Help! ... Outbound Port Getting Shut Down

Discussion in 'ASP .Net Security' started by TC, Jun 8, 2007.

  1. TC

    TC Guest

    Hey All,

    I have some classes that I recently built for a website which uses the
    HttpWebRequest & HttpWebResponse objects from the System.Net namespace.
    Basically, the classes rap submitted data up, connect to external websites
    on external servers and post / remove the data from these other sites.

    It works fine locally but when uploaded to the BCentral production server,
    the outgoing requests get shutdown.

    Apparently, for the System.Net name space, you cannot specify the port. The
    outgoing port will be dynamic random. It will be the client port and not the
    service port. The port range can be 1024 and above. It is by design and
    there is no way you can specify the client port.

    Now, as for BCentral, they do allow outbound connections but only on the
    "default" ports such at 80 for http, etc. Every other non-essential port
    is locked down and they don't open up other ports because of security
    concerns.

    Can someone please advise?

    Thanks,

    TC
     
    TC, Jun 8, 2007
    #1
    1. Advertising

  2. TC

    bruce barker Guest

    HttpWebRequest will use any port (specify in url) you want but defaults
    to port 80. not sure what your issue is. maybe some sample code.

    -- bruce (sqlwork.com)

    TC wrote:
    > Hey All,
    >
    > I have some classes that I recently built for a website which uses the
    > HttpWebRequest & HttpWebResponse objects from the System.Net namespace.
    > Basically, the classes rap submitted data up, connect to external websites
    > on external servers and post / remove the data from these other sites.
    >
    > It works fine locally but when uploaded to the BCentral production server,
    > the outgoing requests get shutdown.
    >
    > Apparently, for the System.Net name space, you cannot specify the port. The
    > outgoing port will be dynamic random. It will be the client port and not the
    > service port. The port range can be 1024 and above. It is by design and
    > there is no way you can specify the client port.
    >
    > Now, as for BCentral, they do allow outbound connections but only on the
    > "default" ports such at 80 for http, etc. Every other non-essential port
    > is locked down and they don't open up other ports because of security
    > concerns.
    >
    > Can someone please advise?
    >
    > Thanks,
    >
    > TC
    >
    >
     
    bruce barker, Jun 8, 2007
    #2
    1. Advertising

  3. TC

    TC Guest

    Hey Bruce,

    I'm going to post some material inline herein. Let's just assume that all
    constant strings, values, viewstate, etc. work.

    I think if I paste in the material with the actual calls, it might mean
    something to you.

    Thanks,

    TC



    /// <summary>
    /// Builds a WebRequest object based upon the parameters passed in
    /// </summary>
    /// <param name="uriURL">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="cookieJar">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="userAgent">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="requestMethod">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="timeOut">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="contentType">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="keepAlive">See documentation for HttpWebRequest
    parameters</param>
    /// <param name="allowAutoRedirect">See documentation for HttpWebRequest
    parameters</param>
    /// <returns></returns>
    public static HttpWebRequest BuildHTTPWebRequest(string uriURL,
    CookieContainer cookieJar, string userAgent,
    string requestMethod, int timeOut,
    string contentType, bool keepAlive,
    bool allowAutoRedirect)
    {
    Uri UriRequest;
    HttpWebRequest HttpWRequest;

    UriRequest = new Uri(uriURL);
    HttpWRequest = (HttpWebRequest)WebRequest.Create(UriRequest);
    HttpWRequest.CookieContainer=cookieJar;
    // Set the name of the user agent. This is the client name that is passed
    to IIS
    HttpWRequest.UserAgent = userAgent;
    HttpWRequest.KeepAlive = keepAlive;
    HttpWRequest.AllowAutoRedirect=allowAutoRedirect;
    HttpWRequest.Timeout = timeOut;
    HttpWRequest.Method = requestMethod;
    HttpWRequest.ContentType = contentType;
    // We don't want caching to take place so we need
    // to set the pragma header to say we don't want caching
    HttpWRequest.Headers.Set(WebPost.Pragma,WebPost.NoCache);
    // The server may not understand this new header; disable it
    System.Net.ServicePointManager.Expect100Continue=false;

    return HttpWRequest;
    }

    /// <summary>
    /// Logs into the perfectsplitmd.com website
    /// </summary>
    public static void PerfectSplitLogin()
    {
    // Reset flag
    WebPost.PerfectSplitPostCandidateSuccess=false;

