JMS subscriptions through firewall on port 80
We need to access weblogic app server and JMS across firewall.
The firewall opens only port 80/HTTP. We also need support for
topics. In one of the BEA's documents that discuss about web
services, it mentioned that support for topics is deprecated and
may not be supported in future versions. Our applications are
standalone java applications commnicating app server. Currently,
we are not sure if weblogic's 't3' protocol can be recognized.
Publisher is usually on the server and JMS client can be inside
or outside firewall. If supported, how does JMS client (and
server) can be configured to make subscriptions to any topic and
receive events. Since tunneling across firewall 'may' only allow
request/ response messaging, does our client needs to have
special code to poll for messages published to a specific topic
or is this all transparent? What is the impact of this on
scalability, performance and reliability?
We are also evalutaiting products like jproxy that enable
communication through firewalls. They promise no changes to the
existing code that works inside firewall, but we are having some
problems with it.
Since we are already using weblogic, if it supports JMS accross
firewalls it would be ideal. According to my understanding,
weblogic allows communication with app server and enterprise
beeans through webservices (JAVAX-RPC) and I didn't find much
information about JMS. Any help would be appreciated.
Sincerely,
Bhagat Bandlamudi
Hi
Thanks for the information. We are also looking at the same problem -
asynchronous delivery through firewalls (to standalone clients and to
applications). Started looking at JProxy but we are also having some
problems with WLS 7.0.
The downside potentially of WLS http tunnelling is that it is likely
proprietry.
Dermot
Tom Barnes <[email protected]> wrote in message
news:[email protected]...
> Hi!
>
> Since its wee early days, WebLogic has supported http
> tunneling in addition to t3. If you are using JMS or RMI, merely
> substitute "http" for "t3" in your URL -- but make sure
> that "http-tunneling-enabled" is set to true for the WL server.
>
> When using HTTP, there is no need to do polling. WebLogic
> does this magic for you under-the-covers. From a WL client
> perspective, http tunneling does anything t3 can, (but
> http is slower).
>
> I do not know what is meant by "support for topics is deprecated
> and may not be supported in future releases". This is
> definitely not the case for JMS - but may be the case for
> certain web-services???? Or maybe some doc writer
> is trying to put me out of a job! :-)
>
> Tom
>
> P.S. Note that WL 7.0 and up allows you to configure additional
> ports on the server (as many as you want).
>
> Bhagat Bandlamudi wrote:
> > We need to access weblogic app server and JMS across firewall.
> > The firewall opens only port 80/HTTP. We also need support for
> > topics. In one of the BEA's documents that discuss about web
> > services, it mentioned that support for topics is deprecated and
> > may not be supported in future versions. Our applications are
> > standalone java applications commnicating app server. Currently,
> > we are not sure if weblogic's 't3' protocol can be recognized.
> >
> > Publisher is usually on the server and JMS client can be inside
> > or outside firewall. If supported, how does JMS client (and
> > server) can be configured to make subscriptions to any topic and
> > receive events. Since tunneling across firewall 'may' only allow
> > request/ response messaging, does our client needs to have
> > special code to poll for messages published to a specific topic
> > or is this all transparent? What is the impact of this on
> > scalability, performance and reliability?
> >
> > We are also evalutaiting products like jproxy that enable
> > communication through firewalls. They promise no changes to the
> > existing code that works inside firewall, but we are having some
> > problems with it.
> >
> > Since we are already using weblogic, if it supports JMS accross
> > firewalls it would be ideal. According to my understanding,
> > weblogic allows communication with app server and enterprise
> > beeans through webservices (JAVAX-RPC) and I didn't find much
> > information about JMS. Any help would be appreciated.
> >
> > Sincerely,
> > Bhagat Bandlamudi
>
Similar Messages
-
Thin JDBC through firewall - what ports need to be open?
We are running Oracle 7.3, and Oracle Web Server on the same
computer. The firewall is set up to allow connections to that
computer from anywhere, on ports 80 and 1521.
Our thin JDBC applet works perfectly from inside the firewall,
but from outside, I get a time-out error trying to open the JDBC
connection.
What else needs to be done get JDBC through? Do other ports need
to be open on the firewall?
The JDBC FAQ mentions a "Net8 compliant" or "SQLNet certified"
firewall - is that relevant to this problem, and if so, what does
it really mean?
