Identification And Authentication

IP Addresses and Ports

The Eurex ETI has a three-step logon procedure, with a Connection Gateway Request message to retrieve the assigned application gateway from the connection gateway, followed by a Session Logon at the assigned gateway and followed by one or multiple User Logon messages.

At first the participant must establish a TCP/IP session to the Connection Gateway - the IP/port numbers are provided by the exchange. Participants will be provided with a "Primary" and "Secondary" Connection Gateway address via the member portal. If the connection to the primary Connection Gateway fails, participants should connect to the secondary Connection Gateway.

On the phase of Gateway Connection, OnixS::Eurex::Trading::Handler::connect can throw exceptions:

• Cannot connect to [Host] on port [Port]. The requested address is not valid in its context.
• Cannot connect to [Host] on port [Port]. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
• Cannot connect to [Host] on port [Port]. No connection could be made because the target machine actively refused it.

In this case you should check:

1. Connection Gateway IP/Port is correct?
2. Connection Gateway is available?

If both is OK you should contact to OnixS Technical Support or Eurex Customer Technical Support.

Session Authentication

The Session Logon message must be the first message sent by the participant authenticating the Eurex ETI session.

OnixS::Eurex::Trading::Handler::connect can throw exceptions in case of fields of Logon message are incorrect:

Tag	Fieldname	Exception
20055	PartyIDSessionID	Session ID not exist in refdata
554	Password	Session authentication failed

User (Trader) Authentication

The User Logon message identifies and authenticates a qualified user establishing access to the new trading architecture. A Eurex ETI session may be shared by several users belonging to the same business unit.

The participant must provide the binary User ID in the Username (553) field, and the corresponding password in the Password (554) field.

A successful user logon will grant the user access to the trading system.

All further transactions that require a user scope from the session are validated in the gateway against an authenticated User ID, i.e. SenderSubID (50) in the message header.

Users may logon to the new trading architecture via all sessions of their business unit.

Multiple User Logon messages for a user via the same session are rejected.

In case of User Logon message fields are incorrect user should receive Reject message via OnixS::Eurex::Trading::AdminListener::onReject callback.

Note

Eurex ETI uses binary identifiers for users (User ID) and business units (Business Unit ID). A mapping to the current Member (Business Unit Short Name) and Trader ID (User Login Name) is available in the Eurex Admin GUI.