I've written and rolled out to a customer an app that uses NetTcpBinding for communicaions.
I've got a server app which accepts subscription requests from clients, then pushes data to the clients.
The client is seeing an issue on site where the once the server has 5 clients connected to it it refuses any more.
Has anyone seen this kind of behaviour before? Does anyone know what might be causing this? It works perfectly for less users.
I'm attempting to diagnose this myself at the moment but I'm new to WCF so I was wondering if there was some common solution to this kind of problem?
I get the following stack trace (Sanitzes to remove client name and product name):
2009-09-30 13:03:16,308 [1] ERROR [(null)] - Failed to subscribe to the VDN server, there was no server listening for connections at the configured URI
System.ServiceModel.EndpointNotFoundException: Could not connect to net.tcp://server:4000/VDNService. The connection attempt lasted for a time span of 00:00:01.0312236. TCP error code 10061: No connection could be made because the target machine actively refused it 10.65.1.42:4000. ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 10.65.1.42:4000
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.BufferedConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at ClientLib.IServer.Subscribe(List`1 groups)
at ClientLib.Client.Subscribe(List`1 groupNames)
A few questions up front:
On your server side, what does you config look like?
What OS is the server running under? (some OS versions/editions have limitations)
How are you hosting your WCF service on that server? (IIS vs. self-hosting)
You can basically tweak the number of concurrent connections using the ServiceThrottling behavior, and you can define
maximum number of concurrent calls
maximum number of concurrent sessions (including TCP/IP transport sessions)
maximum number of service class instances
To configure, try this:
<serviceBehaviors>
<behavior name="throttledService">
<serviceThrottling
maxConcurrentCalls="10"
maxConcurrentInstances="10"
maxConcurrentSessions="10"/>
</behavior>
and of course, your service configuration will then have to reference that behavior configuration.
None of those default to 5, though :-( But in your case, I'd try to crank up all the settings to 25 or something and just see if that makes any difference, and then tweak to your needs (and monitor the server's CPU and memory load!).
Marc
UPDATE:
You can definitely also do this in code - something like this (on the server side, where you instantiate your ServiceHost class, if you self-host):
using (ServiceHost host = new ServiceHost(typeof(MyWCFService)))
{
ServiceThrottlingBehavior stb = new ServiceThrottlingBehavior();
stb.MaxConcurrentCalls = 25;
stb.MaxConcurrentInstances = 25;
stb.MaxConcurrentSessions = 25;
host.Description.Behaviors.Add(stb);
host.Open();
...
}
Related
I'm attempting to port from 4.6.1 to ASP.NET Core 2.1.0-preview1. The following code throws an exception "Could not establish trust relationship for the SSL/TLS secure channel with authority '[service url]:447'
Am I applying the client cert incorrectly?
X509Certificate cert = X509Certificate2.CreateFromCertFile("C:\\mycert.cer");
X509Certificate2 cert2 = new X509Certificate2(cert);
var binding = new BasicHttpsBinding();
binding.Security.Mode = BasicHttpsSecurityMode.Transport;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;
var endpoint = new EndpointAddress(new Uri("https://[service url]"));
var channelFactory = new ChannelFactory<APIWebService>(binding, endpoint);
channelFactory.Credentials.ClientCertificate.Certificate = cert2;
var serviceClient = channelFactory.CreateChannel();
var result = serviceClient.getBatchesSinceGUID(new getBatchesSinceGUIDRequest("-1"));
channelFactory.Close();
FACTS
The X509Certificate is known to work with the 4.6.1 code; Allthough, the CORE version is using X509Certificate2
In the 4.6.1 version, the APIWebService proxy was generated with wsdl.exe
In the ASP.NET Core version, the APIWebService proxy was generated with svcutil.exe
EXCEPTION STACKTRACE
System.ServiceModel.Security.SecurityNegotiationException
HResult=0x80131500
Message=Could not establish trust relationship for the SSL/TLS secure channel with authority '[server url]:447'.
