WebCore app and ports/firewall

I have a simple form where I register a few values and these values should be saved to a database.

The base url is http://MyHostAdress:2001/tms/xdata

When I run locally using localhost everything is working as it should and data is saved to the database. Running from an external pc nothing happens (no data saved to the database) and access is denied.

Do I have to open port 2001 in the firewall?

I thought all traffic was coming through port 80 (open in the firewall) and that port 2001 is used by the Xdata server internally (localhost) to communicate with the database?

I know, I lack basic understanding here so I have signed up on a video course about Xdata. But I would like to solve this problem a bit more quickly

Assuming you're just trying to connect from another PC on your local network, then yes, opening up the XData port (2001) on the computer running XData is needed for the TMS WEB Core app to be able to communicate with it.

In your TMS WEB Core app, somewhere you must specify how you're connecting to XData, via a URL or something, for example, which likely includes this port number as well. So if you want to change where XData is running (on a different port or a different host) then the connection in your TMS WEB Core app will need to be updated to match.

XData itself may use entirely different ports when it wants to communicate with a database or other servers, but 2001 is what it is (by default) using to accept incoming connections.

Hi Andrew, thank you for answering.

I use a TXDataWebConnection in the WebCore app and the url is set to http://localhost:2001/tms/xdata.

When the Xdata server is installed on a server, is this server always Localhost to Xdata? Or should the url in the TXDataWebConnection be http://MyExternalServerAddress:2001/tms/xdata when called from an external pc?

I wish someone would write a very very basic artice/blog about Webcore and this topic

Kind regards,
Ole

Yes, there's always a need for more information but it is difficult at times because we're all coming at things from different angles. Some people have a lot of experience and knowledge in some areas and not in others, so filling in the gaps is a challenge. I try to help out here with the questions I think I can answer, but there are often questions that go beyond what I can deal with.

In this case, the idea is that the XData server is running on a host machine and its services are available on a particular port. When it runs, by default, this will be 'localhost" and port '2001' but you can change it in the XDataServer properties. Note that if you change the port, you'll have to use the TMS HTTPConfig tool to reserve a different port number, and also allow that port through a firewall. Now you may be thinking, well, isn't XData always running on localhost? Well, maybe, but sometimes you can have multiple network cards or network names. Or you might have something more complicated going on with HTTPS (secure connections) so there are options for all of these things as well. But at the end of the day, XData is making a service available on a machine with a particular address on a particular port. For a TMS WEB Core application (or any application) to be able to connect to XData, this address and port must be known, and it must be reachable by the application. So in a local network, this is usually easy. If the XData server is to serve data to the internet generally, then things are more complicated.

In the TMS WEB Core application, yes, it needs to be told what machine and what port the XData service is running on, and in a way that it can resolve and ultimately reach the XData server. If you're on the same local network, then you can use an IP address or a machine name like you've done. Just be sure that if you use a name, it properly resolves to the computer running the XData server. You should be able to test it outside of the app. Just put that address in a browser. You can try it on the XData server machine as well as the computer you're running the TMS WEB Core application from. Normally you might get an empty XData response, something like this:

{
    "value": []
}

Which means you're talking to XData. But if you get a 'service unavailable' or 'connection failed' then something else is amiss and that address is either incorrect, not mapped to the XData server, or something on the server (like a firewall or the HTTPConfig Tool) needs to be configured.

Hope that helps out a bit?

There are lots of Support Center posts and TMS Blog posts about many things to do with XData and TMS WEB Core. Finding the perfect match for any given question is sometimes not so easy though. Here's something I wrote recently. Not necessarily simple but it goes through the process of creating an XData app as part of a TMS WEB Core project. But curiously, it totally skips over the part where your particular question here might get answered

Thanks Andrew

I will look closer into this when I'm at work next week.

Update.

It all runs without problems on my local (localhost) pc. From the outside (internet) I can't even get a response from the Xdata server.

Port 2001 is now opened on the firewall.

I quess what confuses me the most are those url settings.
TXdataServer has BaseUrl
TXdataWebConnection has Url

What is the difference of these two?

When I type 192.168.0.12:2001/tms/xdata in the browser (running locally) I get response,
name: "webnewsletter"
url: "webnewsletter"

What is the url in the response refering to?

My production environment is pretty simple. A firewall/router (box) with a fixed address and a Windows 2008R2 server. Internet server IIS, Xdata and database are all on this one server.

Mail server, internet server and database have all run for years in this setup. So it's the configuration of the Xdata/webcore where I am missing something.

Anybody using a similar setup, Xdata/Xdatawebconnection over the internet? I need guidance, please

Kind regards,
Ole

So... Let's sort out local access first before worrying about Internet access.

