Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Public SOAP API access

kevinh95689533
Level 2
Level 2
‎24-09-2019 11:37 PDT

I have defined a SOAP method on a custom data schema.  The system that will be calling this service is hosted in a cloud infrastructure, not fixed IP address.

I created an operator for the service to authenticate with and linked it with the Public Security Zone as the authorized connection zone.  The logon request works fine and the session & security tokens are returned.   However, when I make the subsequent call to my custom SOAP method from the cloud infrastructure the response is an HTTP 403. What do I need to configure to allow requests for this operator from a variable IP infrastructure?

Views

4.5K

Replies

4

Total Likes

Translate
4 Replies
Jonathon_wodnicki
Community Advisor
Community Advisor
‎24-09-2019 14:44 PDT

Hi,

Are you able to use the service with any users?

Are there any firewalls between the server and the cloud?

Thanks,

-Jon

Views

4.4K

Replies

3

Total Likes

Translate
kevinh95689533
Level 2
Level 2
‎24-09-2019 15:10 PDT
In response to Jonathon_wodnicki

The service request works fine if it is made from an IP configured in the VPN security zone using the same operator.  e.g. From my machine all requests are fine.

Firewalls are not an issue ... the logon request works fine and I am getting a response from the application when it returns the HTTP 403.  I can see in the web logs on the campaign server this error: 

  1. 2019-09-24 18:00:17Server response:\nXTK-170019 Access denied.

  2. 2019-09-24 18:00:17XTK-170019 Access denied. (iRc=-69)

I can see in the log for the logon request just before that the IP is found in the public security zone.

  1. 2019-09-24 18:00:16xx.xxx.x.xxx found in public security zone

  2. 2019-09-24 18:00:16Finding client ip with xx.xxx.x.xxx in public security zone

Views

4.4K

Replies

2

Total Likes

Translate
Jonathon_wodnicki
Community Advisor
Community Advisor
‎25-09-2019 07:01 PDT
In response to kevinh95689533

Hi,

Are the securityZone's configured differently, i.e. does one have allowUserPassword="true" and the other not?

Thanks,

-Jon

Views

4.4K

Replies

1

Total Likes

Translate
kevinh95689533
Level 2
Level 2
‎30-09-2019 13:55 PDT
In response to Jonathon_wodnicki

They differ with these 3

allowDebug="true" 

allowHTTP="true"

sessionTokenOnly="true"

Since I am passing the session and security tokens over HTTPS, it should be accepted.

I did notice that the public security zone has a proxy configured with a localhost IP mask: proxy="127.0.0.1, ::1"
Does this mean that only request from the local server AC is on can make requests through the public zone?  If that is true, this is why my requests are being denied. 

Views

4.4K

Replies

0

Total Likes

Translate