Source=System.Private.ServiceModel
StackTrace:
at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(HttpRequestException requestException, HttpRequestMessage request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpClientRequestChannel.HttpClientChannelAsyncRequest.<SendRequestAsync>d__13.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.ServiceModel.Channels.RequestChannel.<RequestAsync>d__33.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.ServiceModel.Channels.RequestChannel.<RequestAsyncInternal>d__32.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.TaskHelpers.WaitForCompletionNoSpin[TResult](Task`1 task)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(MethodCall methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(MethodInfo targetMethod, Object[] args)
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Reflection.DispatchProxyGenerator.Invoke(Object[] args)
at generatedProxy_1.getDispatchBatchesSinceUID(getDispatchBatchesSinceUIDRequest )
at NCPA.NADS.Test.UnitTest1.AdsDownload_Test() in UnitTest1.cs:line 26
Inner Exception 1:
HttpRequestException: An error occurred while sending the request.
Inner Exception 2:
WinHttpException: A security error occurred
Looks like it's probably because it's not being provided with its private key.
When doing mutual certificate authentication, both parties need their public/private key pairs to establish a secure and properly authenticated channel.
In general, a .cer file typically contains only the certificate itself, which is the public key plus some metadata and the CA signature. The private key is held either in the certificate store (if it was generated/installed locally) or in a .pfx file (which will generally be either password-protected or permission-restricted).
If you do it with a .pfx file, rather than loading from the local cert store, be VERY sure that you do the following:
Restrict permissions on the file to read-only for the account under which the application runs and read/write for ONLY administrators/developers who can be trusted with the private key.
If it is a password-protected file, DO NOT hard code the password in your code or check it in to source control. That completely defeats the purpose and you might as well not do HTTPS. Anyone who can check out your code and key file could authenticate as that account.
Same comment for the .pfx file itself - don't put it in source control.
Hosting the WCF services via a host exe on Windows 8.1 I am getting an AppContainer related error. I cannot find any good documentation on the methods on the top of the stack trace. Kind of grasping at straws here.
"System.ComponentModel.Win32Exception (0x80004005): Access is denied\r\n\r\nServer stack trace: \r\n
at System.ServiceModel.Channels.AppContainerInfo.GetCurrentProcessToken()\r\n
at System.ServiceModel.Channels.AppContainerInfo.RunningInAppContainer()\r\n
at System.ServiceModel.Channels.AppContainerInfo.get_IsRunningInAppContainer()\r\n
at System.ServiceModel.Channels.PipeSharedMemory.BuildPipeName(String pipeGuid)\r\n
at System.ServiceModel.Channels.PipeSharedMemory.get_PipeName()\r\n
at System.ServiceModel.Channels.PipeSharedMemory.GetPipeName(AppContainerInfo appInfo)\r\n
at System.ServiceModel.Channels.PipeConnectionInitiator.GetPipeName(Uri uri, IPipeTransportFactorySettings transportFactorySettings)\r\n
at System.ServiceModel.Channels.NamedPipeConnectionPoolRegistry.NamedPipeConnectionPool.GetPoolKey(EndpointAddress address, Uri via)\r\n
at System.ServiceModel.Channels.CommunicationPool`2.TakeConnection(EndpointAddress address, Uri via, TimeSpan timeout, TKey& key)\r\n
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)\r\n
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)\r\n
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)\r\n
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)\r\n
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)\r\n
at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)\r\n
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)\r\n
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)\r\n
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)\r\n
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)\r\n\r\n
Exception rethrown at [0]: \r\n at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)\r\n
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)\r\n
at IAuthenticationService.AuthTempTokens(TokenSet tokens, CAMSSystem systemId, String accountId, String ipAddress, String uniqueId)\r\n
at login_Default.AuthenticateAndRedirect() in c:\Source\RiverTam\Source\Systems\Web\PMI\PMI\Default.aspx.cs:line 167"
It looks like you're attempting to use a named pipe binding and you can't use named pipes in a WinRT based application.
So the IIS site was configured to impersonate and that user did not have rights! Spotted the user using Process Monitor. Not surprisingly removing following line allowed things to work as my user, an administrator, has rights just fine.