    StringBuilder PostWhat=new StringBuilder();
    HttpWebRequest
    HttpWRequest=BuildHTTPWebRequest(WebPost.PerfectSplitLoginPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent,
    WebPost.PostRequest,
    WebPost.TimeOut,
    WebPost.ContentTypeFormEncoded,
    false,false);

    PostWhat.Append(WebPost.PerfectSplitViewStateLogin);
    PostWhat.Append(WebPost.PerfectSplitUsernameControlTag +
    WebPost.PerfectSplitMDUsername);
    PostWhat.Append(WebPost.PerfectSplitPasswordControlTag +
    WebPost.PerfectSplitMDPassword);
    PostWhat.Append(WebPost.PerfectSplitLoginButtonTag);

    // Call a function that does the work to get the request.
    if(!MakeWebRequest(HttpWRequest, PostWhat.ToString()))
    {
    return; // The call failed
    }
    WebPost.PerfectSplitLoginSuccess=true;
    }


    /// <summary>
    /// Posts a candidate to the perfectsplit website
    /// </summary>
    /// <param name="PostCandidate">
    /// A valid instance of the 'PerfectSplitPostCandidate' class
    /// </param>
    public static void PerfectSplitMDPostCandidate(PerfectSplitPostCandidate
    PostCandidate)
    {
    // Reset flag
    WebPost.PerfectSplitPostCandidateSuccess=false;

    StringBuilder PostWhat=new StringBuilder();
    HttpWebRequest
    HttpWRequest=BuildHTTPWebRequest(WebPost.PerfectSplitPostCandidatePage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent,
    WebPost.PostRequest,
    WebPost.TimeOut,
    WebPost.ContentTypeFormEncoded,
    false,false);


    // The server may not understand this new header; disable it
    System.Net.ServicePointManager.Expect100Continue=false;

    PostWhat.Append(WebPost.PerfectSplitViewStatePostCandidate);
    PostWhat.Append(PostCandidate.CandidateID);
    PostWhat.Append(PostCandidate.Citizenship);
    PostWhat.Append(PostCandidate.FirstSpecialty);
    PostWhat.Append(PostCandidate.Population);
    PostWhat.Append(PostCandidate.SecondSpecialty);
    PostWhat.Append(PostCandidate.YearMDEarned);
    PostWhat.Append(PostCandidate.Degree);
    PostWhat.Append(PostCandidate.BoardStatus);
    PostWhat.Append(PostCandidate.Training);
    PostWhat.Append(PostCandidate.WhenAvailable);

    if(PostCandidate.PracticeA0.IndexOf(PerfectSplitPostCandidate.PracticeOn)>0)
    {
    PostWhat.Append(PostCandidate.PracticeA0);
    }
    if(PostCandidate.PracticeA1.IndexOf(PerfectSplitPostCandidate.PracticeOn)>0)
    {
    PostWhat.Append(PostCandidate.PracticeA1);
    }
    if(PostCandidate.PracticeA2.IndexOf(PerfectSplitPostCandidate.PracticeOn)>0)
    {
    PostWhat.Append(PostCandidate.PracticeA2);
    }
    if(PostCandidate.PracticeA3.IndexOf(PerfectSplitPostCandidate.PracticeOn)>0)
    {
    PostWhat.Append(PostCandidate.PracticeA3);
    }

    PostWhat.Append(PostCandidate.StatesList);
    PostWhat.Append(PerfectSplitPostCandidate.PostCandidateButtonTag);
    PostWhat.Append(PostCandidate.Comments);
    //Call a function that does the work to get the request.
    if (!MakeWebRequest(HttpWRequest, PostWhat.ToString()))
    {
    return; // the call failed
    }
    WebPost.PerfectSplitPostCandidateSuccess=true;
    }


