTP Support installed
MSMQ Triggers installed
MSMQ Multicasting support installed
WCF Non-HTTP Activation installed
WCF HTTP Activation installed
The AppPool is configured to start automatically
My Default Web Site contains the following configuration:
<application path="/Service.WebHost" applicationPool="MyGenericAppPool" enabledProtocols="net.msmq, http">
<virtualDirectory path="/" physicalPath="C:\Some Path\Service.WebHost" />
</application>
<bindings>
<binding protocol="http" bindingInformation="*:80:" />
<binding protocol="net.tcp" bindingInformation="808:*" />
<binding protocol="net.pipe" bindingInformation="*" />
<binding protocol="net.msmq" bindingInformation="localhost" />
<binding protocol="msmq.formatname" bindingInformation="localhost" />
</bindings>
The autostart functionality is provided by AppFabric, so you must install it. Then, you will be able to use a command line similar to this one, in order to auto-start your WAS application :
appcmd.exe set app /app.name:YourApplication /serviceAutoStartEnabled:True /serviceAutoStartMode:All
OK
This guy saved me hours of reserching:
Paul Bahler #paulbahler
Turns out that even when the AppPool was set to Start Automatically .... it was not apperantly...
So this guy suggested me to install App Fabric tools and then just configure the application to automatically start and booooooom it worked