Raf's laboratory Abstracts Feed Raffaele Rialdi personal website

I am Raf logo

HttpNamespace, a Win32 utility to reserve an HttpEndpoint

September 07, 2009

When you need to publish a WCF or WWS service or an application that must listen on http, you must reserve an http namespace.

Since Windows 2003 there is a new Http handler in kernel mode that handle/route the request to applications. This way you can listen to a single address/port couple from multiple applications, even if this is normally forbidden in tcp/ip.

Http.sys does the trick and handles in kernel mode all the request and route them to the appropriate application using the host headers to map a request. This means that you need two things:

  1. Create a configuration record that declare the shape of the url to map
  2. Assign the appropriate ACL so that only the process who has an appropriate token can request the mapping to itself. Without ACL a malware could map an endpoint to itself and this is certainly to avoid.

HttpNamespace is a Win32 utility that does these two things. In order to be pleasantly used during a setup "custom action", I decided its features:

  • Minimum dependencies. The utility does not require .NET Framework. It depends from httpapi.dll and the Visual C++ runtime version 9.
  • Small size: only 32K
  • Runs in the GUI subsystem. The utility can be run from a console and dynamically attach the console if found. Otherwise it runs without opening the annoying console.
  • The utility can be used from a normal user in readonly mode. To add or delete configuration records, the utility requires administrative privileges, otherwise an error is displayed ("The request could not be processed").
  • The utility obviously have to use the syntax described here to record a namespace.
  • The permission assigned for User or Group is "eXecute" (hardcoded). AFAIK this is sufficient for most applications.
HttpNamespace v1.0 Copyright(c) Raffaele Rialdi, 2007-2009
Blog: http://blogs.ugidotnet.org/raffaele  -  http://www.iamraf.net/tools
Utility to View, Add or Remove configuration records
for the HTTP Server API configuration store
You are free to copy and redistribuite this utility
but not to modify or patch it
HttpNamespace                   View records
HttpNamespace -u Url            Remove record for the specified Url
HttpNamespace -a Url User       Add a record and grant eXecute to User or Group
Url format help:  http://msdn2.microsoft.com/en-us/library/aa364687.aspx


Why another utility? Because in Windows 2003 there was no preinstalled utility to do this configuration. Furthermore from Vista and beyond the utility correctly changed to netsh, as you can see from Nicholas 'WCF guru'.

rated by 0 users

Share this page on Twitter

Privacy | Legal Copyright © Raffaele Rialdi 2009, Senior Software Developer, Consultant, p.iva IT01741850992, hosted by Vevy Europe Advanced Technologies Division. Site created by Raffaele Rialdi, 2009 - 2015 Hosted by: © 2008-2015 Vevy Europe S.p.A. - via Semeria, 16A - 16131 Genova - Italia - P.IVA 00269300109