    /// <summary>
    /// Posts an opening to the perfectsplit website
    /// </summary>
    /// <param name="PostOpening">
    /// A valid instance of the 'PerfectSplitPostOpening' class
    /// </param>
    public static void PerfectSplitMDPostOpening(PerfectSplitPostOpening
    PostOpening)
    {
    // Reset flag
    WebPost.PerfectSplitPostOpeningSuccess=false;

    StringBuilder PostWhat=new StringBuilder();
    HttpWebRequest
    HttpWRequest=BuildHTTPWebRequest(WebPost.PerfectSplitPostOpeningPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent,
    WebPost.PostRequest,
    WebPost.TimeOut,
    WebPost.ContentTypeFormEncoded,
    false,false);


    // The server may not understand this new header; disable it
    System.Net.ServicePointManager.Expect100Continue=false;

    PostWhat.Append(WebPost.PerfectSplitViewStatePostOpening);
    PostWhat.Append(PostOpening.PositionID);
    PostWhat.Append(PostOpening.Citizenship);
    PostWhat.Append(PostOpening.FirstSpecialty);
    PostWhat.Append(PostOpening.Population);
    PostWhat.Append(PostOpening.SecondSpecialty);
    PostWhat.Append(PostOpening.State);
    PostWhat.Append(PostOpening.Degree);
    PostWhat.Append(PostOpening.BoardStatus);
    PostWhat.Append(PostOpening.Training);
    PostWhat.Append(PostOpening.Fee);

    if(PostOpening.PracticeA0.IndexOf(PerfectSplitPostOpening.PracticeOn)>0)
    {
    PostWhat.Append(PostOpening.PracticeA0);
    }
    if(PostOpening.PracticeA1.IndexOf(PerfectSplitPostOpening.PracticeOn)>0)
    {
    PostWhat.Append(PostOpening.PracticeA1);
    }
    if(PostOpening.PracticeA2.IndexOf(PerfectSplitPostOpening.PracticeOn)>0)
    {
    PostWhat.Append(PostOpening.PracticeA2);
    }
    if(PostOpening.PracticeA3.IndexOf(PerfectSplitPostOpening.PracticeOn)>0)
    {
    PostWhat.Append(PostOpening.PracticeA3);
    }

    PostWhat.Append(PostOpening.Comments);
    PostWhat.Append(PerfectSplitPostOpening.PostPositionButtonTag);
    //Call a function that does the work to get the request.
    if (!MakeWebRequest(HttpWRequest, PostWhat.ToString()))
    {
    return; // the call failed
    }
    WebPost.PerfectSplitPostOpeningSuccess=true;
    }


    /// <summary>
    /// Removes a candidate from the perfectsplit website
    /// </summary>
    /// <param name="RemoveCandidate">
    /// A valid instance of the 'PerfectSplitRemoveCandidate' class
    /// </param>
    public static void
    PerfectSplitMDRemoveCandidate(PerfectSplitRemoveCandidate RemoveCandidate)
    {
    WebPost.PerfectSplitRemoveCandidateSuccess=false;

    int
    Count=WebPost.Occurrences(WebPost.ResponseData,RemoveCandidate.CandidateID);

    if(Count>0)
    {
    for(int Loop=1;Loop<=Count;Loop++)
    {
    int Start=WebPost.ResponseData.IndexOf(RemoveCandidate.CandidateID,1);
    Start=WebPost.ResponseData.IndexOf(PerfectSplitRemoveCandidate.DeleteControlInID,Start);
    Start=WebPost.ResponseData.IndexOf(PerfectSplitRemoveCandidate.DeleteControlName,Start
    + RemoveCandidate.CandidateID.Length);
    int
    End=WebPost.ResponseData.IndexOf(PerfectSplitRemoveCandidate.DeleteControlNameEnd,Start)+(PerfectSplitRemoveCandidate.DeleteControlNameEnd.Length-2);

