07-06-23 10:06 AM
Hi Team,
We have a scenario where the BOT will be calling the endpoint for an API call. As a pre-requisite the application team want's to know the machine and port details of the machine that will be used for making a call.
I can provide the machine details we are using but can someone help me out in how we can extract the details of the port that BP uses for an outgoing API call?
I do know for incoming calls BP uses 8181 port for the SOAP services
@ewilson , your inputs are much appreciated
Answered! Go to Answer.
07-06-23 06:41 PM
There is nothing in the Blue Prism configuration, that I'm aware of, that will allow you to restrict/control what ports the Automate.exe process uses as it executes a process. As I mentioned previously, the port is selected dynamically at runtime.
With that said, you could write your own implementation of a VBO that implements the .NET Socket, IPEndPoint, and IPAddress classes along with the AddressFamily enumeration and then you would have the ability to set an explicit client port, but you would lose all of the higher-level processing of HTTP/Web requests that are abstracted for you by classes like the WebRequest and HttpWebRequest classes. In essence, you would now be responsible for assembling and processing the raw binary input/output of your communication with the destination server. 😬
I hate to say it, but whomever is forcing this requirement on you doesn't really seem to understand what they're asking for. This would typically be addressed by a load balancer/firewall/API gateway between the digital workers and the destination servers. All they need to be aware of is the client IP of each digital worker and have a general idea of the messaging they would see coming from them along with their destination. From there, they can manage and block traffic as needed.
Cheers,
07-06-23 02:52 PM
Hello @Manish Rawat
Blue Prism doesn't use a specific port for an outgoing SOAP request. It uses what are known as "ephemeral ports". This means a random port is chosen by the operating system when the .NET networking library spins up the necessary object. I believe the default dynamic port range in Windows is from 49152 to 65535.
Cheers,
07-06-23 04:31 PM
Hi @Eric Wilson,
Thanks for your quick prompt like always, is there a way to fix the dynamic port in BP for the outgoing calls
We can call the API through the HTTP VBO or Web API integration through systems as well, if they have any options available there.
Not sure but will that also be affected by the "fixed browser port (31924)" settings?
07-06-23 06:41 PM
There is nothing in the Blue Prism configuration, that I'm aware of, that will allow you to restrict/control what ports the Automate.exe process uses as it executes a process. As I mentioned previously, the port is selected dynamically at runtime.
With that said, you could write your own implementation of a VBO that implements the .NET Socket, IPEndPoint, and IPAddress classes along with the AddressFamily enumeration and then you would have the ability to set an explicit client port, but you would lose all of the higher-level processing of HTTP/Web requests that are abstracted for you by classes like the WebRequest and HttpWebRequest classes. In essence, you would now be responsible for assembling and processing the raw binary input/output of your communication with the destination server. 😬
I hate to say it, but whomever is forcing this requirement on you doesn't really seem to understand what they're asking for. This would typically be addressed by a load balancer/firewall/API gateway between the digital workers and the destination servers. All they need to be aware of is the client IP of each digital worker and have a general idea of the messaging they would see coming from them along with their destination. From there, they can manage and block traffic as needed.
Cheers,
07-06-23 06:53 PM
Hi @ewilson ,
Thanks for the response.
I agree that is not an ideal scenario for the BOTs, the APIs are built already with the scenario in mind that they will always be called through a server via a specific port to ensure security and avoid unknown traffic.
I will try to get in touch with the application team to have the required modifications in the APIs to include the IPs and not port in the call if possible, as providing network level port routing in the VBO doesn't seem an ideal solution.
Thanks for your help yet again!