Who is listening on port 80 (http.sys ?)

21/02/2020

In normal conditions there are several ways to check ports on a system.And there are lots of tools around like SysInternals, TCPView or good old “netstat -ano”.

But wait a minute, if we look netstat -ano;
netstat_system_process

As you can see my port 80 is reserved by “System” process (where PID=4) . Well it is easy to understand if your server installed Web Server like Apache, IIS or IISExpress to figure out who is using it but what if you don’t have any web server in your machine but who is then using port 80 ? OS itself ?

Well, I can tell you, definetly it is not “system” process itself. System process is only serving requested port for another process if your application utilize http.sys driver.
HTTP.SYS is a kernel driver so runs  under system process obviously.

Even you can use C# “HttpListener” to create small program that listen on a port by utulizing http.sys easily.
https://docs.microsoft.com/en-us/dotnet/api/system.net.httplistener?view=netframework-4.8

But is there any way to see which process actually using http.sys and bind this port ?
Yes.
Netsh http show servicestate
It will give you all bindings for registered sessions.
Registered URLs:
Server session ID: FF00000220000001
http://+:80/116B50EB-ECE2-41AC-8429-9F9E963361B7/
Server session ID: FF00000020000001
http://+:5985/WSMAN/
http://+:47001/WSMAN/
Server session ID: FF00000120000001
http://*:5357/584BBA7C-0F20-4161-BB0E-0D83BD7CA684/
Server session ID: FD0000012000001F
http://*:8855/

if you check the request queues section in results you can also see process identifiers.
Well the command results not exactly user friendly to show which PID matching which binding.But each session id order also match on printed request queue result.

Request queues:
Request queue name: Request queue is unnamed.
Version: 2.0
State: Active
Request queue 503 verbosity level: Basic
Max requests: 1000
Number of active processes attached: 1
Process IDs: /*first one*/
6392

Request queue name: Request queue is unnamed.
Version: 1.0
State: Active
Request queue 503 verbosity level: Basic
Max requests: 1000
Number of active processes attached: 1
Process IDs: /*Second one */
16076

Request queue name: Request queue is unnamed.
Version: 2.0
State: Active
Request queue 503 verbosity level: Basic
Max requests: 1000
Number of active processes attached: 1
Process IDs: /* Third one*/
23588 

Request queue name: Request queue is unnamed.
Version: 2.0
State: Active
Request queue 503 verbosity level: Basic
Max requests: 1000
Number of active processes attached: 1
Process IDs: /* Forth one*/
19552

If i am looking for “HTTP://*:8855/” this binding the process ID is 19552.
For my port 80. PID => 6392.

When i checked with taskmanager; it is svchost.exe. Commandline column of task manager says:
PeerDistSvc is the guy in my case.

 

 

Advertisement

Filed under Windows 10 Tagged with , , , , ,

Redirecting http to https in SharePoint with AAM

01/07/2019

There is a common mistake in redirecting http to https on any SharePoint site that thinking that AAM configuration is enough. Well thats not true !

Let’s assume we have following settings on AAM.

HTTPS -> HTTPS : https://www.contoso.com  zone:default  public url: https://www.contoso.com
HTTP -> HTTPS   : http://www.contoso.com  zone:default public url: https://www.contoso.com

And having correspoinding IIS binding:
http://www.contoso.com:*:80 (http)
*:443 (https)

In most of the cases this works fine. like
http://www.contoso.com
http://www.contoso.com/subsite
http://www.contoso.com/pages/home.aspx

but the problem happens when you try to land a one of the default layout pages ,
For example that you have sending a workflow emails pointing an item in a library
with querystrings:

http://www.contoso.com/SubSite/Lists/TestList/DispForm.aspx?ID=1
&Source=http%3A%2F%2Fwww%2Econtoso%2Ecom%2FSub1%2FLists%2FTestSub%2FAllItems%2Easpx
&ContentTypeId=0x0100AFA0B78F421E78408D29FBEA2D5EF4F9

Unfortunately this doesn’t work as expected , Either you can get 404 not found or the related page loads as http instead of https (depends on how you configure bindings on IIS). Well this is  a production design problem that we can not fix at that moment.
Valid for all SharePoint versions (2013,2016,2019)

Suggested solution:
A simple workaround is using another dummy IIS site with binding that intercepting all port 80 requests with host header of your site (www.contoso.com)
and use HTTPRedirect functionality (module) on IIS to redirect to correct IIS site as HTTPS:

Complex Solution:
That you may use URLRewrite module.

 

Filed under Sharepoint Tagged with , , , , , ,

Solutions for InfoPath web service connection problems behind SSL enabled TMG or hardware Load Balancer in Sharepoint 2010

13/12/2011 Leave a comment

Hi Everyone,

In this article i will explain a well known problem about web service connection problem on your sharepoint servers behind SSL offload Load Balancer or TMG reverse proxy enabled topologies.

What is SSL Offload and Acceleration: Depending on the workload, processing the encryption and authentication requirements of an SSL request can become a major part of the demand on the Web Server’s CPU and as the demand increases the users will see slower response times. To remove this demand from the Web Server a Load Balancer may be used to terminate the SSL at the Load Balancer. Some Load Balancer appliances include specialized hardware to process SSL. When a Load Balancer terminates the SSL connections the requests are converted from HTTPS to HTTP in the Load Balancer before being passed to the Web Server. So long as the Load Balancer itself is not overloaded this feature will not noticeably degrade the performance perceived by the end users.

For More information about Reverse proxy publishing: http://technet.microsoft.com/en-us/library/cc261814(office.12).aspx
So lets explain our topology. We have 2 WFE server and a Hardware Load Balancer.