We are supposed to be operational right now, so many many thanks
for any help on this!
- Joe Wielgosz
nullTry in the Lion Server Forum?
Regards,
Colin R. -
JMS through firewall (no tunneling)
Hi,
I have to send and receive messages through a firewall with JMS. The company security
policy forbids http tunneling but I can get a specific port opened. Which port
do I have to get opened to start listening to a queue ? Weblogic's default ?
I heard that Weblogic JMS initiates the communication on the default port but
then attributes another socket dynamically, is that true ? If so, is there a way
to specify the ports that must be used ?
Thanks.
Hi Matt,
I'm sorry for the delay, I've been away for a while.
I'm wondering if I gave you incorrect advice. I'm not
familiar enough with firewalls. I suspect the new port
is related to the permanent standard TCP/IP connection
that WL sets up between any client and any server.
It may be that you should use HTTP tunneling instead of T3 - just
substitute "http" or "https" for "t3" or "t3s" respectively,
and ensure that HTTP tunneling is enabled for the port you
have opened up.
We've reached the limits of my knowledge - please consider
directing further questions to the "RMI" newsgroup (WL JMS
communicates through WL RMI, which, in turn communicates
through sockets...)
Tom
Matthieu Riou wrote:
> I really have a problem with my JMS listeners. Anytime I start a new JMS listener
> to a Weblogic queue, a new port is opened and listening around 2100 to 2200 or
> 3100 to 3200. I configured a network channel only accepting t3 on port 8001 and
> a very restrictive connection filter that only accepts t3 on 8001 and http on
> 7001.
>
> Still, anytime I start a listener, a new port is opened. How can I avoid that
> ?
>
>
> Tom Barnes <[email protected].bea.com>
> wrote:
>
>>T3 is fine. In fact, it is preferable, as it is the
>>fastest. Actually T3S is much more preferable. The point
>>is to lock things down as much as possible:
>>
>>-- Consider a seperate port for admin - to
>>ensure it is never reachable through the firewall
>>
>>-- create an additional port just for the firewall - to make
>>it more managable and to restrict it to SSL only connections
>>(with certificates),
>>
>>-- ensure that all server resources are secured so that
>>users coming in through the firewall have the most
>>restricted permissions possible...
>>
>>Matthieu Riou wrote:
>>
>>>So if I understand well, I should use another protocol than t3 to be
>>
>>sure to always
>>
>>>use only one port.
>>>I'm using Weblogic 7.0 sp4, it seems that iiop is not supported
>>>for JMS on this version. So what is left ? JCOM ?
>>>
>>>Tom Barnes <[email protected].bea.com>
>>>wrote:
>>>
>>>
>>>>Hi,
>>>>
>>>>In WL, all services are available on a port (EJB, JMS, JNDI,
>>>>JTA, etc.), but the protocols that the port supports are
>>>>configurable (T3, HTTP tunnel, IIOP, JCOM).
>>>>
>>>>Additionally, WL supports the concept of an "Admin"
>>>>port (channel), which, when configured, is the only port
>>>>that can be used for privileged administrative purposes.
>>>>An "Admin" port is SSL only.
>>>>
>>>>In WL 7.0 and later, additional ports can be configured.
>>>>These are referred to as network channels.
>>>>
>>>>In light of the above, I recommend:
>>>>
>>>>(1) Consider configuring a separate admin port.
>>>>(2) Consider configuring a port specific for the purpose (using
>>>>a channel).
>>>>(3) Ensuring that all applications, and destinations, etc. are
>>>>secured (via ACLs) such that permission to access
>>>>a particular destination doesn't imply permission to access any
>>>>other server resources.
>>>>(4) Considering configuration of "connection filters"
>>>>as to act as a second layer of firewall for the port...
>>>>
>>>>For further questions, try "rmi", "network",
>>>>and "security" newsgroups.
>>>>
>>>>Tom
>>>>
>>>>Matthieu Riou wrote:
>>>>
>>>>
>>>>>Hi,
>>>>>
>>>>>I have to send and receive messages through a firewall with JMS. The
>>>>
>>>>company security
>>>>
>>>>
>>>>>policy forbids http tunneling but I can get a specific port opened.
>>>>
>>>>Which port
>>>>
>>>>
>>>>>do I have to get opened to start listening to a queue ? Weblogic's
>>>>
>>>>default ?
