Can I listen on a port (using HttpListener or other .NET code) on Vista without requiring administrator priveleges? [duplicate]

家住魔仙堡 提交于 2019-11-27 17:23:54

I've never used an HttpListener, but from your description it sounds more like you want to listen on a regular TCP port, instead of embedding your application into a server URL namespace (which is what HttpListener appears to do). You should be able to use regular socket functions (System.Net.Sockets.TcpListener) to open and listen on a TCP port without requiring administrator privileges. I'm almost certain Skype doesn't use an HttpListener.

While you can write your own HTTP server using normal TCP/IP (it's relatively simple), it is easier to use HttpListener, which takes advantage of the HTTP.SYS functionality added in Windows XP SP2.

However, HTTP.SYS adds the concept of URL ACLs. This is partly because HTTP.SYS allows you to bind to sub-namespaces on port 80. Using TCP/IP directly avoids this requirement, but means that you can't bind to a port that's already in use.

On Windows XP, you can use the HttpCfg.exe program to set up a URL ACL granting your user account the right to bind to a particular URL. It's in the Platform SDK samples.

On Windows Vista, HTTPCFG is still supported, but the functionality has been absorbed into NETSH:

netsh http show urlacl

...will show a list of existing URL ACLs. The ACLs are expressed in SDDL.

netsh http add urlacl url=http://+:80/MyUri user=DOMAIN\User listen=yes

...will configure the MyURI namespace so that DOMAIN\User can listen to requests.

If you need to handle requests only from you own computer (usually for test purposes), you can write localhost instead of * in prefix.

For example, instead of "http://*:9669/" you can write "http://localhost:9669/". This works fine with HttpListener and doesn't require administrative privileges (at least on Windows 7).

rob

Well I had to deal with something similar. My Computer is in a restricted domain, so I don't have administrator privileges. After some research and reading I found this thread and the netsh hints made me use temporary acl bindings just for developing tests. On my computer these rule exists.

There's this entry:

Run 'netsh http show urlacl' (as shown above)

    [...]
        Reservierte URL            : http://+:80/Temporary_Listen_Addresses/
            Benutzer: \Jeder
                Abhören: Yes
                Delegieren: No
                SDDL: D:(A;;GX;;;WD)
    [...]

So I can use the HttpListener as non-admin (Jeder):

    [...]
    HttpListener l = new HttpListener();
    string prefix = "http://+:80/Temporary_Listen_Addresses/";
    l.Prefixes.Add(prefix);
    l.Start(); // does not throw any "Permission Denied/Access Denied/Zugriff verweigert"
    [...]

May this helps anybody finding this thread.

In XP, you had to use a command-line (httpcfg) to open up the port first, otherwise it wouldn't work for non-admins.

See here - the page explains the issue, and there is a zip at the bottom to make it usable.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!