Geeks With Blogs
mipsen

Part 2 of my "Reloaded-Series"!

In the orginal post here TCPBinding seemed to be the solution. But it is not the best and in some cases just not usable.

This only applies to large requests!

Sabrina and Philippe, both colleagues in the current project, discovered something far better and much more interesting...

What happnes here is DOS-attack-prevention by IIS! Fortunately this did not apply to us that much, sitting behind the DMZ and a far way from the outside world...

Solution: Change the allowed HTTP-request-lenghts... How is this done? One way (and not the worst)

In  the web.config of your WCF-service there are 2 sections to insert the important stuff. At least IIS 7.0 and above.

 <system.webServer>...
    <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="209715200"/>
      </requestFiltering>
    </security>
  </system.webServer>

  <system.web>...
    <httpRuntime maxRequestLength="2097151" />
  </system.web>

One is legacy (IIS 6....) and the other more today. But both are needed for success.

The numbers are important. "maxRequestLength" is in kb, maxAllowedContentLength in byte. Both are set to very high values in this example. Be careful about that!

You can set some values in IIS but it is not bad practice, I think, to set it on svc-level only...

 

 

Posted on Friday, May 13, 2011 9:38 PM WCF | Back to top


Comments on this post: Strange 401 (Unauthorized) when calling a WCF Service *Reloaded*

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © mipsen | Powered by: GeeksWithBlogs.net