IIS7 and WCF confusion - wcf

Assume I’m running a website ( on IIS7 ) listening for requests on port 8000. Now this website contains only static content ( ie html files ). So when I browse to URL http://localhost:8000, browser displays website’s default html page. But if I’m also running a self-hosting WCF service listening for requests on URL http://localhost: 8000 ( this WCF service isn’t hosted by IIS ), then browser instead displays data about WCF service:
a) Don’t know much about TCP/IP, but as far as I know only one application at a time can listen on particular IP and port, but here both the website and WCF service are able to listen on the same IP address and port number. How is that possible?
b) When I enter a local url ( say http://localhost:8000 ) into browser, doesn’t browser request a page via IIS? If so, then why does it display details of a WCF service and not a website’s default page? Afterall, this WCF service isn’t even hosted by IIS.
Thank you

It is true that normally, only a single process can listen on a specific socket. However, work was done in Windows to support this specifically for HTTP listeners, specifically with the introduction of HTTP.SYS in IIS 6.0.
Basically, with this it is the kernel that actually listens for the HTTP requests and then the connection is routed to one of multiple listener processes in user-land.
The WCF HTTP listeners for self-hosting rely on HTTP.sys as well, so they can share ports with IIS if needed (or across multiple self-hosted WCF services).

Related

wcf hosted in a windows service and httpbindings

I'm working on a wcf hosted inside a windows service. It works like a charm but now I need to reserve a specific hostname for this wcf just as IIS does.
To be more clear, my hosted wcf runs on a windows server machine which response to multiple dns name, but I need to let the wcf reachable only from one of these dns. If I was using IIS it would be achievable by setting a specific hostname within the http-bindings settings, but unfortunately, I can't manage my wcf like that.
To your knowledge, is there any way to reserve a specific hostname for a hosted wcf outside IIS?
Thanks in advance!
yes, you could do it by register the http endpoint at kernel level(http.sys) using the following commands
cmd: ***netsh http add urlacl url=http://fqdn:port/urlpath user=serviceaccount***
Then only on that specific dns/hostname, your http service will listen.

Convert an existing http relay server currently deployed as a windows service to handle https requests

I have a custom coded relay server application in VB.NET that is currently deployed as a windows service.
It accepts HTTP web requests from a client using a Tcp Listener, parses the requests and forwards it to another remotely hosted service via socket communication. The result from the service is then sent back by my relay server to the original client as a http response.
This functionality works perfectly as of now, but I would now like to upgrade my relay server to accept HTTPS requests instead of http.
I am not sure how to move ahead with this scenario.
I researched and found the following 2 options but I am not sure which is better and feasible?
One, I explicitly upgrade my current code to handle https handshake, certificate validation etc (if so, how?) or second option, can my current application be hosted on IIS to handle this scenario (if so, how)?
Thanks in advance.
A possible solution is to use IIS with Application Request Routing (ARR) as a reverse proxy in front of your service (its not possible to "Host" your service in IIS as such).
You could setup IIS/ARR with a certificate and suitable HTTPS binding, then configure ARR to proxy the HTTPS requests onto your service listening on HTTP. No changes required to your service's code.
Take a look at the following example: https://learn.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing
In your case your service listening on port 80 is no different to a website running in IIS. The above example is more complicated than you need (as its reverse proxy'ing 2 websites based on a prefix of the URL), but it gives you a starting point.
A further possible step to force all traffic to use HTTPS would be to change the port your service uses (eg to 8080 instead of 80), then setup IIS to handle port 80 to perform a redirect to 443, and then use 443 and ARR to proxy your traffic to your service on 8080.2

Calling a net.tcp wcf service from Silverlight - in an external facing web site?

I have an external (public) website developed in Silverlight. The Silverlight app currently calls http based wcf services hosted in IIS.
I am now having to call a wcf service with net.tcp binding hosted in a different app server. I have the net.tcp wcf service hosted in a windows service on port range 4502-4530 and with an interface to expose clientaccesspolicy.xml file as part of the service. I am able to invoke this service from my Silverlight app in the web server. I want the SL app to make direct call to net.tcp, rather than routing the call to it from another http based service.
Question is will this work without any issues when exposed over internet.
Client browser --> IIS webserver with Silverlight website --> App Server with wcf service on net.tcp.
I am assuming in this case, from XAP SL would try to make direct call to the app server service using net.tcp ?
The communication between the web server and app server could be opened up for ports 4502-4535. But I am wondering what about the client. Does this setup require the ports to be available even in the clients machine (with browser)?
Any insight is much helpful.
Thanks.
Take a look at http://support.microsoft.com/kb/2425652; there is sample code included as well! If you setup clientaccesspolicy.xml correctly; it should work as long as clients can access your TCP server.
If your clients are behind some firewall which is blocking your server's ports; they may face connectivity issues!

how to configure fiddler to monitor wcf calls to a wcf services hosted in IISExpress

situation:
my website (which contains the WCF service) is hosted in IISExpres port number 58366 (http://localhost:58366/myapp)
I have a winforms client which connects to the wcf service using BasicHttpBinding
I want to debug my wcf calls using fiddler, but can't seem find how to redirect wcf calls through fiddler.
IISExpress idiotically binds to the hostname "localhost", not just to the port, so conventional workarounds as with adding a dot to the hostname don't work. Solution seems to be here. Note the last part of the selected answer: Use "localhost.fiddler" and Fiddler will emit "localhost" when proxying.
Rick Strahl has a good article on this here: http://www.west-wind.com/weblog/posts/2009/Jan/14/Monitoring-HTTP-Output-with-Fiddler-in-NET-HTTP-Clients-and-WCF-Proxies
Pretty sure a winforms app will usually pick up the default system proxy as set by fiddler. Are you operating on localhost? Try connecting to your machine name.

Same Origin Policy and Web Services

If I have a WCF SOAP (C#) based web service running in my local IIS - and I make an ASP.net website, again running in my local IIS - will the javascript making HTTP request calls from my webpage be successful? Or do the same origin policy rules come into play here?
It depends on how your sites are configured in IIS. Check out this wikipedia article on same origin policy.
Let's say your WCF SOAP service is running on http://localhost/service/GetStuff.svc and your ASP.NET site is running on http://localhost/mysite/Default.aspx. According to the table in the same origin article, the call should succeed, since your server host is the same in both cases (localhost) and differ only on the directory being referenced.
But, if your WCF SOAP service is running on http://localhost:8080/service/GetStuff.svc and your ASP.NET site is running on http://localhost/mysite/Default.aspx (default port of 80), then the call will fail since the server host differs in the port being accessed.
The three things to consider are host, protocol (http or https) and port. According to the article, not all browsers enforce port.
I hope this helps. Good luck!
BTW, does your application work?