What I am wanting to do is create a SocketStreamListener and connect to it (on localhost). Then connect to it and send it a message. Very simple stuff and it's all done here in an official demo but I want to understand it and use this logic in my own application.
The Problem
I have created a new Windows Metro C# application project and have this code to create a listener on my MainPage:
private void Button_Click(object sender, RoutedEventArgs e)
{
StreamSocketListener listener = new StreamSocketListener();
greetingOutput.Text = "Hello, " + nameInput.Text + "!";
}
but I get this error:
An exception of type 'System.UnauthorizedAccessException' occurred in
HelloWorld.exe but was not handled in user code
WinRT information: At least one of either InternetClientServer or
PrivateNetworkClientServer capabilities is required to listen for or
receive traffic
Additional information: Access is denied.
If there is a handler for this exception, the program may be safely
continued.
The same code works in the official demo though.
What am I missing?
What am I doing wrong?
You need to configure your application to require one or both of the necessary capabilities depending on your needs:
internetClientServer
Your Internet connection, including incoming unsolicited connections from the Internet – the app can send information to or from your computer through a firewall. You do not need to declare internetClient if this capability is declared.
privateNetworkClientServer
A home or work network – the app can send information to or from your computer and other computers on the same network.
(From the documentation at http://msdn.microsoft.com/en-us/library/windows/apps/br211423.aspx)
Also see this article for more information on how capabilities works: http://msdn.microsoft.com/en-us/library/windows/apps/hh464936.aspx
Internet and public networks
The internetClient capability provides outbound access to the Internet and public networks through the firewall. Almost all web apps use this capability. The internetClientServer capability provides inbound and outbound access to the Internet and public networks through the firewall.
Home and work networks
The privateNetworkClientServer capability provides inbound and outbound access to home and work networks through the firewall. This capability is typically used for games that communicate across the local area network (LAN), and for apps that share data across a variety of local devices. If your app specifies musicLibrary, picturesLibrary, or videosLibrary, you don't need to use this capability to access the corresponding library in a Home Group.
You need to declare which capabilities your app requires (and therefore has access to)
in your package manifest. Here's a step by step guide on how to do that: http://msdn.microsoft.com/en-us/library/windows/apps/br211477.aspx
You can use the Manifest Designer in Visual Studio to edit these capabilities.
Just locate and open the file in your solution named package.appxmanifest and the Manifest Designer should open.
Select the capabilities tab and the network related capabilities your app requires and you should be good to go.
Link to the documentation about the App Manifest Designer: http://msdn.microsoft.com/en-us/library/windows/apps/br230259(v=vs.110).aspx
Regarding the last paragraph
If there is a handler for this exception, the program may be safely continued.
It is simply saying that you may wrap your code using the StreamSocketListener in a try-catch block. This is a good thing if you want to handle the missing capabilities gracefully inside your application:
private void Button_Click(object sender, RoutedEventArgs e)
{
try
{
StreamSocketListener listener = new StreamSocketListener();
greetingOutput.Text = "Hello, " + nameInput.Text + "!";
}
catch(UnauthorizedAccessException exc)
{
// Act on the missing capability. Log it and/or warn the user.
}
}
Related
my project is about writing an OPC UA Client, to read and write variables on a Siemens PLC OPC UA Server. I'm using Visual Studio 2017 Enterprise and installed the Quick OPC Toolkit from OPClabs to get started and try to connect. To program the client, I'm using Windows Forms and C#.
Connecting with the server and reading variables is working just fine, but writing them gives me a headache:
1.) Before I started programming on my own, I downloaded the OPC UA Sample Client from the OPC Foundation (if someone needs the download-link just ask, the download is hard to find). I connected to the server and could browse through the variables, but the write function was greyed out/not available.
