QBConnector Component
Properties Methods Events Config Settings Errors
The QBCONNECTOR component is a utility that allows you to connect your QuickBooks Integrator applications to remote QuickBooks instances.
Syntax
TiqbQBConnector
Remarks
The QBConnector component is a lightweight web server which listens for HTTP requests originating from the QuickBooks Integrator components. Each request sent to the QBConnector by a QuickBooks Integrator component contains the XML data to be communicated to QuickBooks as well as configuration settings specifying how the connection is to be opened. The QBConnector then communicates with QuickBooks via COM, and returns the QuickBooks response (or an error message) in the HTTP reply.
Using the QBConnector component is easy. Simply set Listening to True, and the component will begin listening for incoming messages on the specified LocalPort. The messages will be processed by the QuickBooks application that is running on the same machine as the QBConnector, and the results will automatically be returned to the requesting client.
Basic authentication is enabled by default, meaning the connecting clients must present a user name and password in the QBConnectionString of the component they're using. The supplied user name and password are checked against the list of AuthorizedUsers. If no user in the list matches the supplied credentials, the Authorization event will fire with the Accept parameter set to false. If the user was found in the list of AuthorizedUsers then the parameter will be set to True. You may override this functionality by setting the Accept parameter inside the Authorization event manually. If no "Authorization" header supplied in the request, the Authorization event will fire with blank User and Password parameters.
Note that the QBConnectionString will be used to make the connection to QuickBooks for a user found in the AuthorizedUsers collection.
Any of the QuickBooks Integrator components can connect to the QBConnector using the QBConnectionString property of any of the components.
For instance, an example using the Invoice component follows:
Invoice.QBConnectionString = "URL='http://www.foo.com:2080'" User='Foo' Password='Bar'";
Using SSL along with a digital certificate greatly increases the security of the Remote Connector. SSL will encrypt all data transmitted across the network, ensuring that only the Connector can read incoming requests, and that only the requesting client can read the QuickBooks responses. This prevents unauthorized parties from accessing your QuickBooks data. You should use a full digital certificate on the server (Connector) side, and this will contain a public key and a private key. This version of your certificate should be kept private. You may export a version of the certificate containing the public key only, and distribute this to all clients that need to communicate with the Connector.
To use this functionality, set the SSLCert with a valid certificate and then change the SSLStartMode to sslImplicit.
Now all clients must post to the QBConnector using HTTPS. eg:
Invoice.QBConnectionString = "URL='https://www.foo.com:2080' User='Foo' Password='Bar'"; // https instead of http
The client (in these examples Invoice) has an SSLServerAuthentication event that will fire when the server presents its certificate. If the public key presented by the QBConnector is trusted by the system, the Accept parameter will be True. If it is not trusted by the system (Accept is False), you should inspect the certificate and if valid, override by setting Accept to True.
Property List
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
AuthorizedUsers | A list of clients allowed to connect to the server. |
ConnectedToQB | Opens or closes a persistent connection to QuickBooks. |
EnableSSL | Indicates whether server starts in SSL-mode. |
Listening | If set to True, the component accepts incoming connections on LocalPort. |
LocalHost | The name of the local host or user-assigned IP interface through which connections are initiated or accepted. |
LocalPort | The TCP port in the local host where the component listens. |
SSLAuthenticateClients | If set to True, the server asks the client(s) for a certificate. |
SSLCertEncoded | This is the certificate (PEM/base64 encoded). |
SSLCertStore | This is the name of the certificate store for the client certificate. |
SSLCertStorePassword | If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store. |
SSLCertStoreType | This is the type of certificate store for this certificate. |
SSLCertSubject | This is the subject of the certificate used for client authentication. |
SSLProvider | This specifies the SSL/TLS implementation to use. |
Timeout | An initial timeout value to be used by incoming connections. |
Method List
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
AddUser | Adds a new user to the AuthorizedUsers collection. |
Config | Sets or retrieves a configuration setting. |
DoEvents | Processes events from the internal message queue. |
Reset | Clears all properties to their default values. |
Shutdown | Shutdown the server. |
Event List
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
Authorization | Fired when the client presents its credentials to the server. |
Connected | This event is fired immediately after a connection completes (or fails). |
ConnectionRequest | This event is fired when a request for connection comes from a remote host. |
Disconnected | This event is fired when a connection is closed. |
Error | This event fires information about errors during data delivery. |
Header | HTTP headers sent by the client. |
Request | Fired when a client sends a request to the component. |
Response | Fired when the component sends a response to the client. |
SSLClientAuthentication | This event is fired when the client presents its credentials to the server. |
SSLConnectionRequest | This event fires when a Secure Sockets Layer (SSL) connection is requested. |
SSLStatus | This event is fired to show the progress of the secure connection. |
Status | Shows the status of the server as clients connect and transactions are made. |
Config Settings
The following is a list of config settings for the component with short descriptions. Click on the links for further details.
