I have added a WCF service to an existing ASP.Net web project on our test website (only accessible on company network). I can access the service by typing the URL in a browser, but if I add a service reference to a web project, I get a runtime error that 'the remote name could not be resolved'.
In my web.config, I have the bypassProxyOnLocal binding attribute set to 'true' (we use a proxy on the company network), but it seems as though our test domain is not recognized as a local domain (or recognized at all, really). Again, this is only when I add it as a service reference. Obviously the domain is valid, because I can add it as a service reference, and can event paste the URL into a browser, and it works. I just get a runtime error after I add it as a service reference. Anyone have any advice?
According to MSDN WSHttpBindingBase.BypassProxyOnLocal Property, "An Internet resource is local if it has a local address. A local address is one that is on same computer, the local LAN or intranet and is identified, syntactically, by the lack of a period (.) as in the URIs "http://webserver/" and "http://localhost/".
If your test domain is "http://test.mycompany.com/", then it won't be viewed as a local address. Perhaps using "http://test/" in this case would work?
Finally got this resolved. The request was somehow being blocked by the company network.
Related
I hosted silverlight application iis and that can be accessed in multiple ways..
When I access using Qualified name of server IP address IT WORKS fine:
http://[QUALIFIEDNAME]/WebUAT/App.aspx
When I access using IP address like below:
http://[IPADDRESS]/WebUAT/App.aspx
It gives error below:
[Async_ExceptionOccurred]
Arguments:
Debugging resource strings are unavailable. Often the key and arguments provide sufficient information to diagnose the problem. See http://go.microsoft.com/fwlink/?linkid=106663&Version=5.1.20913.00&File=System.dll&Key=Async_ExceptionOccurred StackTrace : at System.ComponentModel.AsyncCompletedEventArgs.RaiseExceptionIfNecessary()
Follow these,
(i) Try to use fiddler and find the request which is making crossdomainpolicy xml request.
(ii)Check whether it is failing, if so add the crossdomain and clientaccesspolicy to the root folder of your Application
(iii)Check whether the service which is invoked by your application is blocked by firewall.
I'm trying to call Apache ActiveMQ NMS Version 1.6.0 from my code ('IntPub') that must run in a sandbox in a .NET 4.0 environment for security reasons. The program that creates the sandbox makes my code 'partially trusted' and therefore 'security-transparent' which seems to mean that it can't create a ConnectionFactory (see error log below) because NMS seems to be 'security-critical'. Here's the code that's causing this error:
connecturi = new Uri("tcp://my.server.com:61616");
var connectionFactory = new ConnectionFactory(connecturi);
I also tried this instead with similar results:
connecturi = new Uri("activemq:tcp://my.server.com:61616");
var connectionFactory = NMSConnectionFactory.CreateConnectionFactory(connecturi);
Since I can't change the security level of my assembly (the sandbox prevents it) is there a way to make NMS run as 'safe-critical' so it can be called by 'security-transparent' code? Would I have to recompile it to do so, or does NMS do some operation that would never be considered 'safe-critical?
I appreciate any help or suggestions...
Assembly 'IntPub, Version=1.0.0.0, Culture=neutral, PublicKeyToken=6fa620743b8dc60a' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted.Detail:
<OrganizationServiceFault xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.microsoft.com/xrm/2011/Contracts">
<ErrorCode>-2147220956</ErrorCode>
<ErrorDetails xmlns:d2p1="http://schemas.datacontract.org/2004/07/System.Collections.Generic" />
<Message>Unexpected exception from plug-in (Execute): Test.Client: System.MethodAccessException: Attempt by security transparent method 'Test.Client.Execute(System.IServiceProvider)' to access security critical method 'Apache.NMS.ActiveMQ.ConnectionFactory..ctor(System.Uri)' failed.
From the error message attributes, it looks like you're running a Dynamics CRM 2011 plugin in sandbox mode, which has some very specific rules about what you can and can't do. In particular, you're only allowed to make network connections via HTTP and HTTPS, so attempting raw TCP sockets will definitely fail.
Take a look at this MSDN page on Plug-in Isolation, Trusts, and Statistics. It looks like there may be a way to relax the network restrictions by modifying a system registry entry to include tcp, etc, in the regex value. Below is an excerpt from the page. Note: I have not done this myself, so can't say for sure it'll work.
Sandboxed plug-ins and custom workflow activities can access the
network through the HTTP and HTTPS protocols. This capability provides
support for accessing popular web resources like social sites, news
feeds, web services, and more. The following web access restrictions
apply to this sandbox capability.
Only the HTTP and HTTPS protocols are allowed.
Access to localhost (loopback) is not permitted.
IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or saving those credentials.