2.) I started programming a very simple client, but also failed to write variables. Reading via Live Binding (http://opclabs.doc-that.com/files/onlinedocs/QuickOpc/2018.2/User%27s%20Guide%20and%20Reference-QuickOPC/webframe.html#Making%20a%20first%20OPC%20UA%20application%20using%20Live%20Binding.html) is working, also reading them by using easyUAClient.Read() works. I tried to write a variable with this code:
namespace ErsteOPCUAVerbindung{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
private void button1_Click(object sender, EventArgs e)
{
var easyUAClient = new EasyUAClient();
easyUAClient.WriteValue("opc.tcp://OpcUaClient:password#192.168.216.1:4840/", "nsu=SinumerikVarProvider;ns=2;s=/NC/_N_NC_TEA_ACX/$MN_PLC_CYCLIC_TIMEOUT", 1);
}
}}
but I keep getting an exception:
OpcLabs.EasyOpc.UA.OperationModel.UAException: "An OPC-UA operation failure with error code -2144010240 (0x80350000) occurred, originating from 'OpcLabs.EasyOpcUA'. The inner OPC-UA service exception with service result 'BadAttributeIdInvalid' contains details about the problem."
{"OPC-UA service result - An error specific to OPC-UA service occurred.\r\n---- SERVICE RESULT ----\r\nStatusCode: {BadAttributeIdInvalid} = 0x80350000 (2150957056)\r\n"}
I have no idea what is causing this. I suspected, that maybe some kind of access restriction is the reason, but I can't find any hints about it in the documentations and besides I'm logged in as administrator anyway.
Has anyone an Idea? Thank you.
I have had one more look at your code, and the way you pass in the user name and password (in the URL itself) is definitely not correct. The way it is given now it is essentially ignored. It may or may not be the cause for the problem with the Write, but it definitely needs to be changed. The proper way of specifying the user name and password would be:
var client = new EasyUAClient();
var endpointDescriptor = new UAEndpointDescriptor("opc.tcp://192.168.216.1:4840/");
endpointDescriptor.UserIdentity = UserIdentity.CreateUserNameIdentity("OpcUaClient", "password");
client.WriteValue(endpointDescriptor, "nsu=SinumerikVarProvider;ns=2;s=/NC/_N_NC_TEA_ACX/$MN_PLC_CYCLIC_TIMEOUT", 1);
Update: I found a documentation, which explained, that the administrator does not have write rights by default and how you can change that. You need to call the methode GiveUserAccess and pass two Arguments, the Username and "SinuWriteAll" (the second one is kind of hidden). I'll try it now with C# and post my solution if it works.
An app I'm designing uses the VpnService, along with the VpnService.Builder, classes to generate a VPN in order to block traffic from specific apps. According to the documentation over at developer.android.com, all apps should be allowed through the VPN until Builder.AddAllowedApplication or Builder.AddDisallowedApplication is called.
When my VPN service starts up, for some reason, all apps are being disallowed which is strange. As soon as I disconnect from the VPN, all apps become available again. I need to to allow all, unless otherwise specified (which is what the documentation says should be happening). I start the VPN by calling the following:
private string _sTag = typeof(VpnService).Name;
private VpnServiceBinder _objBinder;
private ParcelFileDescriptor _objVpnInterface = null;
private PendingIntent _objPendingIntent = null;
...
if (_objVpnInterface == null)
{
Builder objVpnBuilder = new Builder(this);
objVpnBuilder.AddAddress("10.0.0.2", 32);
objVpnBuilder.AddRoute("0.0.0.0", 0);
// Form the interface
_objVpnInterface = objVpnBuilder.SetSession("Squelch").SetConfigureIntent(_objPendingIntent).Establish();
// Disallow instagram as a test
objVpnBuilder.AddDisallowedApplication("com.instagram.android");
// Set flag
_bVpnIsRunning = true;
}
So in the above instance, instagram should be the only blocked app, but all traffic appears to be blocked (can't use the chrome app, facebook, etc). Is there something I am missing in regards to this? Should I be specifying something before/after establishing the interface? Any help or direction would be greatly appreciated!
Note: In case it matters, I am targeting android 6.0 and higher. I can provide more source if required.
addDisallowedApplication:
By default, all applications are allowed access, except for those denied through this method. Denied applications will use networking as if the VPN wasn't running.
AddDisallowedApplication excludes the application from your VPNService and allows it to continue to use the "non-VPN" networking stack.
addAllowedApplication:
Adds an application that's allowed to access the VPN connection
Note: You can use an allowed or disallowed list, but not both at the same time.
So lets say we want to "block" any Chrome package from accessing the normal networking stack and redirect any Chrome apps from accessing the network via our "blocking" VPN, we can add all Chrome app package names to our VPNService implementation.