AuthFlags | Auth Flags to use when connecting to QuickBooks. |
ConnectedToQB | Used to connect or disconnect from QuickBooks. |
DefaultConnectionString | Default connection string to use for users not in the AuthorizedUsers collection. |
ReadOnly[i] | Whether a user is restricted to read-only access. |
UseInteractiveLogon | Whether interactive or network logon is used when AuthMode is set to Windows. |
BuildInfo | Information about the product's build. |
CodePage | The system code page used for Unicode to Multibyte translations. |
LicenseInfo | Information about the current license. |
MaskSensitive | Whether sensitive data is masked in log messages. |
UseInternalSecurityAPI | Tells the component whether or not to use the system security libraries or an internal implementation. |
AuthorizedUsers Property (QBConnector Component)
A list of clients allowed to connect to the server.
Syntax
property AuthorizedUsers: TiqbAuthorizedUserList read get_AuthorizedUsers write set_AuthorizedUsers;
Remarks
The AuthorizedUsers property contains a list of clients allowed to connect to the QBConnector component. If the user name and password supplied in the HTTP authorization header must match the User and Password properties, the Authorization event will fire with the Accept parameter set to True. If the user cannot be found, or the password does not match, the Authorization event will fire with the Accept parameter set to False;. If a match is found, the component uses the information in the QBConnectionString to make a connection to QuickBooks.
ConnectedToQB Property (QBConnector Component)
Opens or closes a persistent connection to QuickBooks.
Syntax
property ConnectedToQB: Boolean read get_ConnectedToQB;
Default Value
false
Remarks
You may use this property to determine whether the component is currently connected to QuickBooks.
This property is read-only and not available at design time.
EnableSSL Property (QBConnector Component)
Indicates whether server starts in SSL-mode.
Syntax
property EnableSSL: Boolean read get_EnableSSL write set_EnableSSL;
Default Value
false
Remarks
This property must be set before setting Listening to True. When EnableSSL is True, plaintext connections to the component will be rejected.
This property is not available at design time.
Listening Property (QBConnector Component)
If set to True, the component accepts incoming connections on LocalPort.
Syntax
property Listening: Boolean read get_Listening write set_Listening;
Default Value
false
Remarks
This property indicates whether the component is listening for connections on the port specified by the LocalPort property.
Note: Use the StartListening and StopListening methods to control whether the component is listening.
This property is not available at design time.
LocalHost Property (QBConnector Component)
The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
Syntax
property LocalHost: String read get_LocalHost write set_LocalHost;
Default Value
''
Remarks
The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.
In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the component initiate connections (or accept in the case of server components) only through that interface.
If the component is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).
NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.
LocalPort Property (QBConnector Component)
The TCP port in the local host where the component listens.
Syntax
property LocalPort: Integer read get_LocalPort write set_LocalPort;
Default Value
2080
Remarks
The LocalPort property must be set before QBConnector starts listening. If its value is 0, then the TCP/IP subsystem picks a port number at random. The port number can be found by checking the value of the LocalPort property after Listening is set to True.
The service port is not shared among servers (i.e. there can be only one QBConnector 'listening' on a particular port at one time).
The default value for LocalPort is 2080.
SSLAuthenticateClients Property (QBConnector Component)
If set to True, the server asks the client(s) for a certificate.
