CFHTTP firewall issue? How are CFHTTP requests made? - coldfusion

CFHTTP on my new CF 9 server is failing. I get back "408 Request Time-out" when attempting to connect to the test page on the server via its internal or external IP. I am not using SSL and using the standard port 80.
My old CF 9 server can connect to itself fine but it also fails if attempting to connect to the new server.
If I RDP into the server, I am able to pull up the same test page via a web browser or via telnet to that ip port 80.
I suspect that this is a firewall issue. I'd like to know how CF makes an HTTP request under the hood before I talk to the hosting team. What service is making the call? What port is it running under, etc.

You don't say what operating system you are running under, but if it is Windows, I'd take a look at the Windows Firewall settings on your new machine, and disable the firewall. That will allow you to check if indeed it is the Firewall in the way.
If that works you can then try and add a firewall exception for the application, i.e. JRun.
Hope that helps.

Related

Port blocked creating web app on AWS

I'm trying to create a web app on AWS and I'm running into port issues. I would like to have multiple apps providing different services on different ports. I've created a website (on the same instance) to receive a text query and pass it to my app on port 3000. The app listening on 3000 is written in CherryPy.
We are using a VPN to provide security for the AWS instance. When logged into the VPN, everything works fine. The web page loads, the query returns the correct data. When I disconnect from the VPN, or someone else goes to the page, the page still loads, but queries to the service time out.
I've used netstat to make sure the service is listening but I'm not sure what could be blocking traffic. I've worked through the CORS issues as evident by the fact it works when I'm signed into the VPN.
What can I check now?
When I disconnect from the VPN, or someone else goes to the page, the page still loads, but queries to the service time out.
My assumption is that the web server and the app are on the same server.
It sounds very much like the connection from web server to app is happening via a routed IP address rather than localhost. In addition to being slower, it's also hitting your firewall rules.
Configure the web server to access your app on localhost:3000 and the issue should clear up.
I actually got it working. I have an AWS instance with nginix and CherryPy. When the user goes to a web address, the nginix page loads with a form for a query string. When they submit a string, the string is POSTed to a CherryPy service running on port 3000. The CherryPy service does some computations and returns a result via JSON.
I thought I had opened up everything completely for testing, but I was having so many issues. It turned out that having CherryPy set
"Access-Control-Allow-Origin" = "*"
wasn't working, instead I needed to specifically set the origin of the calling page.

Consume web services via LAN

I have web services running on my machine on a local network. Instead of connecting to them via localhost, I'd like to be able to connect to them via local IP - in this case 192.168.1.5. Once I can do this, I'll know other devices on the network can consume these web services too (in particular, my android phone).
In my project setup in Visual Studio 2013 (I am using IIS Express), if I set the project url to be http://testdomain.com:52252 and set the line in my hosts file for 192.168.1.5 testdomain.com, then connecting to testdomain.com:52252/testservices.asmx works just fine. However when I change the project url to http://192.168.1.5:52252/ and connect straight to 192.168.1.5:52252/testservices.asmx it returns Bad Request - Invalid Hostname. HTTP Error 400. The request hostname is invalid.
What is an effective way of testing web services on a local network? I need to develop and test web services and test them from an android device, but I am disallowed from developing/testing them on a live server at the moment. Are there any solutions to this?
I have looked for solutions online but have been unable to find any. I find it hard to believe there is not a common solution to this issue - surely people must have a way to test web services without hosting a server or connecting via localhost?.
I really see there being two routes to take
1) Route each domain to a vlan with it's own ip
Virtual LAN - https://en.wikipedia.org/wiki/Virtual_LAN
Configure VLANs in a Microsoft Windows Environment - http://docs.oracle.com/cd/E19407-01/820-7898-11/z40001c91004554.html
2) Create x number of virtual machines and simulate traffic
I've got it - I had heard others needing to turn off their firewall in order to get this to work. Personally I was using McAfee to manage my windows firewall - so I'd turned McAfee firewall off assuming that was enough - but I was wrong. Despite turning the firewall off, I still had to go into the advanced windows firewall settings and add an inbound rule to allow all incoming connections over the specified port. It then worked - I could call web services from other devices on the network!
The key is to edit the IIS Express file called applicationhost.config. Add a binding just like localhost, but with your IP address. Note that you have a binding configuration for each VS2012 project so put it in the one you are using.
Then right click IIS Express in the sytem tray and exit. Exit VS, then open it using Run As Administrator. That should do it.
<bindings>
<binding protocol="http" bindingInformation="*:24486:localhost" />
<binding protocol="http" bindingInformation="*:24486:192.168.4.104" />
</bindings>