Note: there are 4(?) different Chrome apps, alpha, beta, etc.... so lets just block any package that has the name chrome in it, not really ideal, but for an example it works.
using (var pm = Application.Context.PackageManager)
{
var packageList = pm.GetInstalledPackages(0);
foreach (var package in packageList)
{
if (package.PackageName.Contains("chrome"))
{
Log.Debug(TAG, package.PackageName);
builder.AddAllowedApplication(package.PackageName);
}
}
}
After you .Establish() the VPN connection, all Chrome applications networking will be redirected to your VPNService and thus blocked.
I am creating a simple Windows service that hosts a Nancy instance to provide views of its internal data. Everything works as expected when using a browser on the local machine; I see the view that it serves up. However, I cannot find any reason why it will not access from a remote browser (on the same network). Access from a remote browser simply delays a while; IE will eventually display "This page can’t be displayed;" Safari on an iPad shows the partial progress bar for a while and does nothing.
I'm binding using all local IPs, not just localhost.
I am using the GetUriParams() function at this link to discover all local IP addresses for binding. http://www.codeproject.com/Articles/694907/Embed-a-web-server-in-a-windows-service
_nancyHost = new NancyHost(GetUriParams(port));
_nancyHost.Start();
I discovered at this page that binding to localhost works for local access only. http://forums.asp.net/t/1881253.aspx?More+SelfHost+Documentation
The IPs that this function discovers are for Ethernet adapter, Wireless adapter, and two VMware Network adapters from a prior installation of a VMware player. I've tried the remote access both by machine name and by literal IP to the Ethernet adapter.
I added entries to urlacl list.
I have used the netsh http add urlacl command as recommended in many places, including at this link: Remote access to a Nancy Self Host
If I perform netsh http show urlacl, I see the entry for the port I'm using.
I tried different Nancy configs
If I set the Nancy configuration option for UrlReservations.CreateAutomatically, I will get security prompts, which after allowing, I see new entries in netsh http show urlacl list output for all of the local IPs, but it still does not allow remote access. I also tried the RewriteLocalHost option true and false.
I've tried starting Nancy with http://+:3684 or http://*:3684 (which gets parsing exception from Uri()) and with http://0.0.0.0:3684 (which gets exception from AddAllPrefixes() within HttpListener()).
I added the EXE to Windows firewall
I have created firewall exceptions as described here: https://msdn.microsoft.com/en-us/library/ms733768.aspx
The associated rule shows Private,Public and "Any" for every column with both TCP and UDP.
I tried running Nancy in different environments. I've run the code in: the Windows Service running as Local System, a console app within Visual Studio 2013 debugger, and the console app Run As Administrator.
I imagine it's a simple security setting, but I've googled and searched and tried various things for a couple of days now.
What am I missing?
This answer provided the clue I needed.
https://stackoverflow.com/a/21364604/1139376
This is because HttpListener is built on top of http.sys which will listen on the port you specified on behalf of your program.
It wasn't my EXE doing the actual listening. All I needed to do was to add an Incoming rule to the Windows Firewall set for the "System" program and the specific TCP port I'm using. That allowed remote access.
Use the HostConfiguration and let Nancy make the URL reservations automaticaly for you.
var config = new HostConfiguration
{
RewriteLocalhost = true,
UrlReservations = new UrlReservations { CreateAutomatically = true }
};
host = new NancyHost(new Uri("http://localhost:8080"), new DefaultNancyBootstrapper(), config);
host.Start();
Note that this will force ACL to create network rules for new ports if they do not already exist.
I'll try to keep it short. I've been running in Windows 10 (10130) Microsoft's WiFi Direct Services example available on GitHub , the C# one in Visual Studio 2015 RC. Now, in their Build conference they said you can run in CMD a command to know if your WiFi adapter is compatible with WiFi Direct
netsh wlan show wirelesscap
Which gives me a big YES, your wireless adapter is compatible.