Syntax
property SSLAuthenticateClients: Boolean read get_SSLAuthenticateClients write set_SSLAuthenticateClients;
Default Value
false
Remarks
This property is used in conjunction with the SSLClientAuthentication event. Please refer to the documentation of the SSLClientAuthentication event for details.
SSLCertEncoded Property (QBConnector Component)
This is the certificate (PEM/base64 encoded).
Syntax
property SSLCertEncoded: String read get_SSLCertEncoded write set_SSLCertEncoded; property SSLCertEncodedB: TBytes read get_SSLCertEncodedB write set_SSLCertEncodedB;
Default Value
''
Remarks
This is the certificate (PEM/base64 encoded). This property is used to assign a specific certificate. The Store and Subject properties also may be used to specify a certificate.
When Encoded is set, a search is initiated in the current Store for the private key of the certificate. If the key is found, Subject is updated to reflect the full subject of the selected certificate; otherwise, Subject is set to an empty string.
This property is not available at design time.
SSLCertStore Property (QBConnector Component)
This is the name of the certificate store for the client certificate.
Syntax
property SSLCertStore: String read get_SSLCertStore write set_SSLCertStore; property SSLCertStoreB: TBytes read get_SSLCertStoreB write set_SSLCertStoreB;
Default Value
'MY'
Remarks
This is the name of the certificate store for the client certificate.
The StoreType property denotes the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.
Store is used in conjunction with the Subject property to specify client certificates. If Store has a value, and Subject or Encoded is set, a search for a certificate is initiated. Please see the Subject property for details.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).
SSLCertStorePassword Property (QBConnector Component)
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
Syntax
property SSLCertStorePassword: String read get_SSLCertStorePassword write set_SSLCertStorePassword;
Default Value
''
Remarks
If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
SSLCertStoreType Property (QBConnector Component)
This is the type of certificate store for this certificate.
Syntax
property SSLCertStoreType: TiqbCertStoreTypes read get_SSLCertStoreType write set_SSLCertStoreType;
TiqbCertStoreTypes = ( cstUser, cstMachine, cstPFXFile, cstPFXBlob, cstJKSFile, cstJKSBlob, cstPEMKeyFile, cstPEMKeyBlob, cstPublicKeyFile, cstPublicKeyBlob, cstSSHPublicKeyBlob, cstP7BFile, cstP7BBlob, cstSSHPublicKeyFile, cstPPKFile, cstPPKBlob, cstXMLFile, cstXMLBlob, cstJWKFile, cstJWKBlob, cstSecurityKey, cstBCFKSFile, cstBCFKSBlob, cstPKCS11, cstAuto );
Default Value
cstUser
Remarks
This is the type of certificate store for this certificate.
The component supports both public and private keys in a variety of formats. When the cstAuto value is used the component will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS11 interface.
To use a security key the necessary data must first be collected using the CertMgr component. The ListStoreCertificates method may be called after setting CertStoreType to cstPKCS11, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN. Code Example: SSH Authentication with Security Key
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
SSLCertSubject Property (QBConnector Component)
This is the subject of the certificate used for client authentication.
Syntax
property SSLCertSubject: String read get_SSLCertSubject write set_SSLCertSubject;
Default Value
''
Remarks
This is the subject of the certificate used for client authentication.
This property must be set after all other certificate properites are set. When this property is set, a search is performed in the current certificate store certificate with matching subject.
If a matching certificate is found, the property is set to the full subject of the matching certificate.
If an exact match is not found, the store is searched for subjects containing the value of the property.
If a match is still not found, the property is set to an empty string, and no certificate is selected.
The special value "*" picks a random certificate in the certificate store.
The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.
Field | Meaning |
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma it must be quoted.
SSLProvider Property (QBConnector Component)
This specifies the SSL/TLS implementation to use.
Syntax
property SSLProvider: TiqbTSSLProviders read get_SSLProvider write set_SSLProvider;
TiqbTSSLProviders = ( sslpAutomatic, sslpPlatform, sslpInternal );
Default Value
sslpAutomatic
Remarks
This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic) the component will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.
Possible values are:
0 (sslpAutomatic - default) | Automatically selects the appropriate implementation. |
1 (sslpPlatform) | Uses the platform/system implementation. |
2 (sslpInternal) | Uses the internal implementation. |
In most cases using the default value (Automatic) is recommended. The component will select a provider depending on the current platform.
