Austin Wise home
10 Apr 2006

HttpListener and URL ACLs

UPDATE: A new version of my tool is available here.

I recently reinstalled XP and decided to try not running as admin. Everything was going fine until I tried to run a little app of mine that used a HttpListener. Upon trying to start, the HttpListener threw a HttpListenerException exception with a message of "Access Denied". After spending a lot of time on Google and MSDN, I discovered that non-Administrators can't start listening on any port they want. The url they want to use has to be first reserved by an Administrator for that user. This can be accomplished through the use of the tool HttpCfg.exe. HttpCfg is part of the Windows Support Tools, which can be downloaded for Windows Server 2003 and Windows Service Pack 2. HttpCfg is non-user-friendly command-line only tool. It requires entering in SDDL strings. I was also unable to find any managed interface to talk the HTTP API. So I tasked myself with creating a managed interface for the HTTP API and an application that makes it easy to manipulate URL ACLs. I made it, but right now it only supports one user per URL ACL. This is my first time doing interop with native code, so that part might not be correct. It seems to work though. Once I add support for multiple users, I thick I will write an article on Code Project about it. Download and use at you own risk. The code in that download is copyright 2006 Austin Wise, but the final release might use a different license.