These default web access restrictions are defined in a registry key on
the server that is running the Microsoft.Crm.Sandbox.HostService.exe
process. The value of the registry key can be changed by the System
Administrator according to business and security needs. The registry
key path on the server is:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSCRM\SandboxWorkerOutboundUriPattern
The key value is a regular expression string that defines the web access restrictions.
The default key value is:
"^http[s]?://(?!((localhost[:/])|([.])|([0-9]+[:/])|(0x[0-9a-f]+[:/])|(((([0-9]+)|(0x[0-9A-F]+)).){3}(([0-9]+)|(0x[0-9A-F]+))[:/]))).+";*
By changing this registry key value, you can change the web access for sandboxed plug-ins.
I have a website running 2 WCF services. Working awesome until I needed to move them from the "Default Web Site" in IIS7 to a dedicated website with a new IP address. Now I get the error message:
"...could not be loaded because more than one endpoint configuration for that contract was found. Please indicate the preferred endpoint configuration section by name"
ALL I did was change:
net.tcp://localhost/...
TO:
net.tcp://10.1.2.204/...
I have changed every spot in my configs which once used localhost to specified IP address. The new website is setup exactly the same with the proper net.tcp bindings and it is bound to the single IP address of 10.1.2.204.
I cannot seem to figure out what is going on. I am looking at the svc trace logs and all I get is a bunch of the same.
My new website is called "core" whereas previously I was hosting on "Default Web Site". I added a new FQDN/public IP to route to this new site (backwards to the mentioned private IP address). Now my services are busted.
I know baseAddress is ignored when using IIS/WAS hosting, so I am not sure what else to check. I changed absolutely nothing else in the configs.
What else can I provide to help troubleshoot this?
--
I am also seeing this in the service trace viewer:
Activity Name Receive bytes on connection 'Listen at 'net.tcp://hole.myserver.com/...'.'.
...but the WCF services are actually hosted on that new "core" website which translates to my new private IP address. I have change FQDN names for the example. To make it clear:
I used to have 1 FQDN on this server using Default Web Site.
I now added a 2nd FQDN to this server, new website, second IP. It seems to me that the listening should be directed towards: net.tcp://core.myserver.com instead of net.tcp://hole.myserver.com. Let's pretend the server name is hole.myserver.com and my new website is core.myserver.com on the same server.
Hopefully this is not confusing and you can make sense of it.
I'm using the default net.tcp port of 808 and binding of 808:*
--
This is the first exception thrown that I can tell:
The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by the remote host, or an underlying network resource issue. Local socket timeout was '00:00:10'.
--
None of these combos will activate the service and all produce the same exception:
net.tcp://localhost
net.tcp://localhost:808
net.tcp://10.1.2.204
net.tcp://10.1.2.204:808
even using a different port which I have done before without issue:
net.tcp://localhost:75
net.tcp://10.1.2.204:75
none of these work. :(
Thanks so much!
Its rights issue. Right click on your new website --> then Edit Permissions. On properties window click security tab and Edit button. Then Add IIS_IUSRS and give Read & Execute, List folder contents, Read permissions. Now iisreset and start to host and connect net tcp on new website.
I created my WCF project and it works fine when I just run it from the debugger.
But when I publish it to IIS and point a browser to the svc the path used has localhost in it. Like this:
htpp://localhost/MyService/MyServices.svc
but the path that the webpage says to go to for the WSDL uses my computer name, like this:
http://MyComputerName.MyDomain.net/MyService/MyService.svc?wsdl
When I click on the link it times out. (Also, trying to view the services like that in WCFTestClient times out.)
However, if I go the wsdl using localhost then it works right away:
http://lcoalhost/MyService/MyService.svc?wsdl
Any link that uses my computer name times out ("takes too long to respond").
Any idea on how to make my WCF service work with the computer name?
(NOTE: I am using Visual Studio Ultimate and IIS 7)
Try adding MyComputerName.MyDomain.net to your proxy bypass list in Internet Explorer proxy configuration setting. Check that the IIS website has this FQDN in it's hostname in the site bindings.
Also what happens if you only use MyComputerName without the domain ?
I have made a small log service that i want to publish to a subdomain on my webhotel. I make the wcf service and test it locally - no problem. I then go to the [Build] menu and choose [Publish], type in my FTP location and publishes it to the location. No problems.
The problem arise when i need to use it, i try to navigate to the .svc file but gets this error:
This collection already contains an address with scheme http. There can be at most one address per scheme in this collection.
Parameter name: item
What am I doing wrong?
That's because of your IIS configuration. This has already been discussed here: WCF service startup error "This collection already contains an address with scheme http"
Solved! The problem is that i cannot access the IIS configuration, since its on a hosted environment. The solution is described on my blog, since i had so much trouble getting this to work.
http://www.vikingworks.dk/post/WCF-Service-on-hosted-environment.aspx