When Automatic is selected, on Windows the component will use the platform implementation. On Linux/macOS the component will use the internal implementation. When TLS 1.3 is enabled via SSLEnabledProtocols the internal implementation is used on all platforms.
Timeout Property (QBConnector Component)
An initial timeout value to be used by incoming connections.
Syntax
property Timeout: Integer read get_Timeout write set_Timeout;
Default Value
30
Remarks
Timeout is used by the component to set the operational timeout value of all inbound connections once they are established.
The default value is 30 seconds.
AddUser Method (QBConnector Component)
Adds a new user to the AuthorizedUsers collection.
Syntax
procedure AddUser(User: String; Password: String; QBConnectionString: String; AuthMode: Integer);
Remarks
Please refer to the AuthorizedUsers collection for more information.
User specifies the user which will be allowed to connect.
Password specifies the password of the user. This is not applicable when AuthMode is set to 1 (amWindows).
QBConnectionString sets the connection properties for the user. See QBConnectionString for details.
AuthMode defines how the user will be authenticated. There are two ways that the user may be authorized, against the user list defined in the component, or as a Windows user. From the client side the process of connecting is exactly the same no matter which option you choose. Possible values are:
0 (amNormal - default) | The user is authenticated against the user list defined in the component. |
1 (amWindows) | The user is authenticated as a Windows user. |
When using the amWindows AuthMode the component will validate the user's credentials with Windows. When calling AddUser the Password parameter should be set to empty string.
Config Method (QBConnector Component)
Sets or retrieves a configuration setting.
Syntax
function Config(ConfigurationString: String): String;
Remarks
Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
DoEvents Method (QBConnector Component)
Processes events from the internal message queue.
Syntax
procedure DoEvents();
Remarks
When DoEvents is called, the component processes any available events. If no events are available, it waits for a preset period of time, and then returns.
Reset Method (QBConnector Component)
Clears all properties to their default values.
Syntax
procedure Reset();
Remarks
This method clears all properties to their default values.
Shutdown Method (QBConnector Component)
Shutdown the server.
Syntax
procedure Shutdown();
Remarks
When this method is called, the component will stop Listening, break all active connections, and disconnect from QuickBooks.
Authorization Event (QBConnector Component)
Fired when the client presents its credentials to the server.
Syntax
type TAuthorizationEvent = procedure ( Sender: TObject; ConnectionId: Integer; UserIndex: Integer; const User: String; const Password: String; var Accept: Boolean ) of Object;
property OnAuthorization: TAuthorizationEvent read FOnAuthorization write FOnAuthorization;
Remarks
This is where the server can decide whether to continue or not, based on the supplied User and Password.
To accept or reject a connection set Accept to True of False.
The Accept parameter defaults to True if User is found in the AuthorizedUsers collection and Password matches, and False otherwise. The UserIndex parameter indicates the index at which the authorized user was found in the collection.
A UserIndex of -1 means that no matching credentials were found in the AuthorizedUsers collection.
Connected Event (QBConnector Component)
This event is fired immediately after a connection completes (or fails).
Syntax
type TConnectedEvent = procedure ( Sender: TObject; ConnectionId: Integer; StatusCode: Integer; const Description: String ) of Object;
property OnConnected: TConnectedEvent read FOnConnected write FOnConnected;
Remarks
If the connection is made normally, StatusCode is 0, and Description is 'OK'.
If the connection fails, StatusCode has the error code returned by the system. Description contains a description of this code. The value of StatusCode is equal to the value of the system error.
Please refer to the Error Codes section for more information.
ConnectionRequest Event (QBConnector Component)
This event is fired when a request for connection comes from a remote host.
Syntax
type TConnectionRequestEvent = procedure ( Sender: TObject; const Address: String; Port: Integer; var Accept: Boolean ) of Object;
property OnConnectionRequest: TConnectionRequestEvent read FOnConnectionRequest write FOnConnectionRequest;
Remarks
This event indicates an incoming connection. The connection is accepted by default. Address and Port will contain information about the remote host requesting the inbound connection. If you want to refuse it, you can set the Accept parameter to False.