<system.web>
<identity impersonate="true" username="user" password="password" />
</system.web>
I am facing issue related to net.pipe end point of my WCF Service. I have configured required server roles (Application & Web Roles) and features (Windows Activation) in a Windows 2008 R2 machine. I created a sample wcf service with net.tcp, net.pipe and http endpoints and hosted it in IIS. I have enabled required binding in site level as well as Web Application level also. net.tcp & http endpoints are working fine. But getting error for net.pipe endpoint as mentioned below
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at net.pipe://localhost/MyWCFService/Service1.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Server stack trace:
at System.ServiceModel.Channels.ConnectionUpgradeHelper.DecodeFramingFault(ClientFramingDecoder decoder, IConnection connection, Uri via, String contentType, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at NetPipeValidation.ServiceReference1.IService1.GetData(Int32 value)
at NetPipeValidation.ServiceReference1.Service1Client.GetData(Int32 value)
at NetPipeValidation.Form1.button1_Click(Object sender, EventArgs e)
My initial suspect was net.pipe protocol is not properly activated. So validated all required windows services are running correctly (WAS, Net.Pipe Adaptar, Net.Tcp Adaptar). I also checked on SMSvcHost.exe.config file and made sure it has right configuration.
Since all services are running, I enabled performance counter and checked whether my net.pipe registration is sucessful. Regitrations Active for net.pipe and Uris Registered for Net.pipe has count as 1. With these counter values, I assuming my endpoint is properly configured and valid from server side perspective.
For some reason, end point is not reachable from client side. Is there any other validation I need to do in the machine?
net.pipe is intended for x-process calls, not x-machine calls. If you're crossing machine boundaries, you use http and/or net.tcp. If you're client and service are on the same machine, then you should use net.pipe.
We are getting following issue in our Production environment only. rest of environments its working fine.
we checked various links on stackoverflow but nothing worked.
tried increasing `
<httpRuntime maxRequestLength="2147483647" />
increased timeout
put tracing, but even that not showing any specific issue
[SocketException (0x2746): An existing connection was forcibly closed by the remote host]
System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) +245
[IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.]
System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) +7867549
System.Net.PooledStream.Read(Byte[] buffer, Int32 offset, Int32 size) +22
System.Net.Connection.SyncRead(HttpWebRequest request, Boolean userRetrievedStream, Boolean probeRead) +408
[WebException: The underlying connection was closed: An unexpected error occurred on a receive.]
System.Net.HttpWebRequest.GetResponse() +7870788
System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +99
[CommunicationException: An error occurred while receiving the HTTP response to http://myservice/Service.svc. This could be due to
the service endpoint binding not using the HTTP protocol. This could
also be due to an HTTP request context being aborted by the server
(possibly due to the service shutting down). See server logs for more
details.]
System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) +4728419
System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) +1725
MyService.ISSO.ProcessRequest(SSORequest request) +0
"Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host."
This error could be generated because of Group Policy Settings. Try connecting to Analysis Service using SQL Management Studio, if error persist try to elevate the user privilages.
I have wcf service that twice a minute check %programdata%/MYAPP folder and send all xml-files from this directory to sharepoint site. But i have some problem with this service (description from Event Viewer):
System.ServiceModel.EndpointNotFoundException: There was no endpoint listening at https://localhost:44300/DataService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it 127.0.0.1:44300
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()
at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at IncidentReportAgent.IRS3DataService.IDataService.UploadReport(Stream reportBinary)
at IncidentReportAgent.IncidentReportAgentService.ProcessFile(String fileName)
Service work only if i start service from VS2010 (project->debug->start new instance).
"Service work only if i start service from VS2010 (project->debug->start new instance)."
Sounds to me like you haven't actually hosted the service anywhere outside of Visual Studio. Based on the service endpoint address it's looking for, it looks like your intent is to host under IIS.
You'll need to configure IIS with a virtual directory/application for the service.
How to: Host a WCF Service in IIS
The error message says that it cannot find the service at https://localhost:44300/DataService.svc
This is probably the address where VS runs the service.
If you have installed the service anywhere else, for example on port 80, the client cannot find it because the client is looking on port 44300.