I have a WCF service which is ready to be hosted. I need to host it on a computer inside the company and it should be accessed only by the people inside the company without any external access. You can assume that all of the computers inside the company are connected to each other. How should I do this correctly?
Host the service using IIS or wrap it as a Windows Service. Either way, that's how you host it.
Securing it is up to you or your IT department and isn't within the scope of SO. If you need a security lesson, jump on over to ServerFault.
I resolved this in the following way :
1.Disable your firewall for private networks
2.Host your application on a free port
3.Ready to go.
Related
I have a wcf service (with net.tcp binding) hosted at windows service and a wpf client. when I run the service in a server outside the company's domain it works excellent, the problem is when I host the service in a server inside the company's domain, and try to run the wpf app in a client outside of the company domain.
I'm getting the same error, "The Socket connection was aborted..."
I try with Security Mode None, Transport and the same result.
My question is, what is the correct way to do that? I mean host the wcf net TCP service in a domain server and call it from a client outside of domain?
Thanks a lot!
I change the binding from net.tcp to wshttp and the service works fine!
Server with the corporate domain and client without corporate domain
The thing is I need the make this work with net.tcp
Neither a Windows Domain nor DNS have anything to do with WCF/TCP if you don't explicitly make it so.
Assuming the address you gave actually leads to the PC you host your service on (so no local IP addresses) and nothing in between (like a firewall) blocks the connection, it should work.
The correct way is to make sure client and server can talk to each other. If it's different networks, you will need NAT and if one is a corporate network I'd be very surprised to see no firewall that you need to configure.
As a first step, try to ping your target machine from your client machine.
There are 3 people working on a project, one of which is working on a wcf service, is it possible for him to create an IIS site on his machine locally to host the service and allow the other members to access that service/site on his machine if we are on our company shared Network? I'm trying to see whats the best way to host this service on a test server so the other members can test it out as well without any bugs.
Oh yes, that's the most common way of hosting WCF service.
Under project properties of your WCF service just select "Web" and then "Use local IIS server"
To answer your question directly: yes, this is possible. I have performed this exact setup by hosting a web site on a local laptop. We have been able to access the site from dozens of computers on the same network successfully.
I've a WCF service running just on my laptop. The laptop is connected to the web, IP is static.
What's involved in getting that service consumable by a web user (say I'm in Cyprus and my clients are other in the US), can I restrict users by their IP address?
Please not, I'm aware of WCF support for P2P, but that's not what I'm looking for. The service will be migrated to a proper hosting environment after a while.
I'd let IIS do the heavy work and restrict IPs.
Restrict IP addresses in IIS
Just host the WCF inside a web project and use a dynamic DNS service to pass through to your laptop.
HTH
This is probably a basic networking issue, but I am new to this stuff and just do not know the answer.
I have written a wcf service and client. I can use one of the http bindings and get the service to work correctly when I put my machine's network IP address as the endpoint address and run the client and server from the same machine. Now, I want to be able to connect to this service from a different machine over the internet. Clearly it does not work when I use my network IP address in this scenario, but simply putting in my router's broadband IP address does not seem to be doing the trick, either. Am I just missing a firewall port that I need to open up, or am I trying to do something that should not be possible?
If you want users from the internet to be able to connect to your service, you'll have to consider a few points:
binding: the lowest common denominator is the basicHttpBinding which is SOAP 1.1 with basically no additional features available - just like ASMX webservices. Just about anyone can connect to that. For more advanced clients, you might also want to expose a wsHttpBinding endpoint on your service
security: how (if at all) do you want to secure access to your web service? Do you have username/password credentials that callers must supply? Check out the WCF Security Guidance for a whole slew of information bits on the various security scenarios
authenticating your service: typically, you should strive to make your service authenticate itself to the rest of the world - this requires a server certificate and enables secured communication (messages signed + encrypted) on the wire
make sure your service endpoint(s) is reachable from the internet, through all firewalls and proxies and everything :-)
Hope that helps a bit!
