For WCF Services hosted in non IIS apps - add permissions for a user to change the IIS namespace reservations

If you are hosting a WCF services in a console app, windows service or any other non-IIS application, you need to listen on a particular url address.  A normal user running an app or service doesn't have permission to do this unless that user is an admin (not a good thing for a wcf service).  So in order to grant permission to reserve the namespace, you need to run a little command.

For IIS 7 (Vista and Windows Server 2008)

netsh http add urlacl url=http://+:80/MyUri user=DOMAIN\user

The other commands are detailed here: http://msdn.microsoft.com/en-us/library/ms733768.aspx

The error you'll get if the user does not have this right is:

System.ServiceModel.AddressAccessDeniedException: HTTP could not register URL http://+:80/serviceurl/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details). ---> System.Net.HttpListenerException: Access is denied
   at System.Net.HttpListener.AddAll()
   at System.Net.HttpListener.Start()
   at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
   --- End of inner exception stack trace ---
   at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
   at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
   at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
   at System.ServiceModel.Channels.TransportChannelListener.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.HttpChannelListener.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open()
   at ...

Incidentally, this is one of the best cases of a stacktrace containing a useful link that will help you solve the problem.

Nice one!

More later - j.