Disconnected Event (QBConnector Component)
This event is fired when a connection is closed.
Syntax
type TDisconnectedEvent = procedure ( Sender: TObject; ConnectionId: Integer; StatusCode: Integer; const Description: String ) of Object;
property OnDisconnected: TDisconnectedEvent read FOnDisconnected write FOnDisconnected;
Remarks
If the connection is broken normally, StatusCode is 0, and Description is 'OK'.
If the connection is broken for any other reason, StatusCode has the error code returned by the system. Description contains a description of this code. The value of StatusCode is equal to the value of the system error.
Please refer to the Error Codes section for more information.
Error Event (QBConnector Component)
This event fires information about errors during data delivery.
Syntax
type TErrorEvent = procedure ( Sender: TObject; ConnectionId: Integer; ErrorCode: Integer; const Description: String ) of Object;
property OnError: TErrorEvent read FOnError write FOnError;
Remarks
The Error event is fired in case of exceptional conditions during message processing. Normally, the component raises an exception.
ErrorCode contains an error code and Description contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
ConnectionId indicates the connection for which the error is applicable.
Header Event (QBConnector Component)
HTTP headers sent by the client.
Syntax
type THeaderEvent = procedure ( Sender: TObject; ConnectionId: Integer; const Header: String; const Value: String ) of Object;
property OnHeader: THeaderEvent read FOnHeader write FOnHeader;
Remarks
When a client connects, this event will fire for each HTTP header received.
Request Event (QBConnector Component)
Fired when a client sends a request to the component.
Syntax
type TRequestEvent = procedure ( Sender: TObject; ConnectionId: Integer; UserIndex: Integer; const Request: String ) of Object;
property OnRequest: TRequestEvent read FOnRequest write FOnRequest;
Remarks
This event will fire with the raw XML data received from the client, which is to be processed by QuickBooks.
The ConnectionId indicates which client connection this Request event is firing for. The UserIndex is the index of the user in the User array property. Request is the QBXML Request sent from the client.
A UserIndex of -1 means that no matching credentials were found in the AuthorizedUsers collection.
Response Event (QBConnector Component)
Fired when the component sends a response to the client.
Syntax
type TResponseEvent = procedure ( Sender: TObject; ConnectionId: Integer; UserIndex: Integer; const Response: String ) of Object;
property OnResponse: TResponseEvent read FOnResponse write FOnResponse;
Remarks
This event will fire with the raw XML retrieved from QuickBooks and sent to the client.
The ConnectionId indicates which client connection this Request event is firing for. The UserIndex is the index of the user in the User array property. Response is the QBXML Response from QuickBooks, which is being transmitted back to the client.
A UserIndex of -1 means that no matching credentials were found in the AuthorizedUsers collection.
SSLClientAuthentication Event (QBConnector Component)
This event is fired when the client presents its credentials to the server.
Syntax
type TSSLClientAuthenticationEvent = procedure ( Sender: TObject; ConnectionId: Integer; CertEncoded: String; CertEncodedB: TBytes; const CertSubject: String; const CertIssuer: String; const Status: String; var Accept: Boolean ) of Object;
property OnSSLClientAuthentication: TSSLClientAuthenticationEvent read FOnSSLClientAuthentication write FOnSSLClientAuthentication;
Remarks
This event enables the server to decide whether or not to continue. The Accept parameter is a recommendation on whether to continue or to close the connection. This is just a suggestion: application software must use its own logic to determine whether or not to continue.
When Accept is False, Status shows why the verification failed (otherwise, Status contains the string "OK").
SSLConnectionRequest Event (QBConnector Component)
This event fires when a Secure Sockets Layer (SSL) connection is requested.
Syntax
type TSSLConnectionRequestEvent = procedure ( Sender: TObject; ConnectionId: Integer; const SupportedCipherSuites: String; const SupportedSignatureAlgs: String; var CertStoreType: Integer; var CertStore: String; var CertPassword: String; var CertSubject: String ) of Object;
property OnSSLConnectionRequest: TSSLConnectionRequestEvent read FOnSSLConnectionRequest write FOnSSLConnectionRequest;
Remarks
This event fires when an SSL connection is requested and SSLProvider is set to Internal. This event provides an opportunity to select an alternative certificate to the connecting client. This event does not fire when SSLProvider is set to Platform.
