Using localtunnel to allow external access to IIS Express


Why Bother?

There are varying reasons why one might want to tunnel through the internet to allow external access to his/her development web server. It's useful in a variety of reasons (providing someone remote with access to your dev environment, testing web applications on mobile devices, etc.) and I personally find it especially handy when testing callbacks from 3rd party sites.
For instance, I recently worked on the integration of a new payment vendor into an existing ecommerce website. This involved sending a customer to the third party site and receiving a callback from that site when a payment succeeded or failed. This is easy in production, but a real pain in development, when you need to the test the 3rd party's (test system's) callback integration. Obviously passing a localhost:80 as the callpack URI won't work and, short of hosting my development environment online and having a static IP or DNS entry, this was something traditionally difficult to test.
localtunnel makes this free and easy! It basically binds a specified port on your local PC to a real (temporarily accessible) domain name over SSH. The only tough part is getting IIS express on board...

Installing localtunnel

You'll need Ruby installed and can install the localtunnel gem with the following command
gem install localtunnel
For security purposes you'll need to provide localtunnel with an SSH key upon first loading the application. This is easiest by using cygwin and running the following command:
ssh-keygen
Now that you've generated your ssh key, you can run localtunnel on the desired port (in my case port 80) with your key:
localtunnel -k ~/.ssh/id_rsa.pub 80
For subsequent calls you will not need to provide the key
localtunnel 80
You should see something like this:
Port 80 is now publicly accessible from http://xtv4.localtunnel.com ...
At this point localtunnel is working but if you navigate to an IIS Express site, you'll probably see a 503 error

Making IIS Express work with localtunnel

Modifying the ACL

You'll definitely want to modify your Access Control List if you do not plan to run Visual Studio as an administrator, as in my case
netsh http add urlacl url=http://*:80/ user=everyone
Note: I suggest deleting these entries once you have completed the development you are working on. To do so:
First enumerate the acls on your system
netsh http show urlacl
Once you've identied the acl you want to remove, do so by replacing the url in the following command with your URL
netsh http delete urlacl url=http://*:80/

Modifying applicationhost.config

You'll need to modify your applicationhost.config file (located at %userprofile%\Documents\IISExpress\config\) to allow wildcards. 


<site name="testsite" id="2">

            <application path="/" applicationPool="Clr4IntegratedAppPool">

                <virtualDirectory path="/" physicalPath="C:\Users\jirwin\Documents\My Web Sites\testsite" />

            </application>

            <application path="/test">

                <virtualDirectory path="/" physicalPath="C:\Users\jirwin\Documents\Visual Studio 2010\Projects\testsite\testsite" />

            </application>

            <bindings>

                <binding protocol="http" bindingInformation="*:80:" />

            </bindings>

    </site>
The important part here is the bindingInformation section. Essentially what you are telling IIS Express here is that you do not want to limit based on IP address or host header when connecting to this site:
bindingInformation="*:80:"

Proof of the Pudding

At this point you should be able to enter the provided address (http://xtv4.localtunnel.com in the above example) in the address bar of your favorite browser and see your local website load up over the internet. Brilliant!

Further Work

The only thing I haven't played with yet is using a combination of port 80 and 443 (for SSL) through localtunnel. I'm not sure if this is possible - it looks distinctly like only a single port can be tunneled (which would obviously make sense at a conceptual level). I'm willing to bet that the best idea in this case is to use 443 exclusively when testing and to follow all the steps above using port 443 instead of 80. I'd be very interested to hear if anyone has experience with this...

Comments

Post a Comment

Popular posts from this blog

Excel - Adding an existing Pivot table to the data model

Image
  I've been working more with, and continue to be amazed by, Power Pivot. I recently ran into an issue where I needed to add the data for an existing Power Pivot report to the Data Model. There is a checkbox that makes this easy when creating a PivotTable: As so often happens, the analysis grew in scope/importance and I found myself needing to add the data to the data model. While it's not obvious how, there is a way to add an existing Pivot table to the data model. There's a More Tables... link in the PivotTable Fields pane.  Clicking on the  More Tables... results in a dialog confirming that you want to Create a New PivotTable .  Doing so will result in the creation of the new PivotTable in a new sheet. By default the data is added to the data model. You'll likely lose some formatting but for anything other than a trivial PivotTable, this should save effort, as it did for me.
Read more

Mirth

Image
Introduction Let's talk about Mirth. At it's simplest, Mirth  link is an Open Source HL7 interface engine. HL7 (Health Level 7) is an NPO involved in the development of healthcare standards and the HL7 v2.x and HL7 v3 standards are commonly used in Medical Information for data interchange - including but not limited to clinical, financial, logistical and administrative messaging. I first ran across Mirth over a year ago on a personal quest to find an alternative to our client's legacy HL7 application. Academically, I wrote a number of lexical analysis tools using lexx, yacc, bison and JavaCC and knew the challenges of writing and maintaining complex parsers. I was simply looking for something that could parse HL7 for us, and perhaps log messages and provide a little more transparency than our application currently allowed.  A year later and our legacy application is still going strong (read: my proposal was declined), but Mirth is being used in production, far away from th
Read more

Getting Started with Mirth (Part 1)

Image
This is the first post in a 2 part series. The second post is here Recently I posted about my positive experience when using Mirth by Webreach as an open source communication layer between one of our in-house applications and a third party and proprietary web service interface. That post received a large amount of attention (relative to my other posts :o) ) so now I will post a quickstart guide to creating a similar setup. In this post I will go over the very basics of using Mirth (please dig in and play around with some more advanced options/configurations), specifically I will demonstrate how to use Mirth to read data from a database, package the data up in a SOAP envelope, send the data to a web service and process the SOAP response. I'll also show you how easy it is to monitor channels once deployed. Once you've installed and opened Mirth for the first time you'll be presented with an empty dashboard - but it wont stay empty for long. This is where you'll s
Read more