Bloomberg Anywhere and BLPAPI - bloomberg

I successfully developed an application through BLPAPI (Bloomberg API) on a Bloomberg Terminal machine (in Python). Unfortunately my company is thinking to switch to Bloomberg Anywhere...I will have the chance to run my application there?

With a move to Bloomberg Anywhere from open Bloomberg, you will have the same access to data that you had before. However, you will need to keep the following in mind:
Authentication will be linked to an individual person instead of a Username/Password. This means that the person who owns the Bloomberg login will need to be physically present at the machine to login using their fingerprint on the Bloomberg keyboard, a b-unit, or our newly released b-unit mobile app (for recent versions of android).
Your app will no longer be limited to running on the current machine only. You will now be able to install a Bloomberg access point and use your application on any windows machine as long as you have the person present as described above to log into the box.
Once logged in you will have data access for a few days, however if the Bloomberg anywhere user logs in to Bloomberg on a separate machine, then the machine with your python application will immediately lose access to data. To regain access, the Bloomberg anywhere user will have to re-login to the original machine.
hope this helps

Yes. Just be sure that the user logs in every so often. The API will work when a user is connected and even after they disconnect, for a while.

Yes, it should work fine, we've done some applications under BBanywhere.
The only issue I've seen which you should contemplate before going live application is ensuring that if you're moving it off the main box and it's a non-technical party using the service on a laptop or something, that the appropriate python install and dependencies are set up (ie. conda, blpapi, etc.) I've seen some people comfortable enough to run the script or app, then run on laptop or other computer under anywhere all of a sudden that doesn't work because the dependencies aren't there.

Related

How does one interact with the user from a vb.net service?

I've got one for you thats been bugging me for a bit.
If you run a Windows Service as Local System, how can that service display forms or prompts on the user desktop?
I tried this in one of my previous apps and couldn't get it to work; I settled on having an 'invisible' app running in the user context to handle any user interaction. But as time has passed, I've seen some apps that have nothing more than a service running as local system and yet they produce prompts and forms on the user desktop.
Thanks in advance for any info :)

Is Chromium Local Storage an alternative to node-keytar in electron?

I've to save user passwords on my electron app. https://github.com/atom/node-keytar is the best choice and it works well on Mac. But, a bulk of my user base is on Windows. KeyTar on windows is buggy and sometimes even insecure https://github.com/atom/node-keytar/issues/88.
So, I'm considering using chromium local storage (within electron) to store the password - perhaps, salted/hashed.
I searched much of the relevant internet; no one has a blog/suggestion/SO post on this. What am I missing?

How to get data out of citrix

Here's what I want to be able to do:
Run a program on my local computer which logs in to a citrix server (using citrix receiver or doing so in a similar way), on the server in the citrix session open a web browser, load a website, and then bring the html of that site back out of the citrix session and onto my local computer. Bascially I want to get data out of a citrix remote session.
How can I do this programmatically?
I'm fine with whatever programming language/modality you are comfortable in answering the question using.
I've looked a little into the citrix apis but while I find some things about logging in and even sending keystrokes and mouse clicks I found nothing about obtaining data. I could just log in and then use a program like wireshark to get the information, but I'm guessing it's all encrypted (plus then I wouldn't be doing my task all programmatically). I know of at least one open source program which seems to be able to replace a citrix reciever/client (openthinclient.org) but before I got digging through all its source code to try to answer my question I thought I'd ask here in case someone had an easier answer.
If all you want is to automate the task, is having the program act as a citrix client necessary?
I assume you don't have install privileges inside your citrix session, so are unable to install one of the many automation tools available (such as http://docs.seleniumhq.org/)?
Given the above...
If you have/allow java on your local machine, have a look at http://www.sikuli.org/
The main difference between this and other automation tools I've come across is that Sikuli uses the image on screen to navigate the gui, rather than grabbing calls to the widgets (which wont work in a citrix session).
So, assuming you can take a screenshot of your citrix session, it could be useful to you.

