I've got a WCF service on a server on one side of a firewall. I need to access the service from many workstations on the other side of the firewall. The network guys insist that all holes through the firewall are one-to-one so at the mo, I'll have to set up every workstation one by one. There could be loads and it'll get tedious and be prone to errors.
Is it possible to set up a WCF server on this side of the firewall that can in some clever way just act as a proxy to the 'real' WCF service on the other side of the firewall? If so, could you point me to some reference material?
There is a new concept of a WCF Relay service being developed for the Windows Azure "cloud" computing space. That would allow you to create your scenario fairly easily - just host some bits of your service out in the cloud.
See these links for more information:
WCF services hosted on Windows Azure
Software in the cloud: the Relay service
.NET ServiceBus: Hands-On with Relays
or search Google for "WCF Relay Service". There are also a number of new bindings specifically for these WCF scenarios.
Hope this helps.
Marc
UPDATE:
WCF v4 - to be released with .NET 4.0 later this year (2009) will include a RoutingService class which can be used in scenarios like this.
See more info about the WCF4 routing service here:
Content based routing in WCF 4
Routing messages in WCF 4.0
A developer's introduction to WCF .NET 4 Beta 1
I have a few suggestions, maybe one would work in your case:
Place the WCF service outside the firewall. If the WCF service needs to talk to the database, open the database port for the IP address of the machine running the WCF service.
Program or use code generation to create a WCF service that is simply a pass through layer
There may be some functionality in your firewall that allows you to publish an end point
Related
We have a client server application.
My application need to be changed to work via WCF service in order to receive/send data to the database (security demands).
I also need another service which be hosted at the client side and will connect the client to the WCF service on the server side connect with Https.
The WCF service on the server is in PerSession mode.
Most of my work with the server is insert / select queries.
So my design is:
Client ->windows service ->WCF server service(iis7) ->database.
This windows service act as client and as server at the same time.
Act as server: for the Client application.
Act as client for the WCF service which located at the server.
The application needs to support XP and forward operating systems with .net 4.
The windows service will need to connect the WCF service on demand only (when the client application is launched).
I need to decide in which way to implement the client windows service.
I prefer to implement it with WCF hosted service with TCP/IP, but it feels like over kill to do so.
Should I use other IPC implementations? And if so which one?
So, what is the best way to implement this Windows service?
Thanks
I do not fully understand the point why a windows service should be used on the client side in order to communicate with the WCF service. But the question was not about architectural patterns...
So, for inter-process communication I would use NetNamedPipeBinding.
You can find more information on how to decide which binding to use here.
Using a WCF service for inter-process communication does not feel overkill to me at all. Actually WCF services are quite lightweight except the host initialization process, which should not happen frequently in case of a windows service I guess. WCF provides reliability and extensibility in exchange for this tiny inconvenience.
[EDITED]
I just reread you post, and I would like to clarify some details about the hosting. You can host a WCF service in a Windows Service, which is explained here, but not the other way around. Sorry, if I misunderstood your question. And yes, TCP/IP for inter-process communication is definitely an overkill, but NetNamedPipeBinding uses shared memory according to this article, so it should be the fastest way.
i am new in wcf and started learning. i got one confusion like that i create a small wcf service and just do not host it in IIS,console apps or win service but from another apps i can add the service reference of svc file and found it is working. if wcf can work without hosting in any place like "IIS,console apps or win service " then why people would alway host wcf service in IIS,console apps or win service. can anyone tell me the reason.
people use IIS and windows services in general because they are simpler to setup and run more consistently. they can also be hosted more easily on servers where the services can be configured to start automatically, and as usually wcf is used as a server communication method it is usually this that you want to do.
hosting in console applications is generally easier to setup for simple examples for testing purposes, when you want to test your services locally.
Whilst hosting in applications as possible it's a less common scenario to use wcf to communicate between 2 applications on the same machine.
