QuickFIX logon trouble: (using QuickFIX, with FIX 4.4 in Python 2.7)
Once I do initiator.start() a connection is made, and logon message is sent. However, I don't ever see the ACK and session status message that the broker is sending back (all the overloaded Application methods are just supposed to print out what they receive).
QuickFIX immediately re-tries the logon (according to the broker log files), and the same thing happens, but according to the server, I am already logged in.
QuickFIX then issues a Logout command, which the server complies with.
I have tried enter Timeout values in the settings file, but to no avail. (Do I need to explicitly reference these values in the code to have the utilized, or will the engine see them and act accordingly automatically?)
Any ideas what is going on here?
Sounds like you do not have message logs enabled. If your app rejects messages below the application level (such as if the seq no is wrong, or the message is malformed), then it'll be rejected before your custom message handlers even see it.
If you are starting your Initiator with a ScreenLogStore, change it to a FileLogStore. This will create a log file that will contain every message sent and received on the session, valid or not. Dollars to donuts you'll see your Logon acks in there as well as some Transport-layer rejections.
Solved! I think there was something wrong with my datadictionary (FIX44.xml) file. I had seen a problem in it before, but thought I fixed it. I got a new copy online and dropped it in and now everything seems to be working. Maybe the bad dictionary was not letting FIX accept the logon response?
Related
I'm trying out GAE and having a little trouble sending email from my application in both development and production. I understand the development server needs a little configuration first, but production should be send email. There are no errors that I can see viewing the console (I start the server via terminal window), and none reported in the production application.
The code:
def contactSend():
message = mail.EmailMessage()
message.sender = "myaddress#gmail.com"
message.to = "myaddress#gmail.com"
message.subject = "Test email from python"
message.body = "This is the test"
message.send()
What I have checked so far:
Code appears to be correct.
-Sender (and to) address have administrator level permissions of the project.
-Project is configured as Python 2.7 (some issues on 2.5 I guess).
-My spam folder.
I'm sure I'm likely missing something simple as I'm very new to GAE. Any ideas would be greatly appreciated.
Edit: I've also tried mail.sendmail:
mail.send_mail(sender="myaddress#gmail.com",
to="myaddress#gmail.com",
subject="This is the test 1124pm",
body="TEST!")
No luck there either. Possible that I need to register a domain or set up a Google Apps account maybe?
Edit2 11:52am: I've tried a check_valid_email to be sure and that came back true. I saw the "send_mail_to_admins" function and gave that a shot assuming it might be less restricting and possibly work, but nothing there either.
Edit3: I don't know if it helps but here's the request handler:
class contactSend(webapp2.RequestHandler):
def post(self):
self.response.headers['Content-Type'] = 'text/html'
contactSend()
self.response.out.write("sent! ")
Your code snippets appear to be correct (with the exception of improper indentation of your first function), so I'm going to provide some debugging information to help you solve your problem.
Check the Logs of your application to see if any exceptions are being raised by your code which may prevent things from working as intended.
https://appengine.google.com/logs?&app_id=YOUR_APP_ID
Check the Quota Details of your application to see if any emails have been sent.
https://appengine.google.com/dashboard/quotadetails?&app_id=YOUR_APP_ID
Ensure the sender email address has accepted the App Engine invite and is not listed as "pending" on the Permissions page.
https://appengine.google.com/permissions?&app_id=YOUR_APP_ID
Double-check the to and sender email addresses. Copy/paste them and try to send an email to them directly through the email application of your choice.
In order to be able to send e-mails from a certain address, you need to set up a domain first, and grant access to the application to send e-mails using it.
If you don’t want/need to set up a domain, and if you application requires log in, you could simply use:
mail.send_mail(sender=users.get_current_user().email(),
to="myaddress#gmail.com",
subject="This is the test 1124pm",
body="TEST!")
I have a python script that uses a twisted imap4.IMAP4Client to check for new emails in a gmail account. It does so every ~30 seconds. It has been running fine for months.
Starting June 11, I began to see this message after the search("(UNSEEN)") call:
Unhandled unsolicited response: ['OK', ['HIGHESTMODSEQ', '1234567']]
This message appears at every check for new messages now.
What does this message mean? Is it anything to worry about?
HIGHESTMODSEQ is a protocol extension you can ignore. It is documented in RFC4551.
It's just silly log noise. The IMAP4 client parser is telling you the server sent it something it didn't expect and doesn't really know how to handle. So it is handling it by logging that message.