XData is running on your server. Good.
Configured for port 2001. Good.
Your server has IP Address 192.168.0.12 in your local network. Good.
If you open a browser on that computer (the Windows server) and visit

http://localhost:2001/tms/xdata

What do you see? Then, on a different computer in your network, if you open a browser and then visit

http://192.168.0.12:2001/tms/xdata

You should see the exact same thing.

{
    "value": []
}

If you're getting a prompt for a username or a password or anything else, then perhaps something isn't what it appears?

In the example I linked to, there is an XData server setup in the same way that you're trying to do, with public internet access as well. It is on a different port, but you can try and access it the same way by opening a browser and visiting

https://carnival.500foods.com:10999/tms/xdata/

Where you should also get the same result above.

Hi Andrew

Yes, I do see the same on both.

I get a response from this link.

This is interesting and I think what I do wrong? I use Localhost in the Xdataservers BaseUrl.
Is this, https://carnival.500foods.com:10999/tms/xdata, the link you put in Xdata baseurl?

Well that's good news! This means it should be a lot easier to sort out the rest.

The BaseURL property is used by the XDataServer code to figure out what port to run on. In my project, it is set to either the 2001 address when working on my project, or to the 10999 address when it is finally deployed elsewhere (not on my development computer). So in the code, I have something like this:

  if (GetEnvironmentVariable('COMPUTERNAME') = 'MYDEVCOMPUTER')
  then ServerContainer.XDataServer.BaseURL := 'http://+:2001/tms/xdata'
  else ServerContainer.XDataServer.BaseURL := 'https://+:10999/tms/xdata';

(My computer isn't called that, but that's just where its name appears).

In your case, we don't need to worry about that just yet - it is likely set to the first value above which is fine for right now.

Just as an experiment, if you wanted to try and change it from 2001 to something else, you would need to do three things, all of which have either been done for you by default, or that you've already done yourself.

1. Change the BaseURL number from 2001 to something else (best go higher, but less than 65,535). Let's say for example, port 34567.
2. Run the TMS HTTP Config Tool which you can find in the TMS Sparkle folder in the Windows menu. Then add whatever the link you've added to the BaseURL to this list.
3. Configure your Windows Firewall to also allow the new port.

You should then be able to do the same thing previously, visiting either http://localhost:34567/tms/xdata from the server directly or http://192.168.0.12:34567/tms/xdata from another computer on the same network as the server.

But we don't need to do that at the moment, that's for later if you want to change the address. It sounds like access within your network is already all sorted out so

The next (last!) thing is to sort out access from outside your network. As it has been running for a while already as a web server, then it might not be too much trouble to sort out. The trickiest part is probably just actually testing it from outside your network.

Using an iPad or an iPhone or any other mobile phone that is NOT connected to your WiFi network (just turn it off if it is), then try and access the public URL of the server. So of your server is already serving up web pages on www.myfancyserver.com, you should be able to visit http://www.myfancyserver.com from this device, and get the website that you would normally expect.

Now, try the same thing with http://www.myfancyserver.com:2001/tms/xdata and see what you get. If you don't get the same value: [] business that you get when you visited the links previously, then something on your firewall or your webserver is inserting itself into the mix.

For the router/firewall situation, usually there is something like a port-forwarding rule that tells the router/firewall where to send traffic. So you have to allow for the port but also indicate which computer (your server) will receive the traffic. Be sure that port 2001 on the firewall is being redirected to the same port 2001 on the server computer, if that's how you've got things configured. Happy to help with router/firewall configuration stuff, but if you're stuck here, I'll need to know more about what you've got in place.

For the web server, it generally doesn't need to know about XData, so let's deal with that later if needed.

So once that is all working, then try the same thing from your local network, using WiFi or whatever. The reason I did it this way is that sometimes firewalls/routers don't like to redirect outbound requests internally. Sometimes its fine, but best to not have to troubleshoot that first.

Thank you for your quick and thorough reply.

I really appreciate it.

I will look into this at work tomorrow, it's getting late here in Norway

Ah! Norway is definitely a few time zones ahead. Only 13:30 here.

I can now get a response from the Xdata server using my phone from the internet

I had to call the company that installed the firewall, they connected remotly and now it's functioning. I had opened the port, set up the service and pointed everything to the Windows server. There must have been an obscure rule they had made deep inside the firewall somewhere.

Sorry to have bothered you this much,I have learned a lot and also from your thorough answers.

Kind regards,
Ole

No need to apologize, happy to help! Very glad to hear it is working for you now.

XData is a great product, but it is only a piece of the puzzle when it comes to deploying a complete project. Having a good understanding of all the other pieces can often be just as important.