Wi-Fi Direct Device : Supported
Wi-Fi Direct GO : Supported
Wi-Fi Direct Client : Supported
But when I run the mentioned sample, everything goes OK until the WiFiDirectServiceWrapper.OnAdvertisementStatusChanged(. . .) is triggered, almost inmediatly after creating the advertiser. While running the sample with the profiler attached I get this:
private void OnAdvertisementStatusChanged(WiFiDrectServiceAdvertiser sender, object args)
--
sender | {Windows.Devices.WiFiDirect.Services.WiFiDirectServiceAdvertiser}
AdvertisementStatus: Aborted
AutoAcceptSession: true
CustomServiceStatusCode: 0
DeferredSessionInfo: null
PreferGroupOwnerMode: true
PreferredConfigurationMethods : _native, can't see_
ServiceError: UnsupportedHardware
ServiceInfo: null
ServiceName: "myservice"
ServiceNamePrefixes: {System.__comObject}
ServiceStatus: Available
I really don't know how I'm supposed to depurate this, as I can't find where this Event is raised (the only references to that method are
this.advertiser.AdversitementStatusChanged += OnAdvertisementStatusChanged
this.advertiser.AdversitementStatusChanged -= OnAdvertisementStatusChanged
^ those), and I can't see the WifiDirectServiceAdvertiser implementation.
My WiFi Card is a Qualcomm Atheros AR9485, and I'm using the latest drivers available through Windows Update. In the device manager I get two Wi-Fi Direct Virtual adapters:
Microsoft Wi-Fi Direct Virtual Adapter
Microsoft Wi-Fi Direct Virtual Adapter #2
The second one is disabled sometimes (the UnsupportedHardware event is the same, enabled or disabled). For all of them I've disabled the "Allow the PC to shut down this device to save energy" option.
I've tried to compile the code to x86 and x64, but I get the same result at the same point. I've tried another two generic wireless thumbs (those USB WiFi adapters) which Windows says yes, they're compatible too with no luck.
I know Windows 10 is not final, but any help is appreciated.
It seems that the WiFiDirect capabilities are not the only ones you need to look at if the thing you want to do is advertise a service (which is actually the "new in Windows 10 thing" concerning Direct).
The command you must execute is exactly the same as before:
netsh wlan show wirelesscap
but if you want to advertise a service, the relevant capabilities are the following:
P2P Device Discovery : Supported
P2P Service Name Discovery : Supported
P2P Service Info Discovery : Supported
P2P Background Discovery : Supported
What WiFiDirect does in Windows since 8 and 8.1 is advertising the whole computer, but since 10, WiFiDirectServices advertises one or more services running simultaneously in your machine.
Lets say you are the developer of com.boardgames. If you want to host a board games competition somewhere without a WiFi hard AP, that could be the prefix of the name of all your services, so each client connects only to the one they want: for example, com.boardgames.solitaire or com.boardgames.chess instead of connecting to your machine.
Sadly, none of the computers nor WiFi antennas I've tried are compatible with P2P discoveries.
My machine is in Domain D1 and there are public MSMQs in a remote server in domain D2. I am connected through vpn to D2, i.e I can RDP the machine in D2 and access the MSMQ.
What I want is to access (Know the message count) of the MSMQ without RDPing the system. So I build an application for this. I used Impersonation to impersonate the user of D2(i.e used credentials of D2)but the problem is I am not able to access the "Public" MSMQ ( used Messagequeue.GetPublicQueue() ) and exceptions are thrown with message "A workgroup installation computer does not support the operation." but when I used MessageQueue.GetPrivateQueue() it returned a collection of private queue.
I tried using MSMQManager for messageCount
Path = #"Direct:OS:machine\publicqueue";
FormatName=null;
new MSMQManager.inIt(machineName, path , FormatName);
This also throws an exception either the queue is not present or not open. but I can check that queue is working fine.
Are you comfortable doing a tiny bit of programming? If not, are you comfortable using PowerShell?
Either way - I would check out this post as it seems to contain the answers you are looking for.
Good luck, hope this helps
Your problem might be that you are working remotely.
The method GetPublicQueuesByMachine() is indeed not available over remote access.
You can see this in a feature matrix in the MSDN documentation: MessageQueue.GetPublicQueuesByMachine:
The following table shows whether this method is available in various Workgroup modes.
Workgroup mode Available
-------------- ---------
Local computer No
Local computer and direct format name No
Remote computer No
Remote computer and direct format name No
Also check the access privileges of your queues.
If I am wrong in the previous suggestion, it might be as simple as experimenting with the access rights for specific users in the network.
MSDN article Public and private queues states:
Default security access for public queues gives everyone permission to
send messages to a public queue. Specific permissions must be
granted for read access.
As for the actual message counting, John Opincar wrote a nice article about counting messages here: Counting Messages in an MSMQ MessageQueue from C#