Recent Microsoft patch has broken our Java client connectivity to OPC server. Microsoft raised Authentication level to Packet Integrity. we are using Utgard java OPC library to connect to OPC server which internally uses Jinterop java based COM library. with the patch Our client is not able to add subscription groups to listen to the data changes on the OPC server. We couldn't find where in the library the authentication level is configured. if we can configure it ti DEFAULT the issue will be resolved.
Please let me know if you have any pointers on this.
JISession session = JISession.createSession(ipAddress,userName,pasword);
JIComServer comServer = new JIComServer(JIClassId.valueOf(classId), address, session);
IJIComObject instance = comServer.createInstance();
IJIComObject opcServer = new OPCServer(instance);
//after we will create access base groups and add them to the server, during attaching handler it is failing.
ERROR
*JIException: The RPC server is unavailable. Please check if the COM server is up and running and that route to the COM Server is accessible (A simple "Ping" to the Server machine would do). Also please confirm if the Windows Firewall is not blocking DCOM access. [0x800706BA]
at org.jinterop.dcom.core.JIComServer.call(JIComServer.java:1004) at org.jinterop.dcom.core.JIComServer.call(JIComServer.java:951) at org.jinterop.dcom.core.JIComObjectImpl.call(JIComObjectImpl.java:293) at org.jinterop.dcom.core.JIComObjectImpl.call(JIComObjectImpl.java:159) at org.jinterop.dcom.core.JIFrameworkHelper.attachEventHandler(JIFrameworkHelper.java:285) at org.openscada.opc.dcom.da.impl.OPCGroupStateMgt.attach(OPCGroupStateMgt.java:179)
*
Related
UPDATE
There are some News on that, see here: https://blogs.msdn.microsoft.com/eventhubs/2018/09/21/azure-event-hubs-websockets-and-proxy-support/
====
Azure's EventProcessorHost can be used to register and EventProcessor against an EventHub:
EventProcessorHost host = new EventProcessorHost(
EventProcessorHost.createHostName(null),
connectionStringBuilder.getEventHubName(),
"$Default",
ConnectionStringBuilder.toString(),
this.storageConnectionString,
this.storageContainerName
);
host.registerEventProcessor(MyEventProcessor.class, options).get();
One can add a proxy beforehand:
OperationContext.setDefaultProxy(
new Proxy(Proxy.Type.HTTP, new InetSocketAddress("proxy.url.com", 1234))
);
Question: How to provide an authentication (username/password) to this proxy?
TLDR: EventProcessorHost java library doesn't support proxy yet. This is a feature under construction.
Event Hubs Java Client sdk currently uses AMQPs protocol over TCP (on socket 5671, standard port assigned by IANA) to communicate to Event Hubs Service. We just built, support for Websockets transport; here' the PR. Building a snapshot version on dev branch and adding parameter TransportType=AmqpWebSockets in the ConnectionString should enable the client to talk to the EventHubs service over port 443.
We are building support for proxy using basic auth - by end of September. follow this for updates.
I am not sure whether this question is Mina-related or more Azure-related but it has to do with the networking. I have also added Netty tag since Mina and Netty share many networking principles.
I hope to get an advice where to dig into.
I have used certain Mina application quite long in local network, now I am trying to migrate it into the cloud. I deploy Linux virtual machines in Azure (each has public IP but does this really matter?).
They connect (using Mina) to a machine outside Azure that also has its
own public IP. Usual thing:
SocketConnector connector = new NioSocketConnector(numberOfConnectors);
ConnectFuture connectFuture = connector.connect(new
InetSocketAddress(remoteHost, remotePort));
connectFuture.awaitUninterruptibly(connectTimeout);
That Mina machine outside the Azure also runs Mina. Let's call it
server machine.
