tags:

views:

257

answers:

1
+1  Q: 

NetTcpBinding wcf service with remote access AND transport security?

Hi all,

I am struggling with a WCF issue relating to name resolution-or something like so. When I consume a wcf service (netTcpBinding) on an application server via a web application on the web server it doesn't work. Ok it doesn't work in most situations. If you access the web application from the web server itself using localhost or 127.0.0.1 it works. However accessing it through the web server via another client machine or accessing the web application locally on the web server using the host name or IP address does not work. In both instances you get a socket connection aborted error.

What makes it more interesting is that switching all the security to 'none' as opposed to 'transport' resolves the issue.

My question is, is it possible to access wcf services using your web server and still use transport security? Or is this a bug/designed behaviour?

Many thanks for any insight, Steve

+1  A: 

Transport security typically only works point-to-point - when the client connects directly to the server.

If you have clients that come in from the internet, you have no control over how many intermediary hops they go through - so Transport security, even if you get it to work, will most likely not work at all, e.g. your message might be protected from the client to the first hop, and from the last hop to your server - but not in between hops.

For an internet scenario, typically, Transport security is not a valid option - use Message Security for those cases.

I'm not 100% sure why the connection wouldn't work at all - but in any case, if you're not behind a corporate firewall, I wouldn't be using netTcp with transport security in such a scenario.

Could you please add your server side config (anything inside <system.serviceModel>) to your question to see how you set up Transport security?

marc_s  2010-02-17 06:24:25
Mi Marc thanks for the assistance. That does make sense but I would have thought it should technically be ok to protect the communication between web server and wcf-since I control each hop anyway (as part of a multitiered application). I will try post some code/markup soon when I have access again.
MrCraze  2010-02-17 12:13:01

related questions

Dynamic programming with WCF
WCF Service Returning "Method Not Allowed"
Exceptions in Web Services
What SPN do I need to set for a net.tcp service?
How do I unit test a WCF service?
Best practices for versioning your services with WCF?
Lazy Loading with a WCF Service Domain Model?
How many ServiceContracts can a WCF Service have?
How can I authenticate using client credentials in WCF just once?
WCF - Domain Objects and IExtensibleDataObject
InvalidOperationException while creating wcf web service instance
Closing and Disposing a WCF Service
What WCF best practices do you follow in object model design?
WCF push to client through firewall?
Loading System.ServiceModel configuration section using ConfigurationManager
I would like some tips for debugging WCF Web Service exceptions
What's the best way to authenticate over WCF?
Good Reads for Distributed Systems
.Net - Returning DataTables in WCF
What is the easiest way to add compression to WCF in Silverlight?
WCF Backward Compatibility Issue
Best Practices for securing a REST API / web service
Web Services -- WCF vs. Standard
C# WCF Service - Backward compatibility issue
WCF - High availability