I am looking for guide who have experience with Interactive Brokers Client Portal API. The Interactive Brokers CLient Portal API provides a gateway service.
I have tested this IB Gateway in my local and locally it is working fine.
The gateway is running on https://localhost:5000
I want to put this service on the windows server and want to access by server ip.
for example: https://52.xx.xx.12:5000 like this
I also tried solution from this reference Running interactive brokers client portal API in cloud server but not got success
Thanks
You need to set your server IP address in IB gateway setting as a trusted IP, and you should open 5000 port in firewall as well.
Related
We use an HTTP proxy (tinyproxy) on a dedicated machine to be able to reach legacy services from our GKE cluster with a static IP address. I'm aware that this is not the best solution, but the requirements are set by the target environment on which we have no control, and this solution works great for HTTP and SSH requests.
We now have the requirement to connect to an existing LDAP server, and in this case again do so from a static IP address. Is there a way to do this by sending requests to the LDAP server through the HTTP proxy?
LDAP and HTTP are both application layer protocols and thus incompatible. I doubt tinyproxy supports LDAP proxying out of the box, but you could use a separate LDAP proxy.
A quick search reveals a few LDAP proxy products on the market. OpenLDAP, an open source LDAP server, also can be used as a proxy. Some examples of this can be found (1, 2).
I have Outbound IP range from partner system(server) whose HTTPS URL we are trying to connect to transfer files but since no APIs are involved , how to check if IP's are whitelisted or is it any way to Whitelist that IP range in anypoint Studio7 using Mule4
Not finding way to do it via Anypoint studio as my code is deployed locally and not on any CloudHub or on-premise as of now, as its just a POC
It is the other way around. The other side, which exposes the HTTPS service you are connecting to, restricts access to their service by whitelisting some IPs. If your IP, from where you connect to the service, is whitelisted, then you will be able to connect to it. If not, you might not even get an error response. It is up to the side whitelisting, which is usually the server.
I have the starting shell of a SMAPI service programmed in Node.js. The service is running off of a local IP address.
When I goto the customSD page for my Sonos Play:1 and add the service details to it and it returns 'Success!' upon clicking submit.
When I open the Sonos Controllers on both my desktop and mobile, the service does not show up in the list of music services you can add.
I have logging on the server turned on to max and there are no connection attempts ( either SSL or HTTP ) at all.
From what I've read, a running service is not needed for it to show up in the list. Once it's added via customSD it should show up in the Music Service settings.
TO NOTE: A self signed cert is being used for https for connection testing only. I have certificate request logging turned on and there is NO connection attempt from the Sonos Play:1 to the local server at all. From everything I've read this shouldn't matter as it should show up in the Music Service list until you try to add it and then it will connect to the service.
The only thing I can think of is if this service needs to be registered with Sonos before it can be added via customSD, however at this time nothing I've read says that.
The other thing is if this service needs to be running off a domain name for some reason. However in the documentation it lists IP address so it would be bad documentation then.
I expect the service added via customSD should show up in the list. It does not appear when clicking on add.
Understood the issue and YvesGrantSonos has updated the documentation.
If you're developing locally a non-https IP address should be used for both the secure and non-secure API URI's.
You should be able enter a local IP address for the SMAPI service. For testing, this should be on the same local network as the Sonos player. Be sure to include the port number that the service is running on (i.e. http://192.168.1.2:8080/musicservice). You can use the same IP and port for secure and insecure connections.
We have a couple of back-end web applications to which we want to provide access via the public internet. To that end, we are setting up a reverse proxy (IIS 7.5) from our DMZ. At the same time, we want these web applications to be claims-enabled through ADFS 2.0.
WEB1.MYCORP.COM/WFE1 is the other back-end web application, on our internal network
WEB1.MYCORP.COM/WFE2 is the other back-end web application, on our internal network
ADFS.MYCORP.COM is the ADFS 2.0 server, on our internal network
FSPROXY.MYCORP.COM is the ADFS 2.0 proxy server, on our DMZ
RPROXY1.MYCORP.COM is the reverse proxy for WFE1, on our DMZ
RPROXY2.MYCORP.COM is the reverse proxy for WFE2, on our DMZ
In keeping with the proper configuration of ADFS, our internal DNS resolves ADFS.MYCORP.COM to the actual internal server, while external DNS points ADFS.MYCORP.COM to the ADFS proxy (FSPROXY).
So, here's the scenario:
End user browses to RPROXY.MYCORP.COM
Reverse proxy forwards request to WEB1.MYCORP.COM/WFE1
WFE1 redirects browser to ADFS.MYCORP.COM (actually FSPROXY)
ADFS Proxy prompts for credentials and authenticates against ADFS server
Upon successful authentication, browser redirected back to web app
I have a couple of questions. Do I need to configure something in the rp or the application to allow this. Also the adfs endpoint is the rp url is that an issue?
Do I need to set up something for the reverse proxy as well? (Should I/can I) set up a claims-enabled reverse proxy in IIS? How do I set up the reverse proxy rules to pass back the ADFS request unaltered? Currently, when I try to access the back-end application, it fails with a 401 authentication error. If I remove the proxy and just hit the app server it works fine.
Further,
This fails:
The path is client --> rp -->app -->adfs --> rp -->app --> rp -->client machine
this works:
The path is client -->rp -->app -->adfs -->app -->rp -->client machine
Any suggestions would be greatly appreciated!
Not familiar with how you enabled reverse proxy in IIS (ARR?). Something like this http://blogs.iis.net/carlosag/setting-up-a-reverse-proxy-using-iis-url-rewrite-and-arr
One choice for you is to use ADFS 2012R2 (if possible) because the proxy in that, the Web Application Proxy, handles both ADFS authentication and can handle app publishing for your claims enabled application. There are 2 ways you can publish your app to the internet. Once is pass-through which is kinda what you are trying to do. But it also allows pre-authentication support for a claims aware app. This way, you can have a different policy that decides whether the application can get pass your EDGE network before a packet goes to your internal application.
After doing lots of digging and fiddler traces I found the issue. In testing idp setup the token was different then stage env. The fiddler traces showed that the token was making it back to the app server. The issue was it also looked like the cookie dropped off for no reason. The issue was because the old dev ipd value disagreed with the stage value...naturally. Once I cleared the old token from the database everything worked.
I need to use certain software that connects with a server, that allows connections only from whitelisted IPS. To solve this, I have a droplet with fixed IP on DigitalOcean where I use Squid3 as proxy. I configure my system to work through the proxy, and I tell the central server to whitelist that proxy server IP.
Up to here all is great, but as I should have guessed, some people are using my proxy to send malicious packages, and now the server provider is telling me to get it sorted out, or they will cancel my account.
I added authentication to the proxy, and the attacks have stopped, since the attackers do not know the user/pass combination.
But now the problem I have is that I don't see any way to configure Windows to use authentication when connecting to the proxy! I am not talking just about HTTP requests, since the browsers allow for authentication. I am talking about some custom software that needs to communicate as well with this central server.
Is there any way to configure Windows so that it connects to the proxy passing the necessary username and password?