none
WCF self hosting doesn't work as Limited User

    Question

  • I created a console app that self-hosts a WCF service.  However when I run the code as a limited user (not as an administrator), I get the following error:

    "HTTP could not register URL http://+:7171/FTS/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details)."

    The code I ran was:

    Sub Main()
        Dim selfHost As ServiceHost = New ServiceHost(GetType(FileTransferService))
        Try
          selfHost.Open() '' error occurs here
    

    The app.config is:

    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
      <!--<configSections>
       
      </configSections>-->
      <system.diagnostics>
        <sources>
          <!-- This section defines the logging configuration for My.Application.Log -->
          <source name="DefaultSource" switchName="DefaultSwitch">
            <listeners>
              <add name="FileLog"/>
              <!-- Uncomment the below section to write to the Application Event Log -->
              <!--<add name="EventLog"/>-->
            </listeners>
          </source>
        </sources>
        <switches>
          <add name="DefaultSwitch" value="Information" />
        </switches>
        <sharedListeners>
          <add name="FileLog"
             type="Microsoft.VisualBasic.Logging.FileLogTraceListener, Microsoft.VisualBasic, Version=8.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL"
             initializeData="FileLogWriter"/>
          <!-- Uncomment the below section and replace APPLICATION_NAME with the name of your application to write to the Application Event Log -->
          <!--<add name="EventLog" type="System.Diagnostics.EventLogTraceListener" initializeData="APPLICATION_NAME"/> -->
        </sharedListeners>
      </system.diagnostics>
      <system.serviceModel>
        <bindings>
          <basicHttpBinding>
            <binding name="BindingRequest" maxReceivedMessageSize="1048576"
              messageEncoding="Mtom" transferMode="StreamedRequest">
              <readerQuotas maxStringContentLength="32768" maxArrayLength="32768"
                maxBytesPerRead="32768" />
            </binding>
            <binding name="BindingResponse" maxReceivedMessageSize="1048576"
              messageEncoding="Mtom" transferMode="StreamedResponse">
              <readerQuotas maxStringContentLength="32768" maxArrayLength="32768"
                maxBytesPerRead="32768" />
            </binding>
          </basicHttpBinding>
        </bindings>
        <behaviors>
          <serviceBehaviors>
            <behavior name="NewBehavior">
              <serviceMetadata httpGetEnabled="true" />
            </behavior>
          </serviceBehaviors>
        </behaviors>
        <services>
          <service behaviorConfiguration="NewBehavior" name="DocXferServiceLib.FileTransferService">
            <endpoint address="Request" binding="basicHttpBinding" bindingConfiguration="BindingRequest"
              name="EPRequest" contract="DocXferServiceLib.IFileTransferService" />
            <endpoint address="Response" binding="basicHttpBinding" bindingConfiguration="BindingResponse"
              name="EPResponse" contract="DocXferServiceLib.IFileTransferService" />
            <host>
              <baseAddresses>
                <add baseAddress="http://localhost:7171/FTS" />
              </baseAddresses>
            </host>
          </service>
        </services>
      </system.serviceModel>
      <appSettings>
       <add key="StorageDirectoryPath" value="D:\StorageDirectory1"/>
      </appSettings>
    
    </configuration>
    
    
    Am I missing something?  Again, everything works fine if I run the app as an administrator.
    Friday, April 15, 2011 2:06 PM

Answers

  • Hi romrom,

    the none-admin users are not proviledged to start listening on all addresses/ports. To do that you have to use httpcfg or netsh tools (second one is for win7).

    Here is an example which should permitt all users to start listener at the port 7171:

    httpcfg set urlacl –u http://+:7171/ -a “D:(A;;GX;;;WD)”

    For more information take a look here: http://developers.de/blogs/rolf_nebhuth/archive/2006/08/02/902.aspx

    Hope this helps.

    Damir

     

     


    Damir Dobric
    http://developers.de/members/ddobric/default.aspx
    http://www.daenet.de
    http://www.daenet.com
    http://www.daenet.eu
    • Marked as answer by Yi-Lun Luo Thursday, April 21, 2011 9:23 AM
    Sunday, April 17, 2011 9:21 PM

All replies

  • Hi romrom,

     

    non privileged user are not allowed by default to open a listening http server.

    The link in the error message you posted at the beginning of you question explains how to grant the right to open an http server to regular users.

     

    Regards,

    Markus

    Friday, April 15, 2011 2:31 PM
  • I opened that link, but don't see where it says how to open an http server to regular users
    Friday, April 15, 2011 3:15 PM
  • Hi romrom,

    the none-admin users are not proviledged to start listening on all addresses/ports. To do that you have to use httpcfg or netsh tools (second one is for win7).

    Here is an example which should permitt all users to start listener at the port 7171:

    httpcfg set urlacl –u http://+:7171/ -a “D:(A;;GX;;;WD)”

    For more information take a look here: http://developers.de/blogs/rolf_nebhuth/archive/2006/08/02/902.aspx

    Hope this helps.

    Damir

     

     


    Damir Dobric
    http://developers.de/members/ddobric/default.aspx
    http://www.daenet.de
    http://www.daenet.com
    http://www.daenet.eu
    • Marked as answer by Yi-Lun Luo Thursday, April 21, 2011 9:23 AM
    Sunday, April 17, 2011 9:21 PM
  • Thanks, but I can't seem to find "httpcfg"  I have XP SP3 and VS 2008 installed and did a full computer search w/o coming up with this application.  If this is such a ubiquitous issue, shouldn't the solution be more accessible?

    Wednesday, April 27, 2011 6:50 PM
  • In this case you should use NETSH. (See above in my post httpcfg or netsh).

    Start command prompt and type netsh. then type http.

    At the end type:

    add urlacl url=http://+:7171/ user=DOMAIN\user

     

    Hope this helps :)

     


    Damir Dobric
    http://developers.de/members/ddobric/default.aspx
    http://www.daenet.de
    http://www.daenet.com
    http://www.daenet.eu
    Wednesday, April 27, 2011 9:11 PM
  • I thought you stated that netsh was only for Windows 7?

    Anyway, I opened a command prompt and entered netsh.  After that I got a netsh prompt.  Then I entered http and enter and I got "The following command was not found: http"  Am I missing something?

    Thursday, April 28, 2011 2:05 PM
  • This is what I have in command prompt:

    c:\Program Files (x86)\Microsoft Visual Studio 9.0\VC>netsh
    netsh>http
    netsh http>

     

    could you pleease paste your command  prompt content?  You can lso try "?" after you get netsh prompt.


    Damir Dobric
    http://developers.de/members/ddobric/default.aspx
    http://www.daenet.de
    http://www.daenet.com
    http://www.daenet.eu
    Thursday, April 28, 2011 3:01 PM
  • Believe it or not, this is what I see:

    C:\Program Files\Microsoft Visual Studio 9.0\VC>netsh
    netsh>?

    The following commands are available:

    Commands in this context:
    ..             - Goes up one context level.
    ?              - Displays a list of commands.
    abort          - Discards changes made while in offline mode.
    add            - Adds a configuration entry to a list of entries.
    alias          - Adds an alias.
    bridge         - Changes to the `netsh bridge' context.
    bye            - Exits the program.
    commit         - Commits changes made while in offline mode.
    delete         - Deletes a configuration entry from a list of entries.
    diag           - Changes to the `netsh diag' context.
    dump           - Displays a configuration script.
    exec           - Runs a script file.
    exit           - Exits the program.
    firewall       - Changes to the `netsh firewall' context.
    help           - Displays a list of commands.
    interface      - Changes to the `netsh interface' context.
    lan            - Changes to the `netsh lan' context.
    nap            - Changes to the `netsh nap' context.
    offline        - Sets the current mode to offline.
    online         - Sets the current mode to online.
    popd           - Pops a context from the stack.
    pushd          - Pushes current context on stack.
    quit           - Exits the program.
    ras            - Changes to the `netsh ras' context.
    routing        - Changes to the `netsh routing' context.
    set            - Updates configuration settings.
    show           - Displays information.
    unalias        - Deletes an alias.
    winsock        - Changes to the `netsh winsock' context.

    The following sub-contexts are available:
     bridge diag firewall interface lan nap ras routing winsock

    To view help for a command, type the command, followed by a space, and then
     type ?.

    Thursday, April 28, 2011 4:49 PM
  • I'm having a similar problem with a NetNamedPipeBinding WCF service.  If I run my WCF desktop application as an Admin everything works fine.  I have a Windows WCF Service running that trys to communicate my WCF desktop application but the Windows WCF Service throws an EndPointNotFoundException.  I receive no errors when opening my ServiceHost desktop application as a limited user but for some reason it is not visible to the Windows WCF Service.  Are there special steps I must take to allow for this endpoint to be useable by a Windows WCF Service (System account)? 
    Monday, October 03, 2011 3:26 PM