    RemoveCandidate.ControlFullName=WebPost.ResponseData.Substring(Start,End-Start);
    RemoveCandidate.ControlFullName=RemoveCandidate.ControlFullName.Replace(Globals.SymbolConstants.Dollar,WebPost.EncodedDeleteControlDollar);

    StringBuilder PostWhat=new StringBuilder();
    HttpWebRequest
    HttpWRequest=BuildHTTPWebRequest(WebPost.PerfectSplitMyCandidatesPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent,
    WebPost.PostRequest,
    WebPost.TimeOut,
    WebPost.ContentTypeFormEncoded,
    false,false);

    // The server may not understand this new header; disable it
    System.Net.ServicePointManager.Expect100Continue=false;

    PostWhat.Append(WebPost.EventTarget);
    PostWhat.Append(RemoveCandidate.ControlFullName);
    PostWhat.Append(Globals.SymbolConstants.Ampersand);
    PostWhat.Append(WebPost.EventArgument);
    PostWhat.Append(Globals.SymbolConstants.Ampersand);
    PostWhat.Append(WebPost.PerfectSplitViewStateMyCandidates);

    //Call a function that does the work to get the request.
    if (!MakeWebRequest(HttpWRequest, PostWhat.ToString()))
    {
    return; // the call failed
    }
    WebPost.PerfectSplitRemoveCandidateSuccess=true;

    // Get ViewState for MyCandidates page
    // Repeating this here also updates the 'ResponseData' property
    // which is needed for this loop
    WebPost.PerfectSplitViewStateMyCandidates =
    WebPost.GetViewState(WebPost.PerfectSplitMyCandidatesPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent);
    }
    }
    }

    /// <summary>
    /// Removes an opening from the perfectsplit website
    /// </summary>
    /// <param name="RemoveOpening">
    /// A valid instance of the 'PerfectSplitRemoveOpening' class
    /// </param>
    public static void PerfectSplitMDRemoveOpening(PerfectSplitRemoveOpening
    RemoveOpening)
    {
    WebPost.PerfectSplitRemoveOpeningSuccess=false;

    int
    Count=WebPost.Occurrences(WebPost.ResponseData,RemoveOpening.OpeningID);

    if(Count>0)
    {
    for(int Loop=1;Loop<=Count;Loop++)
    {
    int Start=WebPost.ResponseData.IndexOf(RemoveOpening.OpeningID,1);
    Start=WebPost.ResponseData.IndexOf(PerfectSplitRemoveOpening.DeleteControlInID,Start);
    Start=WebPost.ResponseData.IndexOf(PerfectSplitRemoveOpening.DeleteControlName,Start
    + RemoveOpening.OpeningID.Length);
    int
    End=WebPost.ResponseData.IndexOf(PerfectSplitRemoveOpening.DeleteControlNameEnd,Start)+(PerfectSplitRemoveOpening.DeleteControlNameEnd.Length-2);

    RemoveOpening.ControlFullName=WebPost.ResponseData.Substring(Start,End-Start);
    RemoveOpening.ControlFullName=RemoveOpening.ControlFullName.Replace(Globals.SymbolConstants.Dollar,WebPost.EncodedDeleteControlDollar);

    StringBuilder PostWhat=new StringBuilder();
    HttpWebRequest
    HttpWRequest=BuildHTTPWebRequest(WebPost.PerfectSplitMyOpeningsPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent,
    WebPost.PostRequest,
    WebPost.TimeOut,
    WebPost.ContentTypeFormEncoded,
    false,false);

    // The server may not understand this new header; disable it
    System.Net.ServicePointManager.Expect100Continue=false;

    PostWhat.Append(WebPost.EventTarget);
    PostWhat.Append(RemoveOpening.ControlFullName);
    PostWhat.Append(Globals.SymbolConstants.Ampersand);
    PostWhat.Append(WebPost.EventArgument);
    PostWhat.Append(Globals.SymbolConstants.Ampersand);
    PostWhat.Append(WebPost.PerfectSplitViewStateMyOpenings);

