I host a wcf service with tcp binding on a windows service. It works correctly on our LAN, however when the users wanna connect to the service from internet, they get the following error:
The server has rejected the client credentials
this is my service config:
service behaviorConfiguration="WcfServiceLibrary1.Service1Behavior"
name="LivePushServiceLib.SubscribeService">
<endpoint address="" binding="netTcpBinding" bindingConfiguration=""
contract="WCF_Interface.ISubscribeService">
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" bindingConfiguration=""
contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://188.x.x.x:8524/SubscribeService.svc" />
</baseAddresses>
</host>
</service>
</services>
You are using default security with NetTcpBinding which is Windows. In your LAN I assume everyone is using Windows credentials quite happily. However, people from the Internet are unlikely to have credentials on your domain
If you want to use this across the Internet look at setting security to something like TransportWithMessageCredential and then use a credential type of username. This allows Internet based clients to authenticate with a user name which you can validate in a custom UsernamePasswordValidator
Related
I have a WCF Windows Service using a basicHttpBinding endpoint, listening on TCP/12345. I have added a udpDiscoveryEndpoint, and can discover the service locally no problems.
<services>
<service name="BigBadCompany.Delivery.DeliveryService" behaviorConfiguration="DeliveryServiceBehavior">
<host>
<baseAddresses>
<add baseAddress="http://*:12345/Delivery/service"/>
</baseAddresses>
</host>
<endpoint address="" binding="basicHttpBinding" contract="BigBadCompany.Delivery.IDelivery" bindingConfiguration="DeliveryServiceBinding"/>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<endpoint kind="udpDiscoveryEndpoint" />
</service>
</services>
To get it to discover across the network on the local subnet, I need to add a firewall rule to permit the traffic. I can only get this working if I permit ALL UDP traffic. If I restrict the rule to only my service, discovery breaks. I also tried restricting it to one port (which for no good reason I guessed might be the same as the TCP port, I can't find any info on what port the UDP broadcasts use) it also stops.
What would be an appropriate firewall rule to permit just the udpDiscoveryEndpoint traffic without opening all UDP ports inbound?
You should just add exception for port 3702. See more here:
https://msdn.microsoft.com/en-us/library/dd352335.aspx
--EDIT--
The URL has expired; here's a backup:
https://web.archive.org/web/20161111140652/https://msdn.microsoft.com/en-us/library/dd352335.aspx
I have following settings
<services>
<service name="HelloWCFServiceClass.clsHelloWCFServiceClass" >
<host>
<baseAddresses>
<add baseAddress="http://localhost:6789/IISHosting/HelloWorldISSHostedService.svc"/>
</baseAddresses>
</host>
<endpoint address="" binding="wsHttpBinding" contract="HelloWCFServiceContract.IHelloWCFServiceContract" />
<endpoint address="/test" binding="basicHttpBinding"
contract="HelloWCFServiceContract.IHelloWCFServiceContract"/>
</service>
</services>
I can open
http://{ServerName}:6789/HelloWorldISSHostedService.svc
But I'm getting an error
The webpage cannot be found
while trying to access through end point like this
http://{ServerName}:6789/HelloWorldISSHostedService.svc/test
You're using BasicHttpBinding - that's a SOAP binding, you cannot just use your browser to browse to that endpoint.
You'll need to use something like SoapUI to test your SOAP services.
If you want a service that's testable in your browser (by just navigating to an URL), you need to use the webHttpBinding instead (REST service)
If your service is part of an MVC project, you need to configure your routing table
http://www.asp.net/mvc/tutorials/older-versions/controllers-and-routing/asp-net-mvc-routing-overview-cs
i have one service with two endpoint. one endpoint is for wsdual binding and another for tcp binding. when i start my wcf service with wcfsvchost.exe like
WcfSvcHost.exe /service:"C:
\Users\TRIDIP\Documents\Visual Studio 2010\Projects\BBAChatService\BBAChatService\bin
\BBAChatService.dll" /config:"C:\Users\TRIDIP\documents\visual studio 2010\Projects
\BBAChatService\BBAChatService\Web.config"
then my service was started.
the problem is when i try to create proxy at client side after starting service with WcfSvcHost.exe then all endpoints related info gets added in client's config file but i want that when i will create proxy with tcp mex endpoint or mexHttpBinding from client side then only valid endpoint should be added in client's config file not all endpoints. so guide me what to change in my config file at service end. here is my config file at service end....please have look.
<service name="BBAChatService.ChatService" behaviorConfiguration="BBAChatService.ChatServiceBehavior" >
<host>
<baseAddresses>
<add baseAddress ="http://localhost:8732/ChatService.svc/"/>
<add baseAddress ="net.tcp://localhost:7998/ChatService/"/>
</baseAddresses>
</host>
<endpoint name="dual_bind"
address="dual"
binding="wsDualHttpBinding"
bindingConfiguration="WSDualHttpBinding_IChatService"
contract="BBAChatService.IChatService">
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<endpoint name="tcp_bind"
address="tcp"
binding="netTcpBinding"
bindingConfiguration="tcpBinding"
contract="BBAChatService.IChatService">
</endpoint>
<endpoint address="net.tcp://localhost:7996/ChatService/mex"
binding="mexTcpBinding"
contract="IMetadataExchange"/>
</service>
guide me what to change in my config. thanks
If you expose multiple endpoints in the same service you have multiple ports in WSDL and svcutil (Add service reference) will import configuration for every offered port. WSDL always exposes all defined endpoints for the service and svcutil works with all of them.