Off the top of my head, I have no idea what HIGHESTMODSEQ is for, but if you don't care about that information either, then you can just ignore this. If you do care about it, you can contribute a patch to Twisted to add support for this kind of unsolicited response. :)
When an email is received that generates an error what is the best way to bounce the message? For example you store a file in a db.BlobProperty but an email comes in that exceeds the 1m limit. There needs to be a bounce error to the request somehow so the email doesn't keep hitting the server and increasing the billing every 15 minutes. (Don't ask me how I know :-P ... not really it is a separate but related issue I posted in another question. here )
But that other error made it clear I need to deal with this before I get that email with multiple attachments that nails me for 1gb of data.
Normally the mail server handles the bounce, like when you send to a bad address and returns an error to the client/server. I have searched and didn't find anything helpful on this. YMMV
Is there an undocumented function? What is the proper response to return so that the originating server stops sending?
There's no way to bounce a message once it arrives at your App Engine app. You have two options:
Send the user a 'bounce message' yourself using the outgoing email API
Silently discard the message
In either case, you should install a top-level exception handler (frameworks like webapp and webapp2 have support for this) that logs the exception, performs the appropriate action, and then returns status code 200 instead of 500, so the message won't be redelivered repeatedly.
In your specific case, too, I'd start storing the attachments in the blobstore instead of a blob property, to avoid the 1MB limit.
Example scenario: Web based multi-user chat application through websocket connection. How can I ensure (or guarantee) that each connection in this application belongs to certain authenticated user and "can't be" exploited by false user impersonation or intervene during the connection.
by the way I am using tornado websocket on server side to implement basic chat room and already doing authentication for the non-websocket part of my app.
ps : suppose authenticated user posts what he wants and when other user open the listing page of item and automatically other user is added to list of websocket listeners what I want each user able to chat with buyer of the item individually not in a chatroom way but with one to one chat
First and foremost, there are two things you should remember about WebSockets: (a) it's an evolving standard and (b) it is designed with the intention of working with untrusted clients.
The biggest and most important thing you should always do with WebSockets is check their origin. If the origin is mismatched, obviously you don't want to deal with that client, so ignore their requests. Additionally, make sure you're using the "wss" secured WebSocket protocol rather than the "ws" unsecured protocol. This will ensure that your messages are encrypted.
The problem with just doing this, is that this information can be spoofed. See this blog post for a quick demonstration of this.
Additional Security:
Try sending a salted token, having it salted/hashed and sent back and validated in the handshake phase.
Limit requests that happen too frequently (just like the IRC protocol). If the user has submitted 10 lines or more within the span of a second, ignore that user.
Do a quick spam-check (there are lots of algorithms for this) -- stick to light heuristics, otherwise it will burden your server. Things like the presence of the words "free" or "viagra". Give the user a score that represents the likelihood that they are spamming or are a bot. When that is breached, boot them from the servers.
Hope that helps! Sorry if it doesn't. This is my frist answer on StackOverflow. :P
I'm pretty sure the websocket connection sends up any cookies that have been established in the non-websocket connection to your app. You should be able to query Django's session store for the connection's cookie and determine the user that socket belongs to.
Check out: https://docs.djangoproject.com/en/1.3/topics/http/sessions/#configuring-the-session-engine
This is the whole purpose of websocket connection. You authenticate them by handshaking protpcol. For further info see here:
https://datatracker.ietf.org/doc/html/draft-ietf-hybi-thewebsocketprotocol-08
In order to make the registration process on my website easy, I allow users to enter their email address which I will send a verification code to or alternatively they can solve a captcha.
The problem is that in order to prevent robots from registering accounts (with fake emails) I limit the number of registrations allowed per IP address and if this limit is exceeded I trigger a warning in the logs.
However ... what seems to be happening is that I am using os.environ['REMOTE_ADDR'] to check the remote address -- but it seems that I am triggering warnings on addresses that are owned by Google (66.249.65.XXX). It is possible that this is happening only after I change the version (but not confirmed). Does anyone know how/why this might be happening? Shouldn't the REMOTE_ADDR return the address of the client computer (and hopefully in all cases it would do this)?
I am curious if there is some behind the scenes re-directions going on, and if this is a normal event or if it only happens when a new version is installed (perhaps when a new version is installed the original server then proxies the user to the new server, therefore creating the illusion that the IP address is an internal IP?)
I believe that I have figured out the reason for seeing so many warnings from google server IP addresses. It seems that immediately after a new user registers, the google crawlers are going to the same (registration) webpage (which I send information to as a GET instead of a POST for reasons which I will not get into). Of course, since many users are registering, but there are only a few crawler computers that are checking periodic updates to my website, I am triggering warning messages that a particular (google) IP is accessing a registration area repeatedly.