>>>>
>>>>
>>>>>I heard that Weblogic JMS initiates the communication on the default
>>>>
>>>>port but
>>>>
>>>>
>>>>>then attributes another socket dynamically, is that true ? If so,
>>
>>is
>>
>>>>there a way
>>>>
>>>>
>>>>>to specify the ports that must be used ?
>>>>>
>>>>>Thanks.
>>>>
>
-
Alsb trying to reach weblogic jms queues through VIP
Hi,
I have jms queues created in wLS. ALSB business service which puts the message into the queue .
ALSB and WLS are in 2 different boxes. When the end pointas follows jms://hostname:portnumber/connection factory/JNDI name is given the service is able to reach the Q.
The problem arises when VIP is used to connect to any of the queues in the box. the jms protocol is getting converted to "t3" protocol which is not understood by VIP and hence resulting in connection timed out exception .
Can anybody please help me to access jms queues through VIP from ALSB service .
Thanks in Advance ,
LKVthe jms protocol is getting converted to "t3" protocol which is not understood by VIP and hence resulting in connection timed out exception . Virtual IP as such doesnt influence anything...what it matters is what is listening at the Virtual IP, If you have configured weblogic server listen thread at this port then it should be able to understand t3.. Weblogic server's listen thread can interpret all supported protocol's ( http, t3, iiop, ldap etc) on its listen port...
So check at your wls side whether the server is listening at virtual ip and port. If you have firewall between alsb and wls then it could be an issue as firewalls can block certain protocols on an opened port.. -
why does a standalone program created in Labview 8.5 try connecting to the internet when the program only reads data through the serial port? Firewalls object to progams that contact the internet without permission.
The created program is not performing a command I have written when it tries to connect to the internet, it must be Labview that is doing it. How do I stop this from happening?
Any help would be very appreciated.It looks that way..
"When LabVIEW starts it contacts the service
locator to removes all services for itself. This request is triggering
the firewall.This is done in case there were services that were not
unregistered the last time LabVIEW executed- for example from VIs that
didn't clean up after themselves"
This is not yet fixed in LV2009.
Message Edited by Ray.R on 11-04-2009 12:25 PM -
what kind of Socket should i use inorder to enable EJB RMI based calls from client to
server through a Firewall that NATes IP addresses ?what if you just want to have the EJB's go through a certain port, not port 80, but maybe port 800 let's say
how do you configure that? -
my java applet will have to communicate with SAP server using JCO
so the applet connects to an RMI server then the RMI server connects to SAP server.
in between applet and RMI server there is a firewall. will RMI get through firewall?The answer is "maybe". It depends on
o How the service is coded. Probably has to be written to communicate using a fixed port number, rather than randomly assigned. (Most firewalls allow access to only specified ports.)
o Changing the firewall settings.
o Whether or not your server tries to call back the client, and whether the client is also behind a fireall. If these two details are both true, then you are probably dead in the water.
There are HTTP tunelling techniques for getting through firewalls. Haven't used them, but if you look back through this forum you'll probbly find some info. -
Urgent_Socket Programming through firewall
Hi all...
I am developing multiple client-one server application through socket programming.
I have one client who will send real time data on request of another client.
This whole data will pass through socket connection.(something like video conferencing)
Steps:
1.Client B sends request to Client A through server.
2.Server accepts connection and gives Client B's IP address and port number
to Client A.
3.Client A sees the request and starts transferring real time data to Client B by opening Socket connection.
I have following doubts:
1. What exactly role of server
2. Important is What about firewall?* This communication has to happen through firewall also.*
What technique has to be used to pass data through FIREWALL.
Thanks In Advance.Hi..
can you please give me some details about how to write program using SOCKS.
i have developed simple application using Socket and Server socket.
I want this application to be run over web,from anywhere,from any machine.
Thanks -
RMI Connection Refused through Firewall
Hi,
I am having problems making an RMI connection through a firewall. On the server outside the firewall I have my servlet application running in an OC4J container and inside the firewall I have an EJB listening on port 6666. I have setup the firewall to allow connections through on port 6666. If I telnet from the machine outside the firewall on port 6666 I am able to make a connection to the EJB. So I know the firewall has been setup to handle the connection.
I run the servlet application and when it tries to make the connection it gives an error:
javax.naming.NamingException: Lookup error: java.net.ConnectException: Connection refused; nested exception is:
java.net.ConnectException: Connection refused
When I do a snoop on the external machine to see what data is trying to be sent to the internal machine there is no data. When doing the telnet test there was data.