ClickOnce Set Up and other Questions vb.NET

I am attempting to write a small, lightweight client, using vb.net winforms, that can install without needing elevated privileges. Before I ask my questions, let me give you a bit of an idea of what it is supposed to do.
The app will start when Windows loads, set like this from the install, with a system/notification tray icon that can be clicked on to load up specific functionality. The application install from a website, or possibly a file share, haven't quite decided yet. This client will initially request user credentials for one of our web programs, and it will talk to an already built web service to determine what functionalities of our services they have licensed access to. After this, credentials will be encrypted and saved to the users pc locally. Every five minutes, the client will pass the credentials to the websites they have access to and check to see the status of jobs that are being processed, and download available reports if needed.
So, here is what I am trying to understand. If I configure this app as a ClickOnce application, once it installs from the url or shared drive, the user will not need to do anything else, correct? Or do they have to visit that url every time they boot up to reinstall/run the client?
Another thing, I wanted to get some opinions on the best ways to do some of the things this app will be doing. I have a good idea of where I am going with it, but I have no idea of which solution to go with yet.
For instance, what is the best way to store user passed credentials on their system for a "remember me"?
Also, is the best way to have the client install with automatically starting on windows startup to configure it to create a shortcut of itself in the windows startup folder?
I am trying to keep this as lightweight as possible, and using a very small GUI, so it shouldn't be too intrusive, so any ideas on how to ensure that, while keeping it from needing admin privs to install, will also help.
If I configure this app as a ClickOnce application, once it installs
from the url or shared drive, the user will not need to do anything
else, correct? Or do they have to visit that url every time they boot
up to reinstall/run the client?
Well if they need to reinstall it, they would have to download the setup.exe file again, but why would users need to do that? CilckOnce supports automatic updates. Visiting url is certainly not needed for running the program.
what is the best way to store user passed credentials on their system
for a "remember me"?
Probably storing them as application settings. Haven't used visual studio 2012, but in visual studio 2010 you have to right-click on project in solutions explorer, go to project propeties and then create variables in Settings tab. Then you can access those variables in code using My.Settings.variableName. Not sure about security though, if you need any.
As for privileges, I think you just need a privilege to install a program. Maybe you should publish a primitive clickOnce application and experiment with it and that will answer all your other questions about clickOnce.

Login logistics

I'm writing a suite of applications that all require login to a server. It's come together quite nicely, but I've run into a logistic snag. The nature of the applications require that they be closed and launched again later with some frequency. It is very annoying to have to login every time one of the applications needs to launch.
I'm trying to think of a secure way of perhaps having the login information stored on the local user's machine. Is there a good way to even go about that? Permissions protected config files? The registry? How does Firefox store its passwords? Have you ever had to do something like this?
The suite is more of a protocol than anything, all the applications are written in a variety of languages (Python, C#, Java, etc) and run on a variety of operating systems (Windows, Linux, OSX, etc). I'm not really looking for code examples, but more just general approaches to this problem. Is it wise to have locally stored passwords? How can you have a session login for a suite with such disparate components? Right now I use application.rc config files stored locally to each application, but they are plain text and far from secure.
I'm going with Jeff on this one and assuming that since you mention the registry, you're referring to Windows. I'm also going to assume that you're talking about a desktop application (otherwise you could just use the builtin browser cookies to store the user's session).
Off the top of my head, I'd engineer the application so that when the user logs in to the server, the server returns a unique session id that identifies the authenticated user. I would then store than id along with an salted/encryped timestamp (which gives you the option of expiring the cached credentials).
The storage mechanism is up to you. You could store them in the HKEY_LOCAL_USERS section of the windows registry, or the Application Data folder in Windows. Both give you the option of user segmented storage.
Typically, this sort of thing is done by use of a "cookie"; a key which (securely) indicates that the user has successfully previously logged in to the server resource. This is how most web sites manage login information, and Firefox (all browsers, really) store the cookies that the browsers set on the user login. A few important things about cookies: they should be encrypted, to assure that malicious programs cannot generate one and thereby bypass the login process, they should match to server-kept resources (same reason), and they should age out, so that while you can maintain login information on a site for a while, your login information is not permanent (which is another security hole).
Personally I would use an encrypted local config file with some sort of an ID value of the machine (motherboard ID, Chip ID, HD ID etc) as part of the encryption key so that the config file cant be just copied from one machine to another. I would also include the date and time so you can expire it when you decide it gets stale.
Alternatively, you can create a host exe or launcher that does the log in and then goes to sleep and wake it up each time you want to launch a new application. The host exe would take the application as a parameter and decide whether or not to ask for login credentials (usually when the first app is started and then keep the login user and an encrypted password in memory. When the host exe has exited the login info is forgotten and when you start up again the cycle starts over.)
Tomcat 6 supports persistence/replication of sessions, so you should care about choosing the manager and configure it ;-)
More info: http://tomcat.apache.org/tomcat-6.0-doc/config/manager.html