You need to set up port forwarding on your router. Perhaps someone on ServerFault or SuperUser would be able to help you. Or even a google search now that you know what it's called. The instructions will be different depending on the router. The port you need to forward will be the port you've picked in the WCF config file.
I host WCF services through IIS, but it took me ages to work out how. At the moment I put the files on the webserver and enable websharing on the root folder. Then you can assign them to an appropriate Application Pool in IIS, and add a service reference to any client projects using the URL of the wsdl.
I'm not sure if this is the best way to do it but its the only way I've worked out so far.
Here's the simple solution.
I am assuming that you have made a working WCF application and hosted over the IIS.
The next thing to do is to browse the application from the IIS. It will give you url in the address bar something like:
http://localhost/myservice/service.svc
Next go to www.whatismyip.com. this will give you your system's WAN IP (say, 45.34.56.200).
Replace the URL you got in step 2 with: http://45.34.56.200/myservice/service.svc
Now you can use this URL any where in this world to consume your service.
I found a good Article and it is working fine for me, on the following the Main steps:
1-First you should create WCF Service.
2-add application on IIS and give alias for your virtual directory and set path from your local drive.
3-Make sure your default app pool set to .NET CLR V4.0.
4-test your WCF service is running successfully on localhost.
5-To access the same via LAN (Local Area Network) you must disable Firewall for you Private network.
6- try to use ngrok.com, you will get Temp URL to use via internet to access your LocalHost anywhere.
Then Everything will be fine.
For More Information Check the following Link:
https://www.codeproject.com/Tips/813650/Host-WCF-on-LocalHost-and-access-via-Internet
We use BigIP to load balance between our two IIS servers. We recently deployed a WCF service hosted on by IIS 6 onto these two Windows Server 2003R2 servers.
Each server is configured with two host headers: one for the load balancer address, and then a second host header that points only to that server. That way we can reference a specific server in the load balanced group for debugging.
So when we run We immediately got the error:
This collection already contains an address with scheme http. There can be at most one address per scheme in this collection.
Parameter name: item
I did some research and we can implement a filter to tell it to ignore the one of the hosts, but then we cannot access the server from that address.
<serviceHostingEnvironment>
<baseAddressPrefixFilters>
<add prefix="http://domain.com:80"/>
</baseAddressPrefixFilters>
</serviceHostingEnvironment>
What is the best solution in this scenario which would allow us to hit a WCF service via http://domain.com/service.svc and http://server1.domain.com/service.svc?
If we should create our own ServiceFactory as some sites suggest, does anyone have any sample code on this?
Any help is much appreciated.
EDIT: We will need to be able to access the WCF service from either of the two addresses, if at all possible.
Thank you.
On your bigIP Create 2 new virtual servers
http://server1.domain.com/
http://server2.domain.com/
create a pool for each VS with only the specific server in it - so there will be no actual load balancing and access it that way. If you are short on external IP'S you can still use the same IP as your production domain name and just use an irule to direct traffic to the appropriate pool
Hope this helps
The URL it uses is based on the bindings in IIS. Does the website have more than one binding? If it does, or is the WCF service used by multiple sites? If it is, then you are SOL AFAIK. We ran into this issue. Basically, there can be only one IIS binding for HTTP, otherwise it bombs.
Also, here's info on implementing a ServiceHostFactory. That WILL work if it's possible that your WCF service only be accessible through 1 address (unfortunately for us, this was not possible).
When you need to test a specific machine, you could "bypass" the load balancing and ensure the correct host-header is sent to keeep WCF happy by editing the "hosts" file on the machine you're testing from so, for example:
10.0.0.11 through 10.0.0.16 are the six hosts that are in the cluster "cluster.mycompany.local", with a load balanced IP address of 10.0.0.10. When testing you could add a line to the machines hosts file that says "10.0.0.13 cluster.mycompany.local" to be able to hit the third machine in the cluster directly.