EDIT:
Your original question asked why people always talk about IIS, services etc. The point I was making was that usually wcf is used for web services, and is usually run on a server other than the local machine. Even though it can be used for inter process communication on the same machine this is not the most common use case. This is why you see a lot of examples using IIS and not too many hosting it in a Windows forms app.
One of our teams here has just completed a project using both WCF and
NServiceBus. When I reviewed the project I found that they had chosen to host
the WCF services and NServiceBus in IIS instead of NServiceBus host.
When I queried as to why this was I was told that when they hosted WCF services
(on TCP binding) in the NServiceBus Host that the WCF would regularly 'get
stuck'. What this meant in practice that usually around once a day the WCF
service would start actively refusing connections.
It is my understanding that IIS has custom code inside it to monitor the health
of the WCF endpoints and restart them when they 'get stuck'. I would like to
avoid hosting in IIS though as you don't get all the convention based goodness
of using NServiceBus host.
Can anyone shed any more light on this issue or suggest ways we might be able to
avoid the issue while using the NServicebusHost?
PS I Realise the description of the problem is a little vague I'm also hoping someone might be able to help me improve the question.
I can't understand the need to host everything in one container. Can't you host your WCF endpoints in IIS and your NSB endpoints via the generic host in a windows service. Then they can be managed as separate concerns.
This is more of an architectural and security question than anything else. I'm trying to determine if a suggested architecture is necessary. Let me explain my configuration.
We have a standard DMZ established that essentially has two firewalls. One that's external facing and the other that connects to the internal LAN. The following describes where each application tier is currently running.
Outside the firewall:
Silverlight Application
In the DMZ:
WCF Service (Business Logic & Data Access Layer)
Inside the LAN:
Database
I'm receiving input that the architecture is not correct. Specifically, it has been suggested that because "a web server is easily hacked" that we should place a relay server inside the DMZ that communicates with another WCF service inside the LAN which will then communicate with the database. The external firewall is currently configured to only allow port 443 (https) to the WCF service. The internal firewall is configured to allow SQL connections from the WCF service in the DMZ.
Ignoring the obvious performance implications, I don't see the security benefit either. I'm going to reserve my judgement of this suggestion to avoid polluting the answers with my bias. Any input is appreciated.
Thanks,
Matt
I do think the remarks made are valid, and in such a case I would probably also try and use as many "defense-in-depth" layers I could possibly come up with.
Plus, the amount of work to achieve this might be less than you're afraid of - if you're on .NET 4 (or can move to it).
You could use the new .NET 4 / WCF 4 routing service to do this quite easily. As an added benefit: you could expose a HTTPS endpoint to the outside world, but on the inside, you could use netTcpBinding (which is a lot faster) to handle internal communications.
Check out how easy it is to set up a .NET 4 routing service:
What's new in WCF4 Routing Service - or: "Look ma: Just one service to talk to!"
Creating Routing Service using WCF 4.0, .NET Framework 4.0 and Visual Studio 2010 RC
How to host WCF services locally instead of http binding.. I mean the services should be hosted within the .NET environment and not by using http or netTCP.. Could you please help me with the configuration for the same?
What are you trying to achieve here that can't be performed by using http or tcp settings for the local machine for both ends of the WCF contract? WCF isn't just between machines, you can also set it to communicate between different processes on the same machine.
I think you are confusing between hosting a WCF service and a WCF binding. A WCF service can be hosted in many different applications such as standalone executables, windows services, a web server such as IIS, ...
Once you've found an appropriate host for the service you have to decide what binding to use. A binding is used to specify the transport, encoding, and protocol details required for clients and services to communicate with each other.
Note that choosing a host could further limit the choice of bindings available. For example if you decide to host your service in IIS you could only use HTTP/S as transport and NetTcp is not available (in IIS7 it is available through WAS).
How to confgiure NetNamedPipeBinding.
How to: Host a WCF Service in a Managed Windows Service.