I have the same servlet application deployed on a machine internally and it is able to make a connection to the EJB. The only problem is either the configuration of the application server on the external machine or the firewall configuration.
Anyone able to help me see what I am missing?
Thanks
Shawn Clarknot sure what you mean by having a 'EJB listening' on port 6666. Do you mean actually having a socket listening within the EJB code? If so then that is a suspicious EJB activity.
If not then i guess you mean the ORMI listening port of the OC4J application. This is normally set on port 23791 to allow the RMI communication to flow.
-lp -
Using a PS/2 keyboard on a Sparc workstation through the serial port
We have recently migrated an application that used to run on a PC, to now run on a Sparc Workstation. This is a SunBlade 1500, running Solaris 8. The application is running in a dedicated console which has a fitted keyboard and trackerball that have PS/2 connectors and cannot be changed.
We need a way of connecting the PS/2 keyboards to the serial ports of the Sparc workstation. We already have a piece of software that will read ascii values from the serial port so we definately want to go through the serial ports.
Can someone please suggest what converters will be required to get the output of the keyboard and trackerball as ascii input to the serial port.Actually, that's not a bit perverse, at all.
Jonathan's suggestion is a standard method of connecting to a server.
(null cable between the computer serial ports)
... see the Solaris man pages.
man tip
TeraTerm and Hyperterminal are customarily used on a PC running some dialect of Windows.
The 'tip' command is all that's necessary between Solaris systems.
PS/2 is not a serial connection, but is a keyboard/mouse interface 'invented' by IBM when they offered their XT-class PS/2 line of desktop systems, back in the 1980's.
I found this next link by using Google:
http://members.chello.at/theodor.lauppert/computer/ps2/
The smaller DIN ports were more compact than the AT-class keyboard ports and the mouse moved from a serial port to a dedicated mouse port.
Serial communication devices are not keyboards, per se,
and keyboards are not serial communication devices.
You need other hardware in between to translate what the human being sends, and another computer is a common method to accomplish that translation.
Having said all that ...
Since you cannot change the dedicated console hardware,
I suggest you go to the manufacturer of that console equipment
and have them suggest some sort of serial-to-serial interface lash-up. -
I have a record player hooked up to a preamp which is hooked up through the audio port.The sound settings are set to have the audio port be "input". The input volume is registering high with fluxuations in the sound settings, but there is no output anywhere. Do I need some sort of third party application or widget to hear the record i'm playing through the speakers that are hooked up to my computer?
keithstopher,
You may want to check into a USB interface, as I believe you have a Mac with the single audio port, which can be used as input OR output.
You may want to check into something like the following, there are may out there, see what fits your needs best.
http://www.amazon.com/Behringer-UFO202-BEHRINGER-U-PHONO/dp/B002GHBYZ0/ref=pd_cp _MI_2
Hope this helps -
Does my MacBook passes audio through Mini Display Port or not?
I recently bought a Mini DisplayPort > HDMI adapter in order to display my MacBook on my TV. Other users of the same adapter publicly stated that they got video AND audio out, but I got only video.
I've been searching this online for two days now and I still don't know why (I even searched this support forum, but I must admit that I got a little lost and decided to write my own topic). All I discovered was that some MacBooks have this capacity (to port audio along with video through Mini DisplayPort) and others don't.
I'm using a white MacBook unibody bought new and latest on late 2009. It's the first model with multitouch trackpad and without FireWire port. Its model name is "MacBook 6,1", I guess.
Does anybody know for sure if It CAN, in fact deliver audio+video through the Mini DisplayPort if I'm using a compatible HDMI adapter?
