I'm playing around with Rippled RPC API ;
I'm specifically looking at the Admin Access;
https://xrpl.org/get-started-using-http-websocket-apis.html#admin-access
Admin Access
The API methods are divided into Public Methods and Admin Methods so that organizations can offer public servers for the benefit of the community. To access admin methods, or admin functionality of public methods, you must connect to the API on a port and IP address marked as admin in the server's config file.
The example config file listens for connections on the local loopback network (127.0.0.1), with JSON-RPC (HTTP) on port 5005 and WebSocket (WS) on port 6006, and treats all connected clients as admin.
By Default in the example config it treats all connected clients as admin; is there a way to set a username and password for admin functions.
A work around I found would be to get the admin port restricted in firewall with an exception rule however is it possible to set a username and password in the config for the admin port instead?
thanks for any insight into this.
Related
In azure-java-sdk samples there is an example - PublishEventsWithWebSocketsAndProxy.java
// By default, the AMQP port 5671 is used, but clients can use web sockets, port 443.
// When using web sockets, developers can specify proxy options.
// ProxyOptions.SYSTEM_DEFAULTS can be used if developers want to use the JVM configured proxy.
ProxyOptions proxyOptions = new ProxyOptions(ProxyAuthenticationType.DIGEST,
new Proxy(Proxy.Type.HTTP, InetSocketAddress.createUnresolved("10.13.1.3", 9992)),
"digest-user", "digest-user-password");
// Instantiate a client that will be used to call the service.
EventHubProducerClient producer = new EventHubClientBuilder()
.transportType(AmqpTransportType.AMQP_WEB_SOCKETS)
.proxyOptions(proxyOptions)
.connectionString(connectionString)
.buildProducerClient();
But I don't understand the paramter values - 10.13.1.3 , digest-user , digest-user-password
can anyone tell me, if this is what I have to use, if the organization has Web App Firewall, connecting to Azure
The parameters that you're referring to are configuring access to a proxy server. In this case, 10.13.1.3 is the address of the proxy server to use, digest-user is the username for authentication, while digest-user-password is its password. This set of credentials is used because the options are using ProxyAuthenticationType.DIGEST for the example.
With respect to your scenario, how you need to configure the client to use your organization's proxy isn't something that can be answered generally. It will depend heavily on how your organization configures the environment, manage network flow, and apply security practices.
I'd recommend reaching out to an IT Ops representative in your organization for that information; once you have that, we can help with any questions or problems that you run into configuring the client to work within that context.
I would like to implement a web application for a company in China. I need to use WeChat mini-APP to make the sign-up/login straight-forward.
Please correct my assumptions if I am wrong:
To implement the login of the website from WeChat, I need to use the OAuth2 protocol
I also need to create a WeChat developer account under a real name (need ID card or business registration stuff) if I want to diffuse the application
I also need to register a domain name to WeChat so that they can allow OAuth2 authentication to this domain name
Question: can I still use my localhost virtual machine to develop my server?
(I didn't try but I assume WeChat will reject to create an OAuth2 token for localhost 127.0.0.1)
Or do I need to have a development domain name with a development server available from the Internet so that I can debug the OAuth2 authentication?
EDIT 1: I tried to send a HTTPS POST request https://127.0.0.1:8080 and I got an error linking to this URL
https://developers.weixin.qq.com/miniprogram/dev/framework/ability/network.html
EDIT 2: I tried to send a HTTPS POST request https://192.168.1.148:8080 which correspond to my dev computer and I got the error VM17415:1 Cannot send network request to localhost. (My test phone and computer both connected to network 192.168.1.x trough WiFi)
The documentation is available in English on the official WebSite [1]. It is written: network APIs allow communication with LAN IP addresses. So basically, if the phone is connected to the same network as the virtual machine (i.e. WiFi), one should be able to send any kind of HTTP/HTTPS request properly.
Note that the development environment WeChat DevTools block this feature by default. In order to enable it, the user should open the Project Settings and check the box 'Does not verify valid domain names, web-view (business domain names), TLS versions and HTTPS certificates.'.
[1] https://developers.weixin.qq.com/miniprogram/en/dev/framework/ability/network.html
I want to use Keycloak to secure my node.js application (There are two parts of my app one on port 3003 and the other on 3000). My application is running on port 3003. But I want to secure a page which is running on 3000. How can I do this?
To protect an open interface/port in your application, you need a gateway (reverse proxy). Keycloak is not a gateway but an Authorization server. Of course, Keycloak can do the authentication and authorization for the users accessing port 3000 (e. g. issue a token), but not the access policy enforcement (validate the token and grant/deny access).