You must either manually modify your client config to remove HTTP endpoint configuration on the client side or you must split your service to two different implementations each with single endpoint.
I have wcf service application which i host on IIS and runs very well.
now i need to transfer the services to windows azure where i host them into web role.
i am not sure but i have heard that there are different bindings for windows azure
example:
azure has different bindings equivalent to basicHttp,WebHttp.
can i know what exactly i need to do to achieve the same.
here is my current service configuration
<service behaviorConfiguration="mybehavior" name="***">
<endpoint address="mobile" behaviorConfiguration="web" binding="webHttpBinding"
contract="*" />
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
<host>
<baseAddresses>
<add baseAddress="http://127.0.0.1:81/Mobile.svc" />
</baseAddresses>
</host>
</service>
what change does this need
Thanks
You can achieve your goal with web.config transofmrations (and here). The issue with Azure is that there is no localhost, nor 127.0.0.1 there (well, there might be, but nothing is being routed to that local loop address). All you have to do is to change the baseAddress.
In order to change the baseAddress you may do any of the following:
use web.config transofmrations and in your web.Release.config put your azure domain name in the base address (http://yourapp.cloudapp.net/, or your custom domain if you are using one)
programatically bind the wcf service using the DIP of the role instance (check this and that questions for more information)
In my current system I have a router service and over a dozen (about half use msmq, rest use tcp) WCF services hosted via IIS. I've been tasked with moving all services except for the router to a windows service. This has been accomplished using the same configurations that were present using the IIS web.config file. Here is a snippet of the previous configs (public queue for service: myservices/wcfservice):
<!--Router Service web.config-->
<client>
<endpoint address="net.msmq://localhost/MyServices/WCFService.svc" binding="netMsmqBinding" contract="*" name="IWCFService_Msmq" />
</client>
<!--Services web.config-->
<service behaviorConfiguration="SomeServiceBehavior" name="WCFService">
<endpoint binding="netMsmqBinding" name="IWCFService_Msmq"
contract="IWCFService" />
<host>
<baseAddresses>
<add baseAddress="net.msmq://localhost/MyServices/WCFService" />
</baseAddresses>
</host>
</service>
I'm confused as to why this works, as the service has a net.tcp binding and the router has msmq, and when I asked around, I was told it was "magic." I tried to do the same thing with my setup (router to windows service) using a similar configuration but get an error message:
<!--Router Service web.config-->
<client>
<endpoint address="net.msmq://localhost/MyServices/WCFService" binding="netMsmqBinding" contract="*" name="IWCFService_Msmq" />
</client>
<!--One "other" Services hosted in Windows Service app.config-->
<service behaviorConfiguration="SomeServiceBehavior" name="WCFService">
<endpoint binding="netMsmqBinding" name="IWCFService_Msmq"
contract="IWCFService" />
<host>
<baseAddresses>
<add baseAddress="net.tcp://localhost/MyServices/WCFService" />
</baseAddresses>
</host>
</service>
This has worked fine with all my services that are just using tcp, but when I try this with msmq and attempt to start the windows service, I get the following error in the Event Viewer:
Service cannot be started. System.InvalidOperationException: Could not find a base address that matches scheme net.msmq for the endpoint with binding NetMsmqBinding. Registered base address schemes are [net.tcp].
I'm new to msmq, so any help with be appreciated. Thanks!
Updated:
I've updated the base address in the service app.config to match the address that is in the router web.config. I tried this previously and it didn't work. I later found out it was because I didn't make the msmq itself a "Transactional Queue" (which was needed for our setup). Once this was done, everything worked out!
<!--One "other" Services hosted in Windows Service app.config-->
<service behaviorConfiguration="SomeServiceBehavior" name="WCFService">
<endpoint binding="netMsmqBinding" name="IWCFService_Msmq"
contract="IWCFService" />
<host>
<baseAddresses>
<add baseAddress="net.msmq://localhost/MyServices/WCFService" />
</baseAddresses>
</host>
</service>
Judging by the error message of the InvalidOperationException, it looks like "net.tcp" is the only enabled protocol in the Advanced Settings of your application hosted in IIS.
Is "net.msmq" an enabled protocol?
Open IIS Manager
Select your application
Click Advanced Settings in the Actions list
Add "net.msmq" to Behavior - Enabled Protocols
Why not give all of your MSMQ services their own config and all the tcp services their own? The issue is obviously it looks for a base address when you choose the binding to be msmq, and it can't find an msmq binding because all you've provided is a tcp base address binding. You can also of course add another base address that uses net.msmq inside the baseaddresses node.