Thanks.These models pass audio through the display port:
iMac (Late 2009), MacBook Pro (Mid 2010), MacBook (Mid 2010), and Mac mini (Mid 2010) supply multichannel audio (up to 8 channels) and video signals over Mini DisplayPort. To connect your television or other HDMI devices to your Mac, use select third-party Mini DisplayPort to HDMI adapters that conform to the VESA v1.1a DisplayPort Interoperability Guidelines. The following adapters adhere to these standards:
- Moshi Mini DP to HDMI Adapter with Audio Support
- Griffin Video Display Converter (Mini DisplayPort to HDMI and DVI) -
Is there a way to connect an external speaker (for another room) through the headphone port
Is there a way to connect an external speaker (for another room) through the headphone port & still hear sound through the internal speakers? System Preferences/Sound/Output or Sound Effects allows you to use one or the other -- headphones or internal speakers. I would like to have the option of hearing music through the internal speakers in one room, & through an external speaker in another room at the same time. I also do not want to frequently disconnect/reconnect the external speaker from/to the headphone port as I know over time the connection could become loose. (10.7.4 Lion)
dont think so but I could be wrong
as it were I didn't like the build in audio so I connected some external logictech 2.1 speakers but there
are times when I use headset so I bought this one
or any minijack splitter will work too so I have 2 things connected to the headset port works just fine
http://www.belkin.com/IWCatProductPage.process?Product_Id=404634 -
The serial port seems to be working, and labview seems to be sending the data, but the problem is in which format does it send the data, because in hyperterminal i just input the string "JDX" and it sends it to my device, with labview it sends something but my device does not recognize it.
nobuto wrote:
> I want to transfer data through the serial port in the same coding
> that hyperterminal uses. How can i do it?
>
> The serial port seems to be working, and labview seems to be sending
> the data, but the problem is in which format does it send the data,
> because in hyperterminal i just input the string "JDX" and it sends it
> to my device, with labview it sends something but my device does not
> recognize it.
Hyperterminal adds the carriage return/line feed to the string which is
generated by the return key to send out the current line. LabVIEW simply
sends out what you tell it, so try to set the string to "Show \ Display"
format and add a \r or \n or \r\n to the command you want to send out.
Assumes of course that you set the right baudr
ate/bits/parity etc in
LabVIEW with the VISA property node, when opening the serial port.
Rolf Kalbermatter
Rolf Kalbermatter
CIT Engineering Netherlands
a division of Test & Measurement Solutions -
Second monitor nor being detected through dvi-d port
Hi I have a Hp s5610y slimline. Windows 7 64 bit . It is a newer system with 3 ghz ram and over 600 g.b ram so I know it is not a performance issue, (system handling the duty) I am trying to hook up dual monitors, the product specs page on H.P states that the Vga and Dvi -d ports can both be used at the same time. I have the dvi-d converter to vga hooked up to a monitor through the Vga port on one computer ( that is not working). The port from Vga to vga works fine( the first monitor. I already check the easy stuf like "enabling dual monitor", unplugging the monitor, updating the lastest driver for radeon 3000 and restarting windows. I hooked up two monitors before with no problems. Any ideas out there?
Thanks,
Manny
This question was solved.
View Solution.>I have the dvi-d converter to vga ....
This will never work!
vga is an analog signal, dvi-d is digital.
Only dvi-a or dvi-i can convert to analog vga.
Check the diferencies here:
http://en.wikipedia.org/wiki/Digital%E2%80%93visual_interface#Connector
Either graphics card or monitor can't recognize each other.
V.
*** Say 'Thanks' with Kudos ***
Maybe you are looking for
-
I would like a Question About Flexconnect HA N+1 After WLC 1 Down and AP go to Joint WLC 2
Hi everyone I would like a Question About Flexconnect HA N+1 After WLC 1 Down and AP go to Joint WLC 2 -Cisco WLC 8500 = 2 unit version 7.6.130.10 -Mode Flexconnect HA N+1 -AP Joint WLC 1 and 2 mode HA N+1 I would like After WLC 1 Down i
-
Disabling User instead of deleting
I'm using OIM 9031. I've created a custom access policy which grants user a resource (OEBS) based on his group membership. When user is no longer a member of group, his account is deleted from assigned resource. How do I change the behavior of OIM so
-
WLS 10 MDB migration within a WLS cluster
Hi, I'm trying to get MDB migration working. From my reading in the documentation regarding this topic, it appears that I have to deploy my MDB to all of the cluster server instances. Ex, if the JMS server that my MDB is using is on a migratable targ
-
Question on Customer Hierarchy
Hi All, I recently added a customer to an existing customer hierarcy. However, there are sales orders created since the begining of the year for this customer which do not have the hierarchy assignment. Is it possible to add the hierarchy assignment
-
Basically as the title says, I've noticed when trying to find some photo's I've taken in the past few months in my Camera Roll album (in the Photo's app), I can't find them anymore. But, if I choose 'Places' (instead of Albums at the bottom of the P