WFE01 : Sharepoint Web Front End Server  which serving blog.bugrapostaci.com and our custom web service
/_layouts/CustomWebService/myservice.asmx
IP: 192.168.10.2

WFE02: Sharepoint Web Front End Server  which serving blog.bugrapostaci.com and our custom web service
/_layouts/CustomWebService/myservice.asmx
IP:192.168.10.3

HLB : Hardware load balacer device which is configured SSL Offload.

for this topology needed configuration fallowing Alternate Access Mappings …

Internal URL:  https://blog.bugrapostaci.com
Zone: Default
Public URL for zone: https://blog.bugrapostaci.com  

Internal UR: http://blog.bugrapostaci.com  
Zone: Default
Public URL for zone: https://blog.bugrapostaci.com  

For more information about How do I configure a load balancer to accept only SSL requests please read fallowing article:
http://www.sharepointpromag.com/article/sharepoint/configure-a-load-balancer-to-accept-only-ssl-requests
Ok. If you establish your AAM correctly, you can able to browse our sharepoint site well. First of all all client computer in your domain must use HTTPS protocol for browsing
our portal even if they write http://blog.bugrapostaci.com it will redirected to SSL httpS://blog.bugrapostaci.com according AAM configuration. But on the server’s browsers i mean if you connect to WFE1 or WFE2 you can not browse the site with using SSL because there is not any SSL implementation configured on your sharepoint servers.(also this is which we want for performace) unless redirect to outside port of HLB which is mostly prohibited for security. So you can browse your portal using HTTP protocol only on WFE server’s browsers reversly client action.

Ok so far so good What is the problem ?
You have a developer machine outside of the server farm and can able to create Infopath Web Forms using Sharepoint Designer or Infopath 2010  .And they can publish their form to sharepoint and see all forms are working correctly by instead of SSL communication. But what if one of the InfoPath form needs to connect a web service which is already publishing on our sharepoint portal “/_layouts/CustomWebService/myservice.asmx” it can be built in sharepoint web service too but in this scenario is customized asmx file.

You will get the 5566 connection problem when you try to open this infopath form after publish to server.

Why ?
Because when you working with your infopath form in InfoPath2010 (in client machine) you can able to configure your web service connection with HTTPS.
For example https://blog.bugrapostaci.com/_layouts/CustomWebService/myservice.asmx
if you test form your client computer’s browser you can see WSDL without any problem.
yes on client machine you can able to reach this service without any error and develop your form as you want.But After you deploy/publish it to sharepoint server the form
(also publish ends successfully)  and assume that the user request this form ,wfe server process the pipeline and requests to connect webservice for getting data not the client !!! So as i told you before there is not any SSL connection can be done in server network but your published web service url is starting with https , and all requestes are redirected HTTPS according Alternate Access Mappings. You got the problem 🙂

So what we could do for resolving this issue

The first solution 
you can configure a rule for HLB (if it is configurable) that server request can over through directly load balancer by using https .mean you should allow the server requests pass through HLB even if requester machine itself. (But this time you may encounter with double-hop scenario).But somehow if you can not configure your LB or prohibited by security reson or faced with double hop  you need second solution which is a little complicated.

The Second Solution

1)  You can add another Host header to your site from IIS console which is using protocol of HTTP
http://myblogserviceDo not add any AAM record for it. If you create an AAM record it will rewrite your service url as https again.

2) Adding host file record of all request can be redirected to same machine (for preventing double hop)
For WFE1  ->   192.168.10.2    wfe1
For WFE2  ->  192.168.10.3    wfe2

3) Give only the developer machines to direct access http://myblogservice for able to create their infopath form correctly.

4) Enable Cross Domain options for InfoPath Services.
Central Administration –> General Application Settings –> InfoPath Forms Services –> Configure InfoPath Forms Services:
Note :If this is an administrator-approved form template, the security level of the form must be set to full trustAbout  InfoPath Security Model:
http://msdn.microsoft.com/en-us/library/bb251020(v=office.12).aspx

5) Create and use Data Connection Library for storing infopath connection information
How to: Create and Use a Data Connection Library
http://msdn.microsoft.com/en-us/library/ms772101.aspx

6) Configure your InfoPath forms as use connections udcx files. And use your new host header for connecting web service like
http://myblogservice/_Layouts/CustomWebService/myservice.asmx

7) And publish your forms.

If you completed all steps correctly, when a user browse an infopath form from your site one of wfe server handle the request by using https when the server need to connect
web service it will use http protocol which can be used by servers and you can able to browse your infopath for correctly without any connection error.

Filed under Sharepoint 2010 Tagged with , , , , , , , , , , , , , , , , , ,

Session_End is not fired

20/01/2010 Leave a comment

Remarkable Question :
1. Remember Session_End event is supported only in InProc mode.  
2. Session_End won’t be fired if you close your browser. HTTP is a stateless protocol, and the server has no way to know if your browser has closed or not. 
3. Session_End will be fired only (i) after n minutes of inactivity (n = timeout value), or (ii) if someone calls Session.Abandon(). 
4. For case (i) (pt. 3), Session_End will be run by a background thread, which implies:

    a. Your code in Session_End is running using the worker process account. You may have permission problem if you’re accessing resource such as database.
    b. If an error happens in Session_End, it will fail silently.
5. For case (ii), please note that in order for Session_End to be fired, your session state has to exist first.  That means you have to store some data in the session state and has completed at least one request.  
6. Again for case (ii), Session_End will be called only if the abandoned session is actually found. As a result, if you create and abandon a session inside the same request, because the session hasn’t been saved and thus can’t be found, Session_End won’t be called.  This is a bug in v1 and upcoming v1.1.

Filed under ASP.NET Tagged with , , , ,