This event allows the component to be configured to use both RSA and ECDSA certificates depending on the connecting client's capabilities.
ConnectionId is the connection Id of the client requesting the connection.
SupportedCipherSuites is a comma-separated list of cipher suites that the client supports.
SupportedSignatureAlgs is a comma-separated list of certificate signature algorithms that the client supports.
CertStoreType is the store type of the alternate certificate to use for this connection. The component supports both public and private keys in a variety of formats. When the cstAuto value is used the component will automatically determine the type. This property can take one of the following values:
0 (cstUser - default) | For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java. |
1 (cstMachine) | For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java. |
2 (cstPFXFile) | The certificate store is the name of a PFX (PKCS12) file containing certificates. |
3 (cstPFXBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format. |
4 (cstJKSFile) | The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java. |
5 (cstJKSBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java. |
6 (cstPEMKeyFile) | The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate. |
7 (cstPEMKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate. |
8 (cstPublicKeyFile) | The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate. |
9 (cstPublicKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate. |
10 (cstSSHPublicKeyBlob) | The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key. |
11 (cstP7BFile) | The certificate store is the name of a PKCS7 file containing certificates. |
12 (cstP7BBlob) | The certificate store is a string (binary) representing a certificate store in PKCS7 format. |
13 (cstSSHPublicKeyFile) | The certificate store is the name of a file that contains an SSH-style public key. |
14 (cstPPKFile) | The certificate store is the name of a file that contains a PPK (PuTTY Private Key). |
15 (cstPPKBlob) | The certificate store is a string (binary) that contains a PPK (PuTTY Private Key). |
16 (cstXMLFile) | The certificate store is the name of a file that contains a certificate in XML format. |
17 (cstXMLBlob) | The certificate store is a string that contains a certificate in XML format. |
18 (cstJWKFile) | The certificate store is the name of a file that contains a JWK (JSON Web Key). |
19 (cstJWKBlob) | The certificate store is a string that contains a JWK (JSON Web Key). |
21 (cstBCFKSFile) | The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET. |
22 (cstBCFKSBlob) | The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET. |
23 (cstPKCS11) | The certificate is present on a physical security key accessible via a PKCS11 interface.
To use a security key the necessary data must first be collected using the CertMgr component. The ListStoreCertificates method may be called after setting CertStoreType to cstPKCS11, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN. Code Example: SSH Authentication with Security Key
|
99 (cstAuto) | The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically. |
CertStore is the store name or location of the alternate certificate to use for this connection.
Designations of certificate stores are platform-dependent.
The following are designations of the most common User and Machine certificate stores in Windows:
MY | A certificate store holding personal certificates with their associated private keys. |
CA | Certifying authority certificates. |
ROOT | Root certificates. |
When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).
CertPassword is the password of the certificate store containing the alternate certificate to use for this connection.
CertSubject is the subject of the alternate certificate to use for this connection.
The special value * matches any subject and will select the first certificate in the store. The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.
Field | Meaning |
CN | Common Name. This is commonly a host name like www.server.com. |
O | Organization |
OU | Organizational Unit |
L | Locality |
S | State |
C | Country |
E | Email Address |
If a field value contains a comma it must be quoted.
SSLStatus Event (QBConnector Component)
This event is fired to show the progress of the secure connection.
Syntax
type TSSLStatusEvent = procedure ( Sender: TObject; ConnectionId: Integer; const Message: String ) of Object;
property OnSSLStatus: TSSLStatusEvent read FOnSSLStatus write FOnSSLStatus;
Remarks
The event is fired for informational and logging purposes only. It is used to track the progress of the connection.
Status Event (QBConnector Component)
Shows the status of the server as clients connect and transactions are made.
Syntax
type TStatusEvent = procedure ( Sender: TObject; ConnectionId: Integer; const Message: String ) of Object;
property OnStatus: TStatusEvent read FOnStatus write FOnStatus;
Remarks
The event is fired for informational and logging purposes only.
