first of all, I am not very familiar with Tibco, please keep that in mind ;).
I have a task to write an application which reads/writes to a jms queue (not a big deal). The problem is, the customer uses Tibco & allowed me to connect to their server to run some tests. Unfortunatly, I am only allowed to connect via natted IPs & as soon as I try to connect to a QueueConnectionFactory, I receive an error because Tibco itself tries to connect to the "private" IP.
The interesting thing is, receiving the Queue, QueueConnectionFactory,... objects from the context works fine - but when I do a toString() I see that the cf received has configured the 'private' IP.
Example: I set this url as provider url -> tibjmsnaming://213.133.111.182:7222
Receiving the QueueConnectionFactory object works fine, doing a to string returns "QueueConnectionFactory[URL=tcp://145.12.51.4:7222;clientID=null]"
So as soon as I call "createQueueConnectionFactory()" I receive this exception:
javax.jms.JMSException: Failed to connect to the server at tcp://145.12.51.4:7222
Is there a way to override this behavior & tell the Tibco server to use the configured provider url instead?
I know this is ancient, but if you - like me - come from Google, here's the correct answer:
the URL above uses JNDI to look up the actual connection; the connector does not directly connect to the NATted IP, but connects to the NATted IP (213.133.111.182) to look for the "real" IP (145.12.51.4), which doesn't work due to the NATting.
Solution: either change the registered IP in the JNDI store or connect directly, circumventing JNDI.
1) Check from the client machine, if you are able to ping the EMS server IP
2) Check if you can connect to EMS IP:Port via Telnet
3) If both succeed then your EMS client should connect to EMS Server, if still it is not connecting, then you 4) must review the EMS DLL is proper is at least able to connect when u run the EMS client and server from the same machine. 5) if point 4 is successful then you must review the client firewall and server firewall policies with your network admin.
-hB
The only way you're going to be able to directly send ad hoc messages to a private port is if the firewall / router that is doing the NAT is configured to pass through messages on that port to the correct destination. Otherwise they'll go nowhere.
I think you would have to investigate if JMS or Tibco has a mode that allows a client to maintain a connection to the server or poll the server for messages because it will not be able to receive ad hoc messages in the other direction.
In extreme cases (e.g. corporate firewalls & proxies where all ports are offlimits) the client might not even be able to connect to your server on some random port. It might have to open a connection via an HTTP/1.1 pipeline to receive any messages from your server.
Related
I need to verify the communication between my PC and a server. The verification would be done like this:
I would ping a server port to know if the firewall allows me to communicate with it, but this port has a service running over it, so, I don't want to use it, I just want to verify the communication with the server using that port.
Ping does not allow you to specify a port, it only tells you if the server is responding or not, to check if a port allows communication, you can establish a TCP connection and close it after it succeed.
You can't specify a port number for a ping command, ping uses ICMP protocol (IP protocol number 1) which does not have a concept of ports to start with. Moreover, pinging you server will not tell you if the service in question is available or not.
For instance, a firewall between you and the sever can block any TCP connection yet allow pinging (you'll get false positive in this case) or vice versa (you'll get false negative in this case).
That's why many application protocols implement some king of "check health command" which you can use to check if the service (rather than a server) is available or not.
I suggest you try to connect to the service and if connection fails then you can safely assume your service is not available.
it's been a 2 days i find "jSocks" library.
i tried so may to findout how i can code with this library.
i must say that documentation is very poor.
i don't want you to code for me, i just want a simple workflow.
here is my scenario:
1) i want to write 2 app, one for client and one for server.(it's simple client server proxy)
2) client app will listen to specific port on localhost (127.0.0.1) for incoming connection (for example browser request).
3) client app accept incoming connection from browser and create a socks socket between her and browser for send and recieve data.
4) client app create a socks socket between her and server app (server app hosted on web and listening to a port for incoming connection).
5) server app accept incoming connection and create a socks socket for Communicate.
6) server app recieve data ( may be browser request ), process it and connect to a remote web site(on internet).
7) server app recive data from web and send it to client app.
8) client app send the recived data to browser.
i create this app with java standard "Socket" & "ServerSocket" for http request without problem, now i want to write this program with socks socket for all request.
i tried every thing with jsocks without any success.
i need a workflow on how to work with jsocks for creating this app.
tnx.
#BGR
acording to your mentioned file (SOCKS.java) the simple line like below must work :
ServerAuthenticator auth = new ServerAuthenticatorNone();
ProxyServer pServer = new ProxyServer(auth);
pServer.setLog(System.out);
pServer.start(50352);
when i execute this, the log is : Starting SOCKS Proxy on:0.0.0.0:50352 (if i pass 127.0.0.1 as address to start() method, log is "Starting SOCKS Proxy on:127.0.0.1:50352 but the result is the same)
but when i redirect my browser request to this port nothing happens.
acually i'am not sure how the start(port) method works, because it's void.
when i use ServerSocket, accept() method it return me a Socket for communication.
but when i use start(port) nothing will return
I am not sure I full understand your request (a socks server is meant for proxying; it is constantly listening on a single port and forwards requests) but looking at this java file it seems reasonable easy to create a Socks proxy server using jsocks.