There are several gateway/reverse proxies on the market. However, it depends on the service running on port 3000 which fits best. E. g. for an HTTP based API you could use Kong (which is available as an Open Source community edition).
Well, you don't have to connect Keycloak to both of them. Try doing it for one of them and communicate in a different way.
I want to access MySql database hosted on domain my_domain_name using pymysql ( python library) .
My code is:
connection = pymysql.connect('my_domain_name', user, passd, db)
But I receive this error
(1045, "Access denied for user 'root'#'ip-address' (using password: YES)")
In most answers, people suggest that:
either password is wrong or 'root' user do not have privileges to
access database
But, I can access the database using direct link as: http://www.my_domain_name/phpmyadmin/index.php using same user and password.
I will appreciate your kind help. Thanks
Note: 'my_domain_name' is being converted to an ip_address. When I place this IP to my browser, it takes me to the website of my Internet provider.
Update:
It is clear that domain_name is being replaced with ip_address of Internet provider. How can I resolve this issue? Please do share any link. Thanks.
MySQL access control depends on the IP address of the client not the IP address of the server.
I assume that you're connecting to some cloud instance of MySQL, in other words, it's not running on your local machine. (If it's local just use "localhost" instead of "my_domain_name.")
When you connect to the MySQL server "my_domain_name," it sees an incoming connection from your public IP address. (If you Google for "what's my IP address," the address that Google shows you should match the one in the error message.) If you enter that IP address into your browser, you'll be connecting to your own router. If you got that router from your ISP, it's possible they set it up so that connecting to the router redirects you to the ISP's own home page.
In MySQL, the client address is part of a user's identity. In other words, john#host1 and john#host2 are two different users to MySQL. You specify the host when you create the user:
# Only applies to john connecting from host1
CREATE USER 'john'#'host1' IDENTIFIED BY 'password';
You can also use a wildcard for the client address, which means a user with that name connecting from any client address.
# john can connect from any host
CREATE USER 'john'#'%' IDENTIFIED BY 'password';
Your MySQL instance was probably set up with a user called root#localhost. To connect from somewhere else, you could create another root#my-ip-address user where my-ip-address is your address, however, this user will not be the same as root#localhost. You will have to grant it privileges identical to root#localhost. Accessing MySQL in this way could be inconvenient because if your IP address ever changes, you will lose access. You could create a user root#% instead, which will work from any client, but then you are allowing access to your MySQL server from any client address as long as the user has the password.
The reason you can login from the web administration console is that when you access the console, you're not connecting to the database directly, instead you're interacting with the console, and the console is connecting to the database. The console is running on the same server as MySQL, so when it connects to MySQL, the connection is coming from localhost.
If you want command line access to MySQL, a better strategy would be to SSH to the MySQL server, then use mysql locally to connect as root#localhost.
The issue was that by default, MySql server does't assign necessary privileges to the user to access database remotely. So, open your SqlServer console and use this command to assign privileges to the 'root' user as:
GRANT ALL ON root.* TO 'root'#'ip_address_of_server' IDENTIFIED BY 'password_for_root' ;
FLUSH PRIVILEGES;
OR
GRANT ALL ON root.* TO 'root'#'server_name' IDENTIFIED BY 'password_for_root' ;
FLUSH PRIVILEGES;
Refer to this answer for more information:
pymysql cannot connect to mysql
I am trying to establish a connection to a ldap in gwt. Thanks to a former post
( GWT JDBC LDAP connection fails ) I was able to at least contact that server. However, even though I put in the correct cn/uid and password the access is denied. I get following exception:
java.security.AccessControlException: access denied (java.net.SocketPermission IP:PORT connect,resolve)
I know that my login name and password are correct because I was able to access the ldap via JXplorer and checked it. Could App Engine be the problem? And if so, how can I test my application when using App Engine is disabled?
Thanks in advance
you mentioned that you are developing for app engine.
On app engine you are not allowed to open a socket by yourself (your exception occurs because of this restriction.) If you want to setup a connection to your ldap you have to wrap your ldap call as HTTP and use it with the url fetch service. If the ldap is inside your company you can use google secure data connector to have a https connection from app engine to your internal network.
If you are developing for app engine, i dont think you can connect to LDAP or JDBC or anything TCP/IP, apart from what app engine offers as API.
LDAP requires sockets (TCP port 389) and AppEngine does not support sockets.