Advanced Networking for IBM i JT400 - Introduction

by Green Screens Ltd.

We are happy to share news which might significantly help some of IBM i consumers.  Green Screens Ltd. made a contribution to the famous IBM JT400 library.

Many times we saw various developers asking for SOCk5 support to programmatically connect to the IBM i servers with the JT400 through SSH or other network encryption systems supporting SOCK5.

Until now, safe connection to the IBM i  with JT400 was possible in a few ways:

  • Using direct SSL connections - possible if IBM server is directly accessible which is a problem for many companies having their system in the cloud.
  • Through JT400 embedded simple HTTP server in Proxy mode. This approach still requires direct access to the IBM i. It is  even more complicated as it requires running JT400 ProxyServer on IBM i side of the network.  Channel itself can be hidden behind a proxy and protected with TLS/SSL. Not practical in our case for integration with Green Screens Server.
  • By using VPN tunnel and direct connections without proxy. VPN in general is slow, and might create various network drops. Running long tasks with a lot of data transfer can be very problematic.
  • By using SSH in port-forwarding mode only. This is problematic as all ports required by JT400 must be reserved and opened in advance. JT400 uses default port 449 to "query" services and their ports making this approach a limited solution. Only one connection is available, making this solution usable in some cases, but not all.

To solve those problems, we added two solutions:

  • Part1 (WebProxy)  - Integrated Web Proxy into Green Screens Server with API key access control and IBM i access token without requirement to know IBM user / password.
  • Part2 (SOCK5) - Updated JT400 library to support direct access through SSH using SOCK5 either using DDM services, or IBM DB2 database drivers supplied with the JT400.

To find out more details, we created a separated posts for each of provided solutions. Feel free to check them at links above.

Latest JT400 source update with Green Screens Ltd. changes supporting both solutions can be found at our JTOpen GitHub repository.

For anyone interested in involvement or comments, please check our pull request at the original IBM JTOpen repository... links below. Pull requests for code changes are in the review procedure hoping that both enhancements will be accepted and implemented in official JT400.

Add SOCK5 and UNIX channels support to JT400
Add custom URL path and query parameters to ProxyClient