Once you proxy server is running, you create a java socket on your client using this constructor where you specify the location of your socks proxy server. You then connect to your remote server SocketAddress and
... that should be it.
You seem to have lot of redirections going on. Maybe you should chart a diagram of your flows and see where you need a Socks proxy server and why.
So i wrote a program to connect to a Clustered WebLogic server behind a VIP with 4 servers and 4 queues that are all connected( i think they call them distributed...) When i run the program from my local machine and just get JMS Connections, look for messages and disconnect, it works great. and by that i mean it:
iteration #1
connects to server 1.
look for a message
disconnects
iteration #2
connects to server 2.
look for a message
disconnects
and so on.
When i run it on the server though, the application picks a server and stick to it. It will never pick a new server, so the queues on the other servers don't ever get worked. like with a "sticky session" setup... My OS is Win7, and the Server os is Win2008r2 JDK is identical for both machines.. How is this configured client side? The server implementation uses "Apache Procrun" to run it as a service. but i haven't seen too many issues with that part...
is there a session cookie getting written out somewhere?
any ideas?
Thanks!
Try disabling 'Server Affinity' on the JMS Connection factory. If you are using the Default Connection Factory, define your own an disable Server Affinity.
EDIT:
Server Affinity is a Server-side setting, but it controls how messages are routed to consumers after a WebLogic JMS Server receives the message. The other option is to use round-robin DNS and send to only one hostname that resolves to a different IP(Managed Server) such that each connection goes to a different server.
I'm pretty sure this is the setting you're looking for :)
I have something like a proxy server (written in java) running between my clients and the actual video server (made in c++). Everything the clients send goes through this proxy and is then redirected to the server.
It is working fine, but I have some issues and think it would be better if I could make this proxy server only to listen to the clients requests and then somehow tell the server that a request has been made from the client side, and that it is supposed to create a connection with the client directly.
Basically in the TCP level what I want to happen is something like this:
1- whenever a client sends a SYN to my proxy, the proxy just sends a message to the real server telling the ip and port of the client.
2- The server would then send the corresponding SYN-ACK to the specified client creating a direct connection between client and server.
The proxy would then be just relaying the initial requests (but not the later data transfer) to the actual server. I just don't know if that is possible.
Thank you very much
Nelson R. Perez
That's very much the way some games (and Fog Creek CoPilot) do it, but it requires support on both the server and the client. Basically the proxy has to say to the client and server "try communicating with the directly on this ip and this port" and if they can't get through (because one or both is behind a NAT or firewall), they fall back to going through the proxy.
I found this good description of "peer to peer tcp hole punching" at http://www.brynosaurus.com/pub/net/p2pnat/
Does the proxy and server lives on the same machine? If so, you can pass the connection to the server using Socket Transfer or File Descriptor Passing. You can find examples in C here,
http://www.wsinnovations.com/softeng/articles/uds.html
If they are on the different machines, there is no way to pass connection to the server. However, it's possible to proxy the IP packets to server using VIP (Virtual IP). This is below socket so you have to use Link layer interface, like DLPI.
You don't have control of TCP handshake in userland like that. This is what firewalls/routers do but it all happens in the kernel. Take a look at the firewalling software for your platform - you might not even have to code anything.
I created a small chat program, that works flawlessly when client & server are run on the same computer (and probably network, too).
However, as soon as I try to connect to another computer over the internet, the socket connection simply times out.
Is this because of firewalls / routers, etc?
And how can I connect a ServerSocket & Socket over the internet?
However, as soon as I try to connect to another computer over the internet, the socket connection simply times out. Is this because of firewalls / routers, etc?
Yes, most likely. You're running into the NAT problem: essentially, the same externally visible IP address maps to many internally visible endpoints, and external endpoint doesn't know which internal endpoint to give your socket request to.
The easiest way around this is to have both your clients connect to a third party which both of them can see, and then have the third party mediate the communication. This is how most instant-messaging protocols work, for example.
If you have no way to control a third-party entity like that, an alternative to directly connect two clients is to have both clients open up an agreed-upon port, and then map communications on that port to their own internal endpoint. This provides the missing link that the externally visible endpoint (e.g. your home router) needs to deliver the communication to its intended destination.
If your server is behind a NAT router box (and most home computers are, especially if you use WiFi), then it won't be reachable from the outside unless you set up your router to port forward to that server.
What's the IP of your server computer? If it's 192.168.x.x or 10.x.x.x, then it's a non-routable address and can't be reached from outside.
Assuming with running on the same computer you mean that you tell the client the server is at 127.0.0.1 / localhost, it shouldn't be a problem in your code but because of firewalls or routers. If your server is behind a router performing masquerading (i.e., the server doesn't have a public but private IP address like 192.168.x.y for instance), you have to configure the router to pass a connection from the internet to the computer running the server.
Another reason why it doesn't work might be the way you bind your server to the interface. If you specify 127.0.0.1 there, the server will only listen for requests coming from the same system. If you don't specify an address, it will listen on all interfaces.
Edit Your comment indicates that you indeed have the NAT problem like others said. Configuring your router accordingly is probably the easiest solution.
First, test to see if it really works on a LAN; it sounds like you're just assuming it does.
If it works on your local network, perhaps it's failing because the server lacks a public IP, and is running behind a NAT'ing router.