I am working with Camunda's ExternalTaskClient Java client. I am able to subscribe to a topic successfully, but this uses a random port on the host machine to communicate with Camunda.
How can I tell the ExternalTaskClient to use a custom outgoing port? Here is my client so far:
ExternalTaskClient client = ExternalTaskClient.create().baseUrl("http://1.2.3.4:8080/engine-rest").build();
client.subscribe("my-topic").handler(new MyHandler()).open();
Thanks!
If it really is necessary to specify a specific source (client) port then these are the steps:
Implement a custom socket factory that implements ConnectionSocketFactory and returns a socket with your preferred local port - Camunda uses Apache HttpClient internally
Register that factory with a scheme through the connection manager and schema registry - httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme(<scheme>, <outgoing port>, <your factory>));
Hope that Camunda uses the HttpClient library as intended and no unpleasant side-effects pop up
In addition to the above you also need to think about handling an SSL context (in the custom factory) if the connection needs to be HTTPS. Also remember that using any port below 1024 means the user running the client needs special permissions.
Why is it a random port? Under the hood the ExternalTaskClient uses the REST-API. The baseURL you are providing in its configuration is the URL of the engine REST-API. It runs on one specific port. In your case on the default port 8080. You can change the server.port if you want the API to run on a different port.
Related
I'm using Micronaut's RabbitMQ package to connect to my RabbitMQ server (see here: https://micronaut-projects.github.io/micronaut-rabbitmq/latest).
I can easily configure the server to listen on the SSL port, however I cannot understand how can I configure my client to connect via SSL.
All examples I found create the connection manually, but in my case the connection is created behind the hood by Micronaut and I want to configure it by setting only properties.
In this section of the configuration all the rabbitmq properties are listed, however the only thing related to ssl is ssl-context-factory and no explanation or example is provided.
I would have expected something like this answer for Spring where (supposedly) there exist a spring.rabbitmq.ssl.enabled property which switches SSL connections on.
Is there anything similar for micronaut?
If not, is that ssl-context-factory the correct configuration property? And how do you set it up?
Bonus points: how should I configure the keystore to validate the server certificate? Micronaut will automatically use the micronaut.ssl.key-store.* values for the rabbit connection?
Final note: I'm not interested in doing mTLS/client authentication by the server. I simply want my client to use an encrypted SSL connection to speak to the server. So the client should not need any certificate, it only has to validate the server certificate.
I believe I found an answer, even though I'm not sure whether it's the best one.
Micronaut RabbitMQ support allows to specify the uri for the connection instead of the host & port. So it's possible to specify amqps://<host>:5671 and it should connect via SSL. Seems unfortunate that if you are using SSL you cannot use the host & port property though.
I am trying to send a json through a web socket. The web socket has to be accessed through a HTTP Proxy.I tried using tyrus but it didn't work for proxy. Can you suggest a better way to do it.
Tyrus client supports traversing proxies, but it is Tyrus specific feature and its configuration is shown in the following code sample:
ClientManager client = ClientManager.createClient();
client.getProperties().put(ClientProperties.PROXY_URI, "http://my.proxy.com:80");
Value is expected to be proxy URI. Protocol part is currently ignored, but must be present.
reference
Client behind proxy
I'm currently working on a small project that manages attendance for a summer program that I'm helping run. The RMI server is run from the office and has a specific port set for it by using the following code:
Registry registry = LocateRegistry.createRegistry(4051);
RemoteManager stub = (RemoteManager) UnicastRemoteObject.exportObject(theServer, 4051);
registry.rebind(SERVER_NAME, stub);
where theServer is a reference to the object that will serve as the system's server and SERVER_NAME is simply a static String used to represent the server. As is shown the registry binds the server to port 4051 so that clients can query for it. Now I'm working on cross-communication between the server and multiple client instances (12 teachers running the same client program) and currently it is set such that the clients send stubs of themselves to the server for client registration.
public void registerClient(INTERFACE_Client teach) throws RemoteException {
.
