Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Public SOAP API access

Avatar

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile
kevinh95689533
Level 2

24-09-2019

I have defined a SOAP method on a custom data schema.  The system that will be calling this service is hosted in a cloud infrastructure, not fixed IP address.

I created an operator for the service to authenticate with and linked it with the Public Security Zone as the authorized connection zone.  The logon request works fine and the session & security tokens are returned.   However, when I make the subsequent call to my custom SOAP method from the cloud infrastructure the response is an HTTP 403. What do I need to configure to allow requests for this operator from a variable IP infrastructure?

Replies

Avatar

Avatar
Establish
MVP
wodnicki
MVP

Likes

957 likes

Total Posts

1,079 posts

Correct Reply

506 solutions
Top badges earned
Establish
Affirm 500
Contributor
Shape 1
Give Back 100
View profile

Avatar
Establish
MVP
wodnicki
MVP

Likes

957 likes

Total Posts

1,079 posts

Correct Reply

506 solutions
Top badges earned
Establish
Affirm 500
Contributor
Shape 1
Give Back 100
View profile
wodnicki
MVP

24-09-2019

Hi,

Are you able to use the service with any users?

Are there any firewalls between the server and the cloud?

Thanks,

-Jon

Avatar

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile
kevinh95689533
Level 2

24-09-2019

The service request works fine if it is made from an IP configured in the VPN security zone using the same operator.  e.g. From my machine all requests are fine.

Firewalls are not an issue ... the logon request works fine and I am getting a response from the application when it returns the HTTP 403.  I can see in the web logs on the campaign server this error: 

  1. 2019-09-24 18:00:17Server response:\nXTK-170019 Access denied.

  2. 2019-09-24 18:00:17XTK-170019 Access denied. (iRc=-69)

I can see in the log for the logon request just before that the IP is found in the public security zone.

  1. 2019-09-24 18:00:16xx.xxx.x.xxx found in public security zone

  2. 2019-09-24 18:00:16Finding client ip with xx.xxx.x.xxx in public security zone

Avatar

Avatar
Establish
MVP
wodnicki
MVP

Likes

957 likes

Total Posts

1,079 posts

Correct Reply

506 solutions
Top badges earned
Establish
Affirm 500
Contributor
Shape 1
Give Back 100
View profile

Avatar
Establish
MVP
wodnicki
MVP

Likes

957 likes

Total Posts

1,079 posts

Correct Reply

506 solutions
Top badges earned
Establish
Affirm 500
Contributor
Shape 1
Give Back 100
View profile
wodnicki
MVP

25-09-2019

Hi,

Are the securityZone's configured differently, i.e. does one have allowUserPassword="true" and the other not?

Thanks,

-Jon

Avatar

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile

Avatar
Give Back
Level 2
kevinh95689533
Level 2

Likes

5 likes

Total Posts

10 posts

Correct Reply

0 solutions
Top badges earned
Give Back
Ignite 1
Validate 1
Boost 5
Boost 3
View profile
kevinh95689533
Level 2

30-09-2019

They differ with these 3

allowDebug="true" 

allowHTTP="true"

sessionTokenOnly="true"

Since I am passing the session and security tokens over HTTPS, it should be accepted.

I did notice that the public security zone has a proxy configured with a localhost IP mask: proxy="127.0.0.1, ::1"
Does this mean that only request from the local server AC is on can make requests through the public zone?  If that is true, this is why my requests are being denied.