Web Portal

The Web Portal provides web-based access to account management and administrative functions through both an web API and an interactive HTML interface. It serves as the primary user interface for creating and managing trading accounts, configuring market data entitlements, defining compliance rules, setting risk parameters, and monitoring account activity. By aggregating functionality from multiple backend services, the Web Portal enables administrators and managers to perform operational tasks through a unified web application.

The Web Portal integrates with the Service Locator for authentication and communicates with the Administration Server, Compliance Server, Risk Server, and Order Execution Server to provide comprehensive account management capabilities.

Configuration

The Web Portal is configured via a YAML file that defines its network interface and Service Locator integration. Below is the structure of the configuration file with example values:

---
server:
  # Primary network interface and port the Web Portal binds to.
  interface: "0.0.0.0:8080"
  
  # List of addresses the server is reachable at (for registration with Service Locator).
  # Typically includes both public-facing and local addresses.
  addresses: ["198.51.100.5:8080", "10.0.0.5:8080"]

service_locator:
  # The address of the Service Locator (host:port).
  address: "10.0.0.5:20000"
  
  # The account username used by the Web Portal to authenticate with the Service Locator.
  username: web_portal_service
  
  # The password for the Web Portal's Service Locator account.
  password: admin_password
...

Functionality

The Web Portal provides access to the following administrative and operational capabilities:

Account Management

• Create new trading accounts
• Assign accounts to groups and directories
• Configure account permissions and access controls
• Set account roles (trader, manager, administrator, service)
• Modify account credentials and settings

Market Data Entitlements

• View available market data packages and pricing
• Assign entitlements to accounts or groups
• Configure per-venue and per-message-type permissions

Compliance Configuration

• Define compliance rules and rule schemas
• Assign rