WCF client connection problem - wcf

I am consuming a web service in .NET application with WCF client.
The Endpoint's address of the service is over port 4338, and it is over HTTPS, secured with WS-Security standard.
So the address is something like :
https://[servername]:4338/[servicename]/
I was not able to communicate to the service with just running the application.
it gave me the following error :
Could not connect to [servername]:4338
TCP error code 10060: A connection
attempt failed because the connected
party did not properly respond after a
period of time, or established
connection failed because connected
host has failed to respond
[servername]:4338
But when I run Fiddler to investigate the http communication, the application start to work, and I will be able to communicate to the service.
As well, I want to add that I have a different service on the same web server that hosts the first service, and that second service's address is hosted on port 8080, and I am able to communicate with it with WCF client (without running Fiddler).
So, I googled and I found that it might be related to the proxy settings. Do you know what the problem is, and how can I solve it?
Thanks

Fiddler acts as an Internet proxy server. In general, any symptom of the form: "it works when I use Fiddler" means "it works when there's a (different) proxy server".
Check your proxy server settings. In particular, as empi suggested, try it in a browser. If it works there, it could be due to the fact that the browser has the proxy settings configured, and that you do not have them configured for WCF.

If you have proxy set in Internet Explorer, it may cause the problem. What happens when you open https://[servername]:4338/[servicename]/ in Internet Explorer?

Thanks empi for the reply.
I found the answer.
Actually in our company we have a proxy settings through "Automatic configuration script"
and depends on the web sites we are targeting internally, the script will point us to the proper proxy.
So, from the script I got the proper proxy address.
and in my .NET application I added this code
WebRequest.DefaultWebProxy = new WebProxy("http://xx.xx.xx.xx:8080");
and that fixed the problem
So WCF client was not detecting the setting of the automatic script.
and this is the reason it worked when I run Fiddler, because Fiddler listen to the http communication, and send it again through the settings.

Related

Unable to connect to different HTTP port on server

I am new to WCF Services, I have developed a WCF service library hosted within a Windows Service. The service end point is http://servername:9980/ApplicationServer/ServiceName.
When I run this service on local system and try to connect using my application, everything works fine.
The problem starts when I deploy this service on server system, none of my application can use this service, even the browser says page not found. Though, if I remove the specific port number from the endpoint all works well.
I have already opened all the ports in Windows Firewall including Client and Server. Also proper exceptions are made to the router firewall, still I am not able to host the service on specific port. I have even tried by switching firewall off on both client and server system.
Thank you in advance.
-Ashish Sharma
When you remove the specific port number it defaults to port 80.
So there is something that is blocking the other port.
Try using the Telnet command to check if the port is open (you may have to enable telnet)
As you have allready checked the firewalls, it could be urlscan or a network device.

WCF net.tcp port sharing on IIS 7 / WAS

I am new to wcf programming and I have been working on a small project and am having problems with net.tcp port sharing. I am using .net framework 4 and iis 7.
I have two wcf services (serviceA and serviceB) being hosted on our server in separate websites on IIS. Each website has its own .svc file, web.config and bin. If I have each of these services on different net.tcp ports then there is no problem and I can add the service reference to each of them from visual studio on my pc. The services run fine.
However we will soon be starting a project with many more services and we wish to avoid having to open a tcp port for each one so I have been trying to get serviceA and serviceB to port share. If I set them up on the same port then I can access the first service I add but when when I try to access the second service added to the same port i get the following error:
Metadata contains a reference that cannot be resolved:
'net.tcp://myserver/serviceB.svc'. The socket connection was aborted. This
could be caused by an error processing your message or a receive
timeout being exceeded by the remote host, or an underlying network
resource issue. Local socket timeout was **. An
existing connection was forcibly closed by the remote host If the
service is defined in the current solution, try building the solution
and adding the service reference again.
I can not work out what is going wrong. I have done a lot of searching on the subject and I have made sure that the following services are running:
Windows Process Activation Service
Net.Tcp Port Sharing Service
Net.Tcp Listener Adaptor
In addition net.tcp is an enabled protocol in the website's advanced settings. My current best guess is that it might have something to do with how I have defined the net.tcp bindings in IIS manager. Both of my websites running their independant services have the following: 808:*(net.tcp) is this correct?
As i said earlier the tcp services run fine if set up on two separate ports so the issue must be related to the port sharing. Very grateful for any advice
OK I found the problem I was having. In IIS I had set up each service as its own website and was trying to get those different websites to port share. This would not work.
However I found that if I set up just one website and then added my services as seaprate applications under the website then the port sharing will work. This approach lets me have multiple services as applications under one website.
Check this.
This can be helpful to you.
http://himanshudesai.wordpress.com/2011/06/03/multiple-wcf-services-on-a-single-port/
Hope this helps.