.
.
}
where INTERFACE_Client extends the Remote interface and the client is sent down by calling:
server.registerClient((INTERFACE_Client) UnicastRemoteObject.exportObject(this, 4052));
where I just chose port 4052 because I didn't know what I was doing. I also didn't bind the stub to a registry. Is a good way to do it? Because I've hardcoded the client port, all 12 teachers will be exporting the object using port 4052 (at least that's how I see it) from their respective client instances. Should the ports be randomized? Should I not include a port (there's a method that doesn't require that as well)? Any helpful hints would be greatly appreciated.
As a disclaimer, I do need a reference to the client in the server so that people in the office can send messages to the teachers. (Server -> Client communication). The client already has the reference to the server because it can look it up on the registry.Any suggestion?
I just chose port 4052 because I didn't know what I was doing.
That's OK, as long as port 4052 is open in both directions in both intermediate firewalls, if there are any firewalls. There's no real reason why you can't use the RMI Registry port 1099 for this, at both ends: it's already reserved by IANA, unless the hosts already contain some other RMI application.
I also didn't bind the stub to a registry. Is a good way to do it?
That's OK. You don't need a Registry at the client. All you need is your existing registration API.
Because I've hardcoded the client port, all 12 teachers will be exporting the object using port 4052 (at least that's how I see it) from their respective client instances.
That's OK as long as the 'client instances' are all separate TCP hosts.
Should the ports be randomized?
Not unless you have > 1 client per TCP host.
Should I not include a port (there's a method that doesn't require that as well)?
No.
Any helpful hints would be greatly appreciated.
Your clients must implement a remote interface and be exported and then registered with the server via your existing API. You're doing well. As long as there are no firewalls, or they are all under your control, you will be OK.
It may be that I'm not understanding the UDP protocol...
I'm trying to receive data from a server using the UDP protocol, but I'm sitting behind a firewall. The URLConnection constructor can take an instance of Proxy (as well as a way to set up user name and password of such a proxy server).
How do I connect through a proxy server using the UDP protocol (DatagramSocket)?
Best regards,
TX
Most Proxy servers support the HTTP protocol which is TCP based, so you don't have to do anything with the proxy server to do this.
To pass UDP over a proxy server, you need a proxy which supports UDP. I don't know of any proxy server which supports this so you may have to write one yourself. It is worth noting that UDP is a connectionless protocol which means you have have to authenticate every packet.
SOCKS5, which is an extension of SOCKS4, includes support for UDP in addition to authentication. One implementation of a SOCKS5 Server written in Java is JSOCKS. You can check this project out at http://jsocks.sourceforge.net/.
Refer to RFC 1928 (https://www.rfc-editor.org/rfc/rfc1928) for more information on SOCKS5.
I want to set up an FTP connection using a proxy server with Apache's commons-net.
But looking at this Does FTPClient support FTP connections through an FTP proxy server? has me worried.
I have to meddle with the system properties and the Sun docs state that "If socksProxyHost is specified then all TCP sockets will use the SOCKS proxy server to establish a connection or accept one."
WTH? All TCP sockets? What about my database connections? Or other FTP connections i might want to open at the same time not using a proxy? Will they all be affected?
Is there some other way to do it that doesn't mess with the rest of my application?
You have several ways of using proxies in Java, especially from version 1.5.
Using System Properties: quick & powerfull but limited flexibility
You can use use a SOCKS proxy for all TCP connections.
You can also set a proxy per protocol, doable for HTTP, FTP and HTTPS
For both methods, you can specify a list of hosts that will not use proxy
Using the java.net.Proxy class (Java 1.5+) to set (or not) a Proxy per Connection
Impleting a java.net.ProxySelector (idem) which will determine a Proxy for each Connection according to your criteria
See the detailled Sun technote on networking & proxies.