I have server A making a request to server B. I've tried both php's file_get_contents and curl; both refuse the connection. I'm trying to connect to a tomcat application on server B.
The connection does work if I make a request to google.com, or to another application on server B that is not in the Tomcat application.
This leads me to believe there's something specific to my tomcat installation that is rejecting the request from server A. Thoughts? Any more info I can provide to help with the problem?
Is there a way to whitelist my server A in tomcat so the connection is accepted? Or as a last resort how would I accept all requests?
Edit: I also wanted to add that the connection to server B works just fine when I'm connecting from my local development machine.
Your test from server A to google.com or other apps on server B probably use port 80. Many firewalls don't allow traffic on strange ports like 8089.
If you can't change the firewall rule to allow access to serverB:8089, I think the right way to do it is to proxy the request through the server B web server. So server A would request "serverB:80/yourproxyurl" and the web server on server B would talk to the tomcat server on localhost, and output the response.
This is what Tomcat Connectors are for, as I understand it.
Related
Currently I'm working on a project is about chat system between client and agent by using socket.js and PHP.
Recently, received confirmation from client is client server will have load balancer to balance to different server.
Like picture below.
I'm found out an issue from this setup.
Agent A is connected to Server B, but Client A is connected to Server A, so Client A can't communicate with Agent A.
How can I solve this problem by using programming way?
PS:
Client is not allow me to edit any server config file or settings.
Client server is linux server.
Thanks for help :)
we have a similar problem. Right now we have a solution, but it is most likely not the best. When we start our 2 socket servers on 2 different servers, then each server also creates a socketconnection to the other socket server. So each socket server is also a client of the other socket server. When Socket Server A receives a communication it sends it to all connected users AND it also broadcasts it to Socket Server B, and that one sends it then to all connected users again.
Another solution is a Publish/Subscribe broker, like you can find in that link here https://hackernoon.com/scaling-websockets-9a31497af051.
Hope that helps somehow.
I have hosted website and api on apache server on linux machine. I am trying to access the api through node js (using request module)which is on the same network. From outside that network, the api is accessible and working fine. I have many apis on the machine and only few are throwing this error. Recent change which was made to server is changing the cookie domain from foo.bar.com to *.bar.com in php.ini file. The website is working good. There is not much load on the server too. Any help appreciated.
A "connection refused" error means a TCP connection can't be established, so the cookie domain change should not have an effect here.
Are you sure it's a Node.js "connection refused" error, and not, say, the API itself being able to connect somewhere else? Can you give us the exact error message, with any traceback, etc., context?
You say there are many APIs (assuming API servers) on the machine and only some fail (assuming you tested this from the machine that is having problems connecting to the API server machine).
Are the working servers on different ports compared to the non-working ones?
Do those servers work from within the network? You say they're working fine outside of it. (It's possible that your local network has a firewall policy that prohibits this local connection.)
Can you double-check that the non-working servers are actually running? (An easy way to establish this would be running ss -ltpn; it should give you a list of listening TCP ports and their associated processes.)
We are developing a webapp on Laravel framework to be deployed on CentOS linux server. For updates pushable from server to the browser, we are using Latchet. We did the development on the Windows machine, and on there our webapp side (HTML/JS on browser) is able to make connections to the websocket server (Latchet), and hence successfully getting the server push notifications. The problem is that, when we do the actual deployment on our staging server on CentOS, the webapp side is not being able to make the websocket connection with the Latchet server.
We have checked all the dependencies, firewall, and network settings. We also telnet to the exposed websocket IP and port, and it connects with no issue. My suspicion is in the some configuration we are missing rite now.
it turn out the issue was only due to port blocking by the local firewall. Thus as soon as I stopped the iptables and ip6tables services, my issue immediately resolved.
I am planning to implement or use a .NET solution for WebSocket Server for an industrial web HMI app I am creating, my web HMI app is hosted by Apache web server with PHP.
So is it possible that the webpage, hosted by Apache server (on port 81), to connect and open WebSockets to a Web Socket Server running (on its own on .NET platform) on a different port (say 82)?
My current way is that I am doing an AJAX polling using setInterval and at Apache server, cURL + PHP transfers the requests to a realtime data WCF service.
I actually want to have this WebSocket server talk to this realtime data WCF service, and have the browsers update on WebSockets.
.NET WebSocket server is not a requirement, if it's possible for a WebSocket server to be hosted in parallel to apache web server. If there is an Apache+PHP solution for a web socket server that can be hosted on same port or other port, I am okay.
In general, your life will be a lot easier down the road if your HTTP server and your WebSocket server use the same ports. You eliminate configuration hurdles, as well as firewall challenges (whereas either your HTTP server or your WebSocket server (or neither one of them) are using the standard port or ports: 80/443).
If the origin of your HTML page and your WebSocket server are different, you'll have to configure your system for cross-origin.
The origins are considered different, even if only the ports are different. See more details on the same origin policy.
As for the cross-origin configuration, you'll have to declare the following on your WebSocket server: go ahead and do serve requests coming from HTML pages that were loaded from my HTTP server (which has a different origin, that is different port in your case, than that of the WebSocket server).
So I need to connect to a mssql server via Windows Authentication from a Unix server. Here are the obstacles:
The db admin created a service account but made it Windows-Auth only, meaning I can't pass the username and password directly to the server to connect.
The admin also added my host's server to the firewall so that it would only accept requests from my host machine.
My host server has mssql enabled via freetds/sybase-dblib, but has the default 'secure-connections: Off' still set.
I have a similar set up on my personal machine, but with secure-connections on, but I can't connect that way since I'm firewalled.
So I'm wondering if it's possible to set up a proxy of sorts on my host so that I can start the connection on my personal machine using my local freeTDS library, but have the request pass to the host which would (in my dream world) not require secure connections to be on but simply would pass the request along so that it came from my non-firewalled host but using the correct authentication method.
If anyone is not familiar with how Windows-Authentication works, it's a type of Kerberos authentication where the client machine makes the request to the remote server so that credentials are never actually sent (and thus can't be compromised by a man-in-the-middle). So I'm very doubtful that this can be done, since at some level my host machine has to do the actual work. But i thought I'd ask since I'm not totally clear on the deeper mechanics and because I really want to get this to happen.
I guess another way of looking at it is I want to use my host as a kind of VPN.
Also, I am working with my host admins to find a more long-term solution but I need to see the database as soon as possible so I can have something working when the problem gets fixed.
Why don't you try SSH port forwarding? Ie. you connect to your host server, and tell it to forward a local port to the sql server. Then you connect on your local machine using localhost:port and your connection will be tunneled over ssh through your host server.
If your local machine is a Windows machine then just download PuTTY and follow these instructions to set up port forwarding : http://www.cs.uu.nl/technical/services/ssh/putty/puttyfw.html.
The question is of course whether your Windows credentials will be passed, but in theory this should work :p.