I'm refactoring an existing messaging system (developed in .NET Framework 4.5.2) to use NetNamedPipeBinding communication within internal components.
Using the tutorials I found, this setup works so far:
I configure the IIS website net.pipe binding with a wildcard:
As the system is the client and sender of the net pipe, I'm configuring the client in the config:
<client>
<endpoint name="Output" address="net.pipe://localhost/SomeServiceWs.svc" binding="netNamedPipeBinding" bindingConfiguration="TestNamedPipeBinding" contract="SomeNamespace.INotifyable" />
</client>
- And on the host-side the service:
<service name="SomeServiceWs" behaviorConfiguration="GeneralBehavior">
<endpoint address="" binding="netNamedPipeBinding" bindingConfiguration="TestNamedPipeBinding" contract="ISomeServiceWs"/>
<endpoint address="/mex" binding="mexNamedPipeBinding" contract="IMetadataExchange"/>
</service>
- And the binding-configuration for client and host:
<netNamedPipeBinding>
<binding name="TestNamedPipeBinding" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" transactionFlow="false" transferMode="Buffered" transactionProtocol="OleTransactions" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxBufferSize="65536" maxConnections="10" maxReceivedMessageSize="65536">
<security mode="Transport">
<transport protectionLevel="EncryptAndSign"/>
</security>
</binding>
</netNamedPipeBinding>
This works great so far, but now I'm running into a problem: On the server the system is running, there is another IIS Site using net.pipe with a wildcard configuration. This seems to cause problems, as the new IIS site never receives the messages.
No problem, I thought; I use a sub path instead of a wildcard:
Also changing the client configuration:
<client>
<endpoint name="Output" address="net.pipe://test/SomeService.svc" binding="netNamedPipeBinding" bindingConfiguration="TestNamedPipeBinding" contract="SomeNamespace.INotifyable" />
</client>
This seems to fix the name clash, but now I can't use the service anymore, as I get:
System.Security.Authentication.InvalidCredentialException: The server rejected the client's credentials. ---> System.ComponentModel.Win32Exception: Login attempt failed
I know, that NetNamedPiping really doesn't need security, as it is just in-server, but I need at least to explain, why the error is happening and if there is really no solution. Checking the docs https://learn.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/wcf/transport-of-netnamedpipebinding, I really can't configure too much. Also, looking into several other SO threads and guidelines (like the official one here https://github.com/dotnet/samples/blob/main/framework/wcf/Basic/Binding/Net/NamedPipe/CS/service/App.config) for net named pipes, I see only localhost used. I've also tried several re-configurations in regard to these values, but either the service isn't found or I get the error.
Unfortunately, I find little more information about this topic and as WCF isn't really used much anymore, I don't have many options in regard to knowledge holders. For me it seems like three possibilities:
- I must not use anything else than wildcard/localhost (and the name clash was a different problem)
- I can use other prefixes than localhost but must reconfigure the security anyhow
- I can make it work with sub-paths, but I just didn't configure it correctly