AuthorizedUser Type
Client login, password, and QuickBooks connection information.
Remarks
The AuthorizedUser type contains the User and Password of a client that is allowed to connect to the QBConnector component. When a client connects, the user name and password supplied in the HTTP authorization header are compared to the credentials of each authorized user. If a match is found, the component uses the information in the QBConnectionString to make a connection to QuickBooks.
Fields
AuthMode TiqbAuthModes |
This property defines how the user is authorized. There are two ways that the user may be authorized, against the user list defined in the component, or as a Windows user. From the client side the process of connecting is exactly the same no matter which option you choose. Possible values are:
When using the amWindows AuthMode the component will validate the user's credentials with Windows. When calling AddUser the Password parameter should be set to empty string. |
||||||
Password String |
A password associated with the User who is allowed to connect to the component. Connecting clients' authorization headers will be compared against this User and Password. |
||||||
QBConnectionString String |
An aggregate consisting of various QuickBooks connection properties that are used to connect the authorized client to the QuickBooks application. The connection properties should be formatted in a sequence as follows: propertyname = "propertyvalue" propertyname = "propertyvalue" ... The order is irrelevant, and the whitespace around the equal sign is optional. The following properties are currently supported:
|
||||||
User String |
Name of a user which is allowed to connect to the component. Connecting clients' authorization headers will be compared against this User and Password. |
Constructors
constructor Create();
constructor Create(valUser: String; valPassword: String);
constructor Create(valUser: String; valPassword: String; valQBConnectionString: String);
constructor Create(valUser: String; valPassword: String; valQBConnectionString: String; valAuthMode: TiqbAuthModes);
Config Settings (QBConnector Component)
The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.QBConnector Config Settings | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
AuthFlags: Auth Flags to use when connecting to QuickBooks.This configuration setting controls what auth flags are sent to QuickBooks. The default value is 0 (no auth flags set). | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ConnectedToQB: Used to connect or disconnect from QuickBooks.This setting allows you to connect and disconnect to the QuickBooks request processor which resides on the server machine. Calling Config with ConnectedToQB=False will immediately disconnect from QuickBooks. ConnectedToQB=True, however, will use the DefaultConnectionString (if present) to open a persistent connection to QuickBooks. Note that if the component is already connected to QuickBooks, setting ConnectedToQB to True will cause the component to raises an exception. Connecting in this manner is only useful if there are no connection strings specified in any AuthorizedUsers, as in that case the component will disconnect from QuickBooks and reconnect with the credentials specified for that individual user. However, it is not necessary to use this configuration setting to connect to QuickBooks. If no connection strings are specified in the AuthorizedUsers and the component is not currently connected to QuickBooks, a new connection will be made using the DefaultConnectionString. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
DefaultConnectionString: Default connection string to use for users not in the AuthorizedUsers collection.If a user connects to the component who is not in the AuthorizedUsers collection, and you set the Accept parameter in the Authorization event to True anyways, the component will use this connection string to open a connection with QuickBooks. This is blank by default. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
ReadOnly[i]:
Whether a user is restricted to read-only access.This setting specifies whether a user is limited to read-only access. The index should
be the of the user in the AuthorizedUsers collection. For instance:
QBConnector1.Config("ReadOnly[0]=True");
This indicates that the first user is limited to read-only access. The default value is False (full access).
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
UseInteractiveLogon: Whether interactive or network logon is used when AuthMode is set to Windows.This setting only applies when the AuthMode is set to 1 (amWindows). When performing windows authentication a regular network logon is attempted by default. When this setting is set to true an interactive logon is performed instead. This setting may be required in certain circumstances, such as using a domain account and the domain controller is Samba. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Base Config Settings | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
BuildInfo: Information about the product's build.When queried, this setting will return a string containing information about the product's build. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CodePage:
The system code page used for Unicode to Multibyte translations.The default code page is Unicode UTF-8 (65001).
The following is a list of valid code page identifiers:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LicenseInfo:
Information about the current license.When queried, this setting will return a string containing information about the license this instance of a component is using. It will return the following information:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
MaskSensitive:
Whether sensitive data is masked in log messages.In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to True to mask sensitive data. The default is True.
