Reputation: 337
httpListener in local network without admin rights
I have the task to create a listener to a local computer inside a network. This computer takes POST from a web application and prints some stuff.
What I have done until now is to create an httpListener in a specific port and when the POST is received I send things to printer. That's works fine but only when the user has admin rights because the "netsh http..." needs admin rights to be executed.
Is there a way to bypass this restrictions somehow, because the computer is a simple pc and it couldn't has admin rights?
The app is written in VB.NET and will be run in a windows10 PC in a WindowsServer network.
Upvotes: 1
Views: 1309
Answers (1)
Reputation: 1500
netsh http add urlacl url="http://127.0.0.1:1234/" user=DOMAIN\USER
From what I've read, the backslash is important (trailing the port number). You could also replace 127.0.0.1 with + or * (being wildcards). Oddly enough, I had localhost listening on two different ports, and once I added one both were allowed to listen. It also seems possible to specify a group for user parameter. (In most examples, they demonstrate user=Everyone which I definitely wouldn't advise, if you can help it. Lock it down to a single account, acting like a service account.)
In my case, I'm using Grapevine. It wraps HttpListener, but giving you an example of that wouldn't be too relevant. (I'd highly recommend checking it out, especially if you're creating an API. It's been updated for years, and the developer is still responsive to feedback, and would save you a ton of work.) Just be mindful to mirror the prefix string you use for HttpListener in the netsh command. (Listening via wildcard is definitely different than localhost, and vice versa.)
https://github.com/sukona/Grapevine
https://msdn.microsoft.com/en-us/library/windows/desktop/cc307223(v=vs.85).aspx
I'd check out the MSDN link for other parameters. It seems you may be able to lock down the ACL command even further.
(I also have no idea why you were down voted. Your question was perfectly fine, and I found it as one of the top results, as I had the same question.)
Upvotes: 1
Related Questions
- HttpListener Access Denied
- c#: HttpListener setup on https without admin rights
- HTTPListener not working over network
- C# HttpListener and Windows Firewall
- How do I communicate with an HTTPLISTENER that I have created?
- C# HttpListener without using netsh to register a URI
- HttpListener not listening outside of host computer?
- Network port listener on c#
- httpListener as a windows service
- Managed HttpListener vs C++ Network Lib - Requires admin rights?