Symptoms
In the default installation PBA-E XML RPC proxy server is listening to requests on port 5224 on private IP address for the security reasons.
Provider want to make PBA-E XML RPC server to listen to requests on public IP address.
Resolution
For PBA 5.5.x
Note: Enabling same functionality for PBA 5.5.x is explained in KB #120973
Actually two PBA-E services are involved into the process of XML RPC API requests processing:
- xrproxy - proxy server written in Perl which is listening incoming XML RPC requests on port 5224 and proxies them to XML RPC server
- xmlrpcd - XML RPC server
On typical PBA-E installation you may see the following picture:
# netstat -antp | egrep 'perl|xmlrpcd'
tcp 0 0 10.64.52.131:5224 0.0.0.0:* LISTEN 17444/perl
tcp 0 0 127.0.0.1:5224 0.0.0.0:* LISTEN 17444/perl
tcp 0 0 0.0.0.0:5230 0.0.0.0:* LISTEN 17478/xmlrpcd
tcp 0 0 0.0.0.0:5231 0.0.0.0:* LISTEN 17479/xmlrpcd
tcp 0 0 0.0.0.0:5232 0.0.0.0:* LISTEN 17480/xmlrpcd
tcp 0 0 0.0.0.0:5233 0.0.0.0:* LISTEN 17481/xmlrpcd
tcp 0 0 0.0.0.0:5234 0.0.0.0:* LISTEN 17482/xmlrpcd
tcp 0 0 127.0.0.1:47425 127.0.0.1:5223 ESTABLISHED 17481/xmlrpcd
tcp 0 0 127.0.0.1:47428 127.0.0.1:5223 ESTABLISHED 17482/xmlrpcd
tcp 0 0 127.0.0.1:47416 127.0.0.1:5223 ESTABLISHED 17478/xmlrpcd
tcp 0 0 127.0.0.1:47419 127.0.0.1:5223 ESTABLISHED 17479/xmlrpcd
tcp 0 0 127.0.0.1:47422 127.0.0.1:5223 ESTABLISHED 17480/xmlrpcd
The listing says the following:
- process 'perl' (actually it is Perl script /usr/local/Stellart/bin/xrproxy.pl) listen to the port 5224 on localhost and private IP address 10.64.52.31 - this is proxy server
- processes 'xmlrpcd' listen to ports 5230, 5231, 5232, 5233, 5234 - these are instances of XML RPC server
All incoming XML RPC requests are going to XML Proxy server and are being processed by the Perl script /usr/local/Stellart/bin/xrproxy.pl which passes them to processes xmlrpcd (which is actual XML RPC server) using round-robin algoritm.
Templates of configuration files for these services are the following:
- /usr/local/bm/etc/ssm.conf.d/.xrproxy.conf - proxy server
- /usr/local/bm/etc/ssm.conf.d/.xmlrpcd.conf - XML RPC server
So, if you need to make PBA-E to listen to XML RPC API requests on public IP address the you need to perform the following actions:
Create or edit the file /usr/local/bm/etc/ssm.conf.d/xrproxy.conf on PBA-E server and enter desired IP address in the parameter HOST_IP in the section '[environment]':
[environment]
HOST_IP = external_ip
Restart services xrproxy and xmlrpcd:
/etc/init.d/pba restart xrproxy
/etc/init.d/pba restart xmlrpcd
Additional Information
It's recommended to enable authentication when opening port on public IP address. But if you enable authentication on existing containers, xrproxy and xmlrpcd, POA and Online store integration will be broken.
Thus, in order to avoid any failures it is necessary to create additional containers and to open another port for the XML RPC requests with authentication enabled. This procedure is described in the article "How to enable authorization for xmlrpcd". Apply changes in “Resolution” to file xrproxy_auth.conf as described in above KB if you want to enable authentication on external_ip.