publish jax-ws service on public ip

I've a simple jax-ws web service that on localhost works fine with the clients, but now I want to publish the web service on a public ip, so the clients can interact with it through wan network instead lan network.
I signed to no-ip dns service provider and defined my host like "myname.no-ip.info".
In my code i start the service in this way:
Endpoint.publish("http://localhost:8080/baseStationProvider", new BaseStationProvider());
and the browser at http://myname.no-ip.info:8080/baseStationProvider#wsdl doesn't show the wsdl.
If i start the service in this way:
Endpoint.publish("http://myname.no-ip.info/baseStationProvider", new BaseStationProvider());
compiling the code, it raise this exception:
Server Runtime Error: java.net.SocketException: Unresolved address
Any idea to problem and/or how to do what i need?
thanks in advance
This seems likely to do with routing and firewalls as opposed to web service publication etc. Ignoring the web-service aspect, can you even reach your server when you use this in your browser:
http://myname.no-ip.info:8080/
?
Which should look the same as
http://localhost:8080/
If not, then it is probably DNS/Routing/Firewalls that you need to check. Diagnostics that will help there are:
1) can the machine you are testing on resolve the DNS name mynam.no-ip.info? nslookup, ping, traceroute/tracert
2) is there a firewall blocking port 8080 from reaching local host? If the route from the internet to your host hits a firewall (which it will) that firewall will have to forward the request.
Good luck.

WebService timeout

I have a problem with deploying my web service in our Web server. In my
development machine (inside of our LAN), everything works fine. When I move
the application into our Web server (public addressed), I always get the
timeout exception. while i connecting the web service through my web browser it works fine with no issues, but through application am getting the timeout error. My app connects to our database server (inside of our LAN) to get statistical data in form of datasets. can i know the issue about this point.
That is most likely a firewall/port forwarding issue.
Did I understand you correctly: Your client application connects to the database server directly?
You should check which port you are using to connect to the database server.
Then check if the web server has an active firewall and if so, configure it properly to accept connections on that port.
You can always easily check if a port is open and reachable by using telnet:
On the command line type telnet MY_IP MY_PORT.
If a connection can be established the port is open.

Testing a remote web service with soapUI

I have a Javax web service deployed in a remote Linux machine within a JBoss ESB container. I am able to test the web service using soapUI on the same machine as where the service is deployed. The WDSL URI I used was something like http://127.0.0.1:8080/abcd/abcd?wsdl.
What I would like to do is to be able to test the same service from another machine using soapUI. I tried replacing 127.0.0.1 with the IP address of the machine where the service is deployed. This does not seem to work. Can someone tell me what I am missing here?
Thanks.
a sum of things could go wrong there - as already mentioned by the others the firewall is blocking access for the given (address, port) pair. Another thing that happened to me was that the WSDL was generated using the name of the machine it was deployed on and whenever I was trying to call the service from a different machine it was complaining that I cannot find the given machine.
You need to test network connectively. One tool you can use is plain old telnet. If you telnet to the ip/port combo of the web server, you will get a response (an HTTP error). For example:
$ telnet 192.168.0.10 8080
If you get nothing then there is almost certainly a firewall blocking access.
If you are convinced that no firewall is blocking you, the other possibility is that the web server is only bound to the local network adapter (127.0.0.1) and not the other network adapters (ethernet/wifi). This is very unlikely however.