Product: Xtradyne I-DBC

Version: ALL

Description:

Callback Configuration

Resolution:

Callbacks are only relevant in the context of an I-DBC installation. Callbacks can be configured in different ways. If you have problems with making callbacks work, we recommend to first configure callbacks the simplest way which is also the most insecure mode of operation and then to secure it step by step:

• Allow outgoing IIOP or IIOP/SSL connections on the “External Interface” panel.
• Enable IIOP or IIOP/SSL acceptors on the “Internal Interface” panel.
• Check the “Allow unknown clients” in the “Access Session Management” part of the “I-DBC Proxy Cluster” panel. If your application works now proceed to the next bullet, if you get a COMM_FAILURE, check the first two bullets again.
• Additionally, check the “Separate Access Sessions (AS) for unknown clients” box on the same panel, define a callback resource XDN:Callback:1.0 (on the “Security License Errors Domain Boundary Controller - Administrator’s Guide 219 Policy – Resource” panel) and allow “PUBLIC” access to this resource.For configuration details, see “Configuring Permissions for Callbacks” on page 282. If your application still works proceed to the next bullet. If you get a NO_PERMISSION exception, check again if you allowed “PUBLIC” access to the XDN:Callback:1.0 resource.
• Disable the “Allow unknown clients” in the “Access Session Management” part of the “I-DBC Proxy Cluster” panel. This requires the definition of a user with the correct permissions (see next bullet).
• Define proper permissions allowing only your CORBA server callback access: Add a new user with ip-based authentication (“User Properties – Authentication Methods”). Configure the server’s IP address. For several servers using callbacks, configure a netmask to map the servers to your “server” identity (see also “Configuring Permissions for Callbacks” on page 282). As a last step go to the “User Properties – Privileges” panel and add the resource “XDN:Callback:1.0” to the user’s privileges. Rerun your application. A NO_PERMISSION exceptions means that permissions are not yet correct. Consult the event log to diagnose the problem, e.g., an AuthenticationIPBasedAuthenticationFailure event indicates that the user-to-IP-address mapping failed, in this case, check if the server’s IP address is correct.