Expose WCF service cannot retrieve object through windows firewall

I built a WCF service that exposes itself for a web application, it accepts an object and prints the data on the clients machine. Works fine on my development machine, and the service is up and running on any machine i install it on. I can enter ip address in clients machine web browser and see it is running. Problem is when i send the object to the clients machine it returns an error, that sounds like it could be because of the clients windows firewall. Where would i start at to deal with this problem ?
There was no endpoint listening at http://192.168.1.168:2202/PrintLabel that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
And the InnerException: Unable to connect to the remote server
With further research and discussion with people in the community i came to understand that as was mentioned at the bottom of this article.
"Self-hosted HTTP addressing for WCF is not integrated into the Windows firewall. An exception must be added to the firewall configuration to allow inbound connections using a particular URL.
But this SO question led me to a page with how to control Windows Firewall through code to enable my WCF self hosted service to accept an object.
This the link below.
http://www.shafqatahmed.com/2008/01/controlling-win.html
That link was towards the direction i needed, but based on user comments it seemed to have some bugs. A colleague found this link and i believe this technique will be the best solution for this scenario.

WCF No connection could be made because the target machine actively refused

I just implemented a simple WCF server using net.tcp.
First, I use 127.0.0.1 as server address and client able to connect the WCF service.
Everything is Ok. But when I try to use the internal IP 192.x.x.x I get an error:
No connection could be made because the target machine actively refused it
Any idea what may cause this?
Best Wishes
PS: I disabled auth on WCF. Even turn off firewall all...Not worked...
Well, I got this error message when I forgot to install necessary components. see link Configuring WCF Service with netTcpBinding
(summary of steps)...
Go to "Programs and Features" (usually in control panel)
Go to "Turn Windows features on or off"
(assuming VS2012) Go to ".NET Framework 4.5 Advanced Services"->"WCF Services"
Enable "TCP Activation"
Do you use 192.x.x.x on both client and server? I remember seeing an issue a while back in which for TCP the client and server names needed to match (something related to one of the message properties), so if you define the service with "localhost" and the client with <machine name> there would be a problem.
The physical client and service addresses can differ if the logical address is the same and the server endpoint has been configured with a "listenUri" and the client behaviour is configured to use a <clientVia> address. In our case, this is required in for our proxy/firewall configuration. In effect, the client calls the firewall and the server listens locally for a forwarded request.
For an IIS-hosted service, check the following:
The Application pool is started and looks correct (.NET 4 etc/security)
For NET.TCP, ensure the "Allowed Protocols" in the Web Site/Application (via advanced settings) are configured correctly: e.g. http,net.tcp
For a non-IIS hosted service, you may need to configure a Namespace Reservation (URLACL). http://msdn.microsoft.com/en-us/library/ms733768.aspx
Also ensure the appropriate Windows Services are running, e.g. Net.Tcp listener.
If you're running from within visual studio in debug mode, ensure your solution port numbers match. I have seen several instances where I had Properties>Web>Auto-Assign Port - selected and the endpoint from, in this case my silverlight app, didn't match the port auto generated. I usually change the port to 1318 in my .web.
Today I found out that this error will also show up if you have a circular reference in your WCF Service Class. I had a method that was calling itself infinitely and causing this error message, which led me here.
So if none of the other suggestions work, check your code to see if you're doing any recursive functionality and make sure you're not caught in an infinite loop.
I resolved this issue by either commenting this setting in the application configuration:
<defaultProxy>
<proxy bypassonlocal="False" usesystemdefault="True" proxyaddress="http://127.0.0.1:8888" />
</defaultProxy>
or, running Fiddler which would take the WCF call at 127.0.0.1 and then forward it.
The complete scenario is, I encountered the same issue with WCF calls made to one of the service. The calls would fail with top level error message "There was no endpoint listening at http://LinuxIP:Port/...", and service trace viewer log showing inner exception to be "No connection could be made because the target machine actively refused it 127.0.0.1:8888
".
The reason was that I had put this configuration in my application to capture the outgoing traffic in Fiddler. If this configuration is in place then the Fiddler needs to be running for the WCF calls to make it to the intended destination. If Fiddler is not running this error will be there. Comment this setting in such scenarios, and the WCF call will go to the destination.

NetTcpBinding wcf service with remote access AND transport security?

I am struggling with a WCF issue relating to name resolution-or something like so. When I consume a wcf service (netTcpBinding) on an application server via a web application on the web server it doesn't work. Ok it doesn't work in most situations. If you access the web application from the web server itself using localhost or 127.0.0.1 it works. However accessing it through the web server via another client machine or accessing the web application locally on the web server using the host name or IP address does not work. In both instances you get a socket connection aborted error.
What makes it more interesting is that switching all the security to 'none' as opposed to 'transport' resolves the issue.
My question is, is it possible to access wcf services using your web server and still use transport security? Or is this a bug/designed behaviour?
Many thanks for any insight,
Steve
The default NetTcpBinding security option is Kerberos / Windows Authentication. If your client and service are not on the same domain it will not work. You may need to look at certificate based authentication.
If you your service is running under a domain account, try changing it to LocalService or NetworkService to see if it resolves the issue.
Transport security typically only works point-to-point - when the client connects directly to the server.
If you have clients that come in from the internet, you have no control over how many intermediary hops they go through - so Transport security, even if you get it to work, will most likely not work at all, e.g. your message might be protected from the client to the first hop, and from the last hop to your server - but not in between hops.
For an internet scenario, typically, Transport security is not a valid option - use Message Security for those cases.
I'm not 100% sure why the connection wouldn't work at all - but in any case, if you're not behind a corporate firewall, I wouldn't be using netTcp with transport security in such a scenario.
Could you please add your server side config (anything inside <system.serviceModel>) to your question to see how you set up Transport security?