I have an Angular application that communicates with a Node / Express REST API.
我有一个与Node / Express REST API通信的Angular应用程序。
This API runs on port 82.
此API在端口82上运行。
Our company sells licences to this application to enterprises and larger organisations such as Banks, Television, Construction ect.
我们公司向企业和大型组织(如银行,电视,建筑等)出售此应用程序的许可证。
Many of these organisations have a tight security network in place that sometimes disallow the port our API is running on which means that they are unable to access the content until their IT department has opened this port.
其中许多组织都有一个严密的安全网络,有时不允许运行我们的API的端口,这意味着在IT部门打开此端口之前,他们无法访问内容。
In some cases the organisation have a policy that they will not open the specific port which results in a lost sale which is very bad!
在某些情况下,组织有一个政策,他们不会打开特定的端口,导致销售损失,这是非常糟糕的!
The problem is im unable to change ports because it is different for each of the organisation which ports are open and which are closed.
问题是我无法更改端口,因为每个组织的端口都是打开的,哪些端口是关闭的。
So my question is how do i get around this? am i doomed to loose clients because of their security system or is there a work around? i am thinking that im not the only one with this issue...
所以我的问题是如何解决这个问题?我注定要因为他们的安全系统而疏忽客户,还是有办法解决?我想我不是唯一有这个问题的人......
2 个解决方案
#1
2
If I were writing this, i'd have the port in a config file along with all your other application-wide definitions (credentials/api keys etc). Your clients should have people on staff with the know-how to set up some proxy routing for whatever port your node app is running on, and your API should refer to the port via call to the config file (I'm pretty sure most of the node/express docs do this by design).
如果我写这篇文章,我会在配置文件中有端口以及所有其他应用程序范围的定义(凭证/ api密钥等)。您的客户应该让工作人员具备为您的节点应用运行的任何端口设置代理路由的专有技术,并且您的API应该通过调用配置文件来引用端口(我很确定大多数node / express docs通过设计实现这一点)。
By doing this, it doesn't matter to your API which port it's running on, and it's down to the client to define and support a port that they allow on their network.
通过这样做,您的API在哪个端口上运行并不重要,而是由客户端来定义和支持他们在网络上允许的端口。
EDIT: just seen your comment in another answer that you're hosting the API and they're connecting to it. In that case, it would be easier (and better industry practice) to expose your API on port 80. If you've already got Apache running on 80, then you need to proxy your API within your own infrastructure from the port it's running on to an endpoint on the same port (in the same way that you can have multiple sites running against port 80 as they have different URLs)
编辑:刚看到你在另一个答案中的评论,你正在主持API,他们正在连接它。在这种情况下,在端口80上公开您的API将更容易(和更好的行业惯例)。如果您已经在80上运行Apache,那么您需要在自己的基础架构中从其运行的端口代理您的API到同一端口上的端点(与在端口80上运行多个站点的方式相同,因为它们具有不同的URL)
Something like this:
像这样的东西:
<VirtualHost *:80>
...
ServerName api.somehost.com
ProxyPass / http://127.0.0.1:82/ Keepalive=On
ProxyPassReverse / http://127.0.0.1:82/
ProxyPreserveHost On
....
</VirtualHost>
So therefore when your client points a REST call at your api.somehost.com, it enters your infrastructure through port 80, and is routed to your API running on port 82. Make sure you have enabled the proxy module (a2enmod proxy)
因此,当您的客户端在您的api.somehost.com上指向REST调用时,它会通过端口80进入您的基础架构,并被路由到您在端口82上运行的API。确保您已启用代理模块(a2enmod代理)
#2
1
In case of using Web Server at the servers of your clients, they're just need to add proxy to your backend, running on any free port
如果在客户端的服务器上使用Web Server,他们只需要在后端添加代理,在任何*端口上运行
like this for nginx
像这样的nginx
location ^~ /nodeapp/ {
proxy_pass http://127.0.0.1:82/;
}
So, all the urls of client http://website.org/nodeapp/anything goes to your nodejs instance /anything. Your app reachable via opened 80 port
因此,客户端http://website.org/nodeapp/anything的所有网址都会转到您的nodejs实例/任何内容。您的应用可通过已打开的80端口访问
If it's not allowed to use and change config of existing web server, then the only one option to set up nodejs listen port with args --port 4000 and explicit opening that port to external network
如果不允许使用和更改现有Web服务器的配置,那么设置nodejs的唯一选项是使用args --port 4000监听端口并明确打开该端口到外部网络
#1
2
If I were writing this, i'd have the port in a config file along with all your other application-wide definitions (credentials/api keys etc). Your clients should have people on staff with the know-how to set up some proxy routing for whatever port your node app is running on, and your API should refer to the port via call to the config file (I'm pretty sure most of the node/express docs do this by design).
如果我写这篇文章,我会在配置文件中有端口以及所有其他应用程序范围的定义(凭证/ api密钥等)。您的客户应该让工作人员具备为您的节点应用运行的任何端口设置代理路由的专有技术,并且您的API应该通过调用配置文件来引用端口(我很确定大多数node / express docs通过设计实现这一点)。
By doing this, it doesn't matter to your API which port it's running on, and it's down to the client to define and support a port that they allow on their network.
通过这样做,您的API在哪个端口上运行并不重要,而是由客户端来定义和支持他们在网络上允许的端口。
EDIT: just seen your comment in another answer that you're hosting the API and they're connecting to it. In that case, it would be easier (and better industry practice) to expose your API on port 80. If you've already got Apache running on 80, then you need to proxy your API within your own infrastructure from the port it's running on to an endpoint on the same port (in the same way that you can have multiple sites running against port 80 as they have different URLs)
编辑:刚看到你在另一个答案中的评论,你正在主持API,他们正在连接它。在这种情况下,在端口80上公开您的API将更容易(和更好的行业惯例)。如果您已经在80上运行Apache,那么您需要在自己的基础架构中从其运行的端口代理您的API到同一端口上的端点(与在端口80上运行多个站点的方式相同,因为它们具有不同的URL)
Something like this:
像这样的东西:
<VirtualHost *:80>
...
ServerName api.somehost.com
ProxyPass / http://127.0.0.1:82/ Keepalive=On
ProxyPassReverse / http://127.0.0.1:82/
ProxyPreserveHost On
....
</VirtualHost>
So therefore when your client points a REST call at your api.somehost.com, it enters your infrastructure through port 80, and is routed to your API running on port 82. Make sure you have enabled the proxy module (a2enmod proxy)
因此,当您的客户端在您的api.somehost.com上指向REST调用时,它会通过端口80进入您的基础架构,并被路由到您在端口82上运行的API。确保您已启用代理模块(a2enmod代理)
#2
1
In case of using Web Server at the servers of your clients, they're just need to add proxy to your backend, running on any free port
如果在客户端的服务器上使用Web Server,他们只需要在后端添加代理,在任何*端口上运行
like this for nginx
像这样的nginx
location ^~ /nodeapp/ {
proxy_pass http://127.0.0.1:82/;
}
So, all the urls of client http://website.org/nodeapp/anything goes to your nodejs instance /anything. Your app reachable via opened 80 port
因此,客户端http://website.org/nodeapp/anything的所有网址都会转到您的nodejs实例/任何内容。您的应用可通过已打开的80端口访问
If it's not allowed to use and change config of existing web server, then the only one option to set up nodejs listen port with args --port 4000 and explicit opening that port to external network
如果不允许使用和更改现有Web服务器的配置,那么设置nodejs的唯一选项是使用args --port 4000监听端口并明确打开该端口到外部网络