This setting only works on these components: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
UseInternalSecurityAPI:
Tells the component whether or not to use the system security libraries or an internal implementation.
When set to False, the component will use the system security libraries by default to perform cryptographic functions where applicable.
Setting this setting to True tells the component to use the internal implementation instead of using the system security libraries. This setting is set to False by default on all platforms. |
Trappable Errors (QBConnector Component)
ErrorsThe following errors may be generated by the component. Note that frequently the error message will contain more specific information than what is listed here.
QBConnector Errors
100 You cannot change the RemotePort at this time. A connection is in progress. | |
101 You cannot change the RemoteHost at this time. A connection is in progress. | |
102 The RemoteHost address is invalid (0.0.0.0). | |
104 IPDaemon is already listening. | |
106 Cannot change LocalPort when IPDaemon is Listening. | |
107 Cannot change LocalHost when IPDaemon is Listening. | |
108 Cannot change MaxConnections when IPDaemon is Listening. | |
112 You cannot change MaxLineLength at this time. A connection is in progress. | |
116 RemotePort cannot be zero. Please specify a valid service port number. | |
126 Invalid ConnectionId. | |
135 Operation would block. |
SSL Errors
270 Cannot load specified security library. | |
271 Cannot open certificate store. | |
272 Cannot find specified certificate. | |
273 Cannot acquire security credentials. | |
274 Cannot find certificate chain. | |
275 Cannot verify certificate chain. | |
276 Error during handshake. | |
280 Error verifying certificate. | |
281 Could not find client certificate. | |
282 Could not find server certificate. | |
283 Error encrypting data. | |
284 Error decrypting data. |
TCP/IP Errors
10004 [10004] Interrupted system call. | |
10009 [10009] Bad file number. | |
10013 [10013] Access denied. | |
10014 [10014] Bad address. | |
10022 [10022] Invalid argument. | |
10024 [10024] Too many open files. | |
10035 [10035] Operation would block. | |
10036 [10036] Operation now in progress. | |
10037 [10037] Operation already in progress. | |
10038 [10038] Socket operation on non-socket. | |
10039 [10039] Destination address required. | |
10040 [10040] Message too long. | |
10041 [10041] Protocol wrong type for socket. | |
10042 [10042] Bad protocol option. | |
10043 [10043] Protocol not supported. | |
10044 [10044] Socket type not supported. | |
10045 [10045] Operation not supported on socket. | |
10046 [10046] Protocol family not supported. | |
10047 [10047] Address family not supported by protocol family. | |
10048 [10048] Address already in use. | |
10049 [10049] Can't assign requested address. | |
10050 [10050] Network is down. | |
10051 [10051] Network is unreachable. | |
10052 [10052] Net dropped connection or reset. | |
10053 [10053] Software caused connection abort. | |
10054 [10054] Connection reset by peer. | |
10055 [10055] No buffer space available. | |
10056 [10056] Socket is already connected. | |
10057 [10057] Socket is not connected. | |
10058 [10058] Can't send after socket shutdown. | |
10059 [10059] Too many references, can't splice. | |
10060 [10060] Connection timed out. | |
10061 [10061] Connection refused. | |
10062 [10062] Too many levels of symbolic links. | |
10063 [10063] File name too long. | |
10064 [10064] Host is down. | |
10065 [10065] No route to host. | |
10066 [10066] Directory not empty | |
10067 [10067] Too many processes. | |
10068 [10068] Too many users. | |
10069 [10069] Disc Quota Exceeded. | |
10070 [10070] Stale NFS file handle. | |
10071 [10071] Too many levels of remote in path. | |
10091 [10091] Network subsystem is unavailable. | |
10092 [10092] WINSOCK DLL Version out of range. | |
10093 [10093] Winsock not loaded yet. | |
11001 [11001] Host not found. | |
11002 [11002] Non-authoritative 'Host not found' (try again or check DNS setup). | |
11003 [11003] Non-recoverable errors: FORMERR, REFUSED, NOTIMP. | |
11004 [11004] Valid name, no data record (check DNS setup). |