It accepts connections like this:
NioSocketAcceptor acceptor = new NioSocketAcceptor(acceptor_threads);
org.apache.mina.core.buffer.IoBuffer.setUseDirectBuffer(false);
acceptor.getSessionConfig().setTcpNoDelay(true);
acceptor.setReuseAddress(true);
acceptor.getSessionConfig().setSendBufferSize(buffer_size);
acceptor.getSessionConfig().setMinReadBufferSize(64000);
acceptor.getSessionConfig().setReceiveBufferSize(buffer_size);
acceptor.getSessionConfig().setIdleTime(IdleStatus.BOTH_IDLE, iddle_time);
acceptor.getFilterChain().addLast("codec", new
ProtocolCodecFilter(CodecFactory.getInstance()));
acceptor.setDefaultLocalAddress(new InetSocketAddress(port));
When Azure applications connect to server machine, server saves
IoSession session
to asynchronously push messages back in future like this:
session.write(message);
This worked well inside a local network (without Azure), but in current
deployment server sends message
2017-01-17/15:45:19.823/GMT-00:00 [nioEventLoopGroup-3-3] [...] DEBUG
Sending message to /13.94.143.139:41790
and an Azure machine does not receive anything. Moreover, after a
while the following exception arises on server machine:
2017-01-17/16:01:11.419/GMT-00:00 [NioProcessor-4] [...] ERROR
Exception in IOHandlerConnection timed out
java.io.IOException: Connection timed out
at sun.nio.ch.FileDispatcherImpl.read0(Native Method)
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:39)
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223)
at sun.nio.ch.IOUtil.read(IOUtil.java:197)
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:380)
at org.apache.mina.transport.socket.nio.NioProcessor.read(NioProcessor.java:280)
at org.apache.mina.transport.socket.nio.NioProcessor.read(NioProcessor.java:44)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:695)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:668)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:657)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1141)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
2017-01-17/16:01:11.424/GMT-00:00 [NioProcessor-3] [...] DEBUG sessionClosed
I use Mina version 2.0.4 (yes, it is old but it works on local network for several years for now).
I setup Azure network with Java Azure SDK 1.0.0-beta3
Network.DefinitionStages.WithCreate creatableNetwork = azure.networks()
.define(networkName)
.withRegion(region)
.withExistingResourceGroup(resourceGroup)
.withAddressSpace("10.0.0.0/20");
And create virtual machines as
VirtualMachine.DefinitionStages.WithCreate creatableVirtualMachine =
azure.virtualMachines()
.define(String.format(...))
.withRegion(region)
.withExistingResourceGroup(resourceGroup)
.withNewPrimaryNetwork(creatableNetwork)
.withPrimaryPrivateIpAddressStatic(inetAddress.getHostAddress())
.withNewPrimaryPublicIpAddress(String.format("chr-vm-%04d", i)) .withPopularLinuxImage(KnownLinuxVirtualMachineImage.UBUNTU_SERVER_16_04_LTS)
.withRootUserName(linuxUserName)
.withPassword(linuxUserPassword)
.withSize(VirtualMachineSizeTypes.STANDARD_D2_V2)
.withNewStorageAccount(creatableStorageAccount);
I wonder what reasons may prevent traveling messages from server to
Azure client machines? Azure network configuration? Mina configuration? (the first messages from client machines to server machine do come after they connect)
I hope that above information may contain a clue.
I have solved my problem thanks to Peter Pan - MSFT noting about NSG - Network Security Group.
NSG controls in/out rules like a Windows Firewall. You should create NSG, add rules to it, and assign NSG to a particular entity:
There are at least two options to assign NSG:
to a network subnet
to a network interface
There is a tutorial 1 and Java code sample 2. In my case, a separate network interface is created for each VM (since each VM has public IP). So, I assigned one NSG to a single subnet.
Fisrt, create NSG:
NetworkSecurityGroup NSG = azure.networkSecurityGroups()
.define(networkSecurityGroup)
.withRegion(region)
.withExistingResourceGroup(resourceGroup)
.defineRule("Inbound")
.allowInbound()
.fromAnyAddress()
.fromAnyPort()
.toAnyAddress()
.toAnyPort()
.withAnyProtocol()
.withDescription("Incoming messsages")
.withPriority(100)
.attach()
.create();
Than modify the code to explicitly define a subnet and assign NSG to it ( subnet1 is automatically created without NSG if none defined explicitly)
Network.DefinitionStages.WithCreate creatableNetwork = azure.networks()
.define(networkName)
.withRegion(region)
.withExistingResourceGroup(resourceGroup)
.withAddressSpace("10.0.0.0/20")
.defineSubnet(subnetName)
.withAddressPrefix("10.0.0.0/20")
.withExistingNetworkSecurityGroup(NSG)
.attach();
So, the rest of the code remains the same as posted in the question above.
Helpful links:
Azure Portal Tutorial
Java Azure SDK NSG Example
I built a web-service application using Jdeveloper 11.1.1.7 and deployed on weblogic 10.3.6 on physical server let us call it back-end server.
I do not want to give client direct access to back-end server so I make use of Apache 2.2 to be in the middle of client and back-end server. Apache 2.2 is configured on different physical server let us call it middle server.
