Reputation: 20808
Configure WCF for LOCALHOST-only listening
Similar to the Visual Studio development web server (Cassini) limitation that it only servers on localhost, I have a WCF Service implementation that is only needed on localhost.
I wouldn't mind other machines having access, except that the Windows Firewall prompts to allow the program to listen on the externally-facing NIC. Since this is only needed internally, I would rather restrict the WCF Server-side configuration so that it doesn't trip the firewall detector.
Is binding.HostNameComparisonMode = HostNameComparisonMode.Exact the right solution? I don't see how this is enough.
====
Like Cassini, this Service implementation is a stand-in for something else which DOES require network communication. The client can be configured to connect to the real server or the fake implementation running on localhost.
Upvotes: 8
Views: 11406
Answers (2)
Reputation: 33010
It depends on how you are hosting it. If you are in IIS7 or WAS, then WCF uses IIS's mode of matching. Otherwise, if you use HostNameComparisonMode.Exact, then yes, the host name will always be a critical factor in matching. If the host name does not match, dispatch will generally fail.
It should be noted that exact is not 100% perfectly exact...it still allows some variation in the host name. If you have both a NetBios host name and a full DNS name, matching will still occur, as WCF treats those two as one and the same.
System.ServiceModel.BasicHttpBinding.HostNameComparisonmode
Upvotes: 1
Reputation: 74560
I think that you are approaching it the wrong way. You should be using the named pipe binding, which should support whatever message exchange pattern you are using (it supports request-response, as well as the same concurrency and session state modes that WS supports).
From the section of MSDN titled "Choosing a Transport" (emphasis mine):
When to Use the Named Pipe Transport
A named pipe is an object in the Windows operating system kernel, such as a section of shared memory that processes can use for communication. A named pipe has a name, and can be used for one-way or duplex communication between processes on a single machine.
When communication is required between different WCF applications on a single computer, and you want to prevent any communication from another machine, then use the named pipes transport. An additional restriction is that processes running from Windows Remote Desktop may be restricted to the same Windows Remote Desktop session unless they have elevated privileges.
This satisfies your exact requirements and should be no more than a configuration change.
Upvotes: 7
Related Questions
- local WCF client server connection: message that no service is listening
- WCF service listens only localhost (127.0.0.1)
- WCF only accepts localhost
- .NET Web Service works only on localhost
- Hosting WCF locally
- WCF Hosting with IP Address
- hosting wcf service on localhost iis
- Restricting WCF Service access to only localhost
- WCF: How to connect to service by IP:Port