    //Call a function that does the work to get the request.
    if (!MakeWebRequest(HttpWRequest, PostWhat.ToString()))
    {
    return; // the call failed
    }
    WebPost.PerfectSplitRemoveOpeningSuccess=true;

    // Get ViewState for MyOpenings page
    // Repeating this here also updates the 'ResponseData' property
    // which is needed for this loop
    WebPost.PerfectSplitViewStateMyOpenings =
    WebPost.GetViewState(WebPost.PerfectSplitMyOpeningsPage,
    WebPost.PerfectSplitCookieJar,
    WebPost.PerfectSplitUserAgent);
    }
    }
    }



    /// <summary>
    /// Complete the HttpWebRequest
    /// </summary>
    /// <param name="httpWRequest">
    /// The HttpWebRequest object used to get a response from a website
    /// </param>
    /// <param name="postWhat">
    /// The data that is posted to the website
    /// </param>
    /// <returns></returns>
    private static bool MakeWebRequest(HttpWebRequest httpWRequest, string
    postWhat)
    {
    HttpWebResponse HttpWResponse;

    // We need to store the data into a byte array
    byte[] PostData = System.Text.Encoding.ASCII.GetBytes(postWhat);
    httpWRequest.ContentLength = PostData.Length;
    Stream TempStream = httpWRequest.GetRequestStream();
    // Write the data to be posted to the Request Stream
    TempStream.Write(PostData,0,PostData.Length);
    TempStream.Close();

    // Make the connection to the server
    HttpWResponse = (HttpWebResponse)httpWRequest.GetResponse();

    // Reset the response object
    if(HttpWResponse != null)
    {
    StreamReader ResponseReader = new
    StreamReader(HttpWResponse.GetResponseStream());
    // Log response data for use in other capacities (i.e. examine contents)
    WebPost.ResponseData = ResponseReader.ReadToEnd().ToString();
    HttpWResponse.Close();
    HttpWResponse = null;
    }
    return true;
    }






    "bruce barker" <> wrote in message
    news:...
    > HttpWebRequest will use any port (specify in url) you want but defaults to
    > port 80. not sure what your issue is. maybe some sample code.
    >
    > -- bruce (sqlwork.com)
    >
    > TC wrote:
    >> Hey All,
    >>
    >> I have some classes that I recently built for a website which uses the
    >> HttpWebRequest & HttpWebResponse objects from the System.Net namespace.
    >> Basically, the classes rap submitted data up, connect to external
    >> websites on external servers and post / remove the data from these other
    >> sites.
    >>
    >> It works fine locally but when uploaded to the BCentral production
    >> server, the outgoing requests get shutdown.
    >>
    >> Apparently, for the System.Net name space, you cannot specify the port.
    >> The outgoing port will be dynamic random. It will be the client port and
    >> not the service port. The port range can be 1024 and above. It is by
    >> design and there is no way you can specify the client port.
    >>
    >> Now, as for BCentral, they do allow outbound connections but only on the
    >> "default" ports such at 80 for http, etc. Every other non-essential
    >> port is locked down and they don't open up other ports because of
    >> security concerns.
    >>
    >> Can someone please advise?
    >>
    >> Thanks,
    >>
    >> TC
     
    TC, Jun 8, 2007
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ken Kolda
    Replies:
    2
    Views:
    505
    Ken Kolda
    May 7, 2004
  2. Steve
    Replies:
    0
    Views:
    479
    Steve
    Jan 31, 2006
  3. bmearns

    Outbound port on sockets

    bmearns, Sep 14, 2006, in forum: Python
    Replies:
    25
    Views:
    895
    Paul Rubin
    Sep 18, 2006
  4. TC
    Replies:
    3
    Views:
    434
  5. Old Echo
    Replies:
    2
    Views:
    129
    Old Echo
    Jun 27, 2008
Loading...

Share This Page