I defined application's context root (which deployed in back-end server) on middle server in Apache httpd.conf file.
I shared WSDL file location to client ( WSDL URL which referring to the middle server domain name). The external client can access the URL thorug browser where he/she can see the WSDL content
But when the client trying send requests to middle server URL it get rejected with the following error:
[error] [client -clinet public IP goes here-] ap_proxy: trying POST /[application context root goes
here] at backend host '[back-end server local IP]/[port goes here]; got exception 'CONNECTION_REFUSED
[os error=0, line 1602 of URL.cpp]: apr_socket_connect call failed with error=730061, host=[back-end
server local IP], port=[port goes here]'
This error from middle server Apache error log file. No logs from back-end server
What is done so far:
I check the if I can access the middle server as external user using the telnet command. telnet IP port. It is working and the middle server is listening.
I also checked for all ports. between external client and middle server, between middle server and back-end server also using telnet. All ports working.
In this answer : ssl - Apache 2 with Weblogic Plug-in Redirection, original location still requested to backend - Server Fault
they are suggestion to increase the Accept Backlog value from weblogic server tuning . I did that in back-end server but still the issue is not resolved.
Problem resolved
I need to enable (WebLogic Plug-In Enabled) option from weblogic server where the application is deployed
from Domain Structure (Left Panel in admin console) - > Environment - > Servers -> (select the server where you deploy your application on it) - > General tab (from server setting)-> Advance - > (tic the option) WebLogic Plug-In Enabled
Then restarted the server.
By this your are telling the server you will get indirect request through proxy server or load balancer for example
You can do this on many level like cluster or server based on your needs check this site for more information
Understanding the use of “WebLogic Plugin Enabled”
I want to write a java(SE) program to connect to a proxy server, lets say 123.123.123.123:8080. How am I going to achieve that? What is the protocol between my machine and the proxy server? What is the Java framework's class could be in use?
since java 1.5,you can use java.net.Proxy class to create proxy.
Proxy proxy=new Proxy(Proxy.Type.HTTP, new InetSocketAddress("123.123.123.123", 8080);
URL url = new URL("http://www.example.com");
HttpURLConnection uc = (HttpURLConnection)url.openConnection(proxy);
uc.connect();
reference
The definitive reference for network proxy configuration in Java 5 is this Java Networking and Proxies page.
Yes proxy server is a web server...
Whenever u send a request through your browser to get some resource in the particular web server(say www.google.com),the request is send to the proxy server instead to sending the request directly to the google server..the proxy server process this request,send them to the gooogle server,receives the response and then send the response back to the browser.
Proxy server is basically used to corporate fields to restrict the accesss to specific websites,to keep a track of the internet used by a particular associate,Also it saves some commoonly used webpages in a cache file,so that when another request comes,then instead of connecting to the required server,it get the webpage fron the cache file..Hence it saves the time.Also it scans the incoming data from any server for malware before submitting it to the client(browser).To check if ur company is using proxy server,u can go to the internet explorer setting ->Connections ->LAN Settings
There is a web service running on tomcat on a server. It is built on Java Servlet. It is listening others to call itself on a SSL enabled http port. so its web service adreess looks
like: https://172.29.12.12/axis/services/XYZClient?wsdl
On the other hand I want to connect the web service above from a windows application which is built on .NET frame work.
Finally, when I want to connect the web service from my computer; I get some specific erros;
Firstly I get; Proxy authentication error; then I added some new line to my code;
Dim cr As System.Net.NetworkCredential = New System.Net.NetworkCredential("xname", "xsurname", "xdomainname")
Dim myProxy As New WebProxy("http://mar.xxxyyy.com", True)
myProxy.Credentials = cr
Secondly, after this modifications It says that bad request.
I did not get over this error.
Moreover I did try to connect the web server on the same computer. I copied my executable program to the computer where the web service runs. The error was like;
The underlying connection was closed:
Could not establish trust relationship
for SSL/TLS secure channel
PS: When I try to connect to web service by using Internet Explorer; I see firstly some warnings about accepting an unknown certificate and I click take me to web service an I get there clearly.
I want to know what are the basic elements to connect a web service, could you please tell me the requirements that I have to use on my windows project.
regards bk
This page offers a simple step-by-step guide on building a web service client with C#.NET.
Step 5 on this page shows how to add a certificate to your trusted store and Step 6 is another way to build a very simple web service client in C#.NET.