Payment and Account Proxy Service¶

When running Totalview Cloud, you might need an extra layer of security when pulling Account and/or Payment information from Totalview Time.

If possible, it is always recommended to connect directly to the WCFAccount and WCFPayment services from Totalview Time.
This requires that the requesting system can handle WCF connections over HTTPS, and is able to dynamically add an ApiKey to the header of the request.
Some requesting services like Navision and Løttløn, might not support these features. If this is the case then the Payment and Account Proxy Service can handle this.

The Proxy Service is installed on premise, and will relay every request securely to the Time endpoint.

This way older requesting clients can access the proxy without an API Key and over HTTP

How it works¶

../../_images/AccountPaymentProxyDiagram.png

How to setup¶

Getting the files¶

Download the latest install kit from https://partner.total-view.com/SoftwareCenter/. (At least version > 2020.0.2)

Extract the Zip to some temporary Folder (e.g. c:\Temp\)

Go to that folder and find the TotalviewInstallFiles.zip and extract that.

Copy the folder TimeServerAccountPaymentProxyService to C:\Program Files (x86)\Formula.fo\Totalview3\ (Create folders if they don’t exist)

Configuring the Proxy Service¶

Get the address and the API keys of the Totalview Time Installation. The settings can be found in TimeServer.exe.config, and will look something like this:

https://[CompanyName].totalview.cloud:[64002]/PAYWCF

https://[CompanyName].totalview.cloud:[64003]/ACCWCF

Open the TimeServerAccountPaymentProxyService.exe.config with your text editor of choice. This should be located at C:\Program Files (x86)\Formula.fo\Totalview3\TimeServerAccountPaymentProxyService\TimeServerAccountPaymentProxyService.exe.config

Configure the external address (i.e. the address the proxy service should relay the messages to)

Under configuration-> appSettings`

Set the correct API Keys for Payment and Account.

Under configuration-> system.serviceModel -> client there are 6 endpoints.

If your Totalview Time Server address starts with HTTPS then use the 2 endpoints between the <!– secure config BEGIN –> and <!– secure config END –>

Remove the comment and instead comment out the 2 endpoints between <!– insecure config BEGIN –> and <!– insecure config END –>

Set the correct address for both of the endpoints (e.g. https://[CompanyName].totalview.cloud:[64002]/PAYWCF and https://[CompanyName].totalview.cloud:[64003]/ACCWCF)

Ignore the bottom 2 endpoints. They are for testing the connection.

../../_images/AccountPaymentProxyConfig1.png

Configure the internal address (i.e. the address the internal payment or account system will access)

Under configuration-> system.serviceModel -> services there are 2 Services. One fore PaymentProxy and on for Account Proxy.

Enter the internal address this proxy service should use. By default they are set to “http://localhost:8004” for Payment and “http://localhost:8005” for Account.

NB! If you change the internal address and port used, then it is recommended that the Test Endpoinst (TestPaymentProxyEndpoint and TestAccountProxyEndpoint, seen in the screen shot above) to the same address. Otherwise it will not be possible to use the test client to verify that Proxy Service works.

../../_images/AccountPaymentProxyConfig2.png

How to test¶

Open Powershell as admin to start the service for testing.
Navigate to the Proxy Service Folder (Default C:\Program Files (x86)\Formula.fo\Totalview3\TimeServerAccountPaymentProxyService)
Run the command “.\Test.ps1”

The service can also be tested by creating a shortcut to the TimeServerAccountPaymentProxyService.exe with the argument /test

This will start a test client where the service can be started / stopped and where 2 test methods are available methods. “Call Hello” doesn’t need an API Key, “Call GetUsers” might require an API Key.

How to register the service¶

NB! Verify that the test client isn’t running or else the service will not start.
Open Powershell as admin.
Navigate to the Proxy Service Folder (Default C:\Program Files (x86)\Formula.fo\Totalview3\TimeServerAccountPaymentProxyService)
Run the command “.\RegisterService.ps1”

This will register the service as ‘TimeServerAccountPaymentProxyService’ and start it.

Limit access to the Proxy Service¶

It is possible to only relay Account or Payment. Remove the configuration for the not required endpoint from the configuration.

This is an example config that only relays Account