I have defined a SOAP method on a custom data schema. The system that will be calling this service is hosted in a cloud infrastructure, not fixed IP address.
I created an operator for the service to authenticate with and linked it with the Public Security Zone as the authorized connection zone. The logon request works fine and the session & security tokens are returned. However, when I make the subsequent call to my custom SOAP method from the cloud infrastructure the response is an HTTP 403. What do I need to configure to allow requests for this operator from a variable IP infrastructure?
The service request works fine if it is made from an IP configured in the VPN security zone using the same operator. e.g. From my machine all requests are fine.
Firewalls are not an issue ... the logon request works fine and I am getting a response from the application when it returns the HTTP 403. I can see in the web logs on the campaign server this error:
|2019-09-24 18:00:17||Server response:\nXTK-170019 Access denied.|
|2019-09-24 18:00:17||XTK-170019 Access denied. (iRc=-69)|
I can see in the log for the logon request just before that the IP is found in the public security zone.
|2019-09-24 18:00:16||xx.xxx.x.xxx found in public security zone|
|2019-09-24 18:00:16||Finding client ip with xx.xxx.x.xxx in public security zone|
Are the securityZone's configured differently, i.e. does one have allowUserPassword="true" and the other not?
They differ with these 3
Since I am passing the session and security tokens over HTTPS, it should be accepted.
I did notice that the public security zone has a proxy configured with a localhost IP mask: proxy="127.0.0.1, ::1"
Does this mean that only request from the local server AC is on can make requests through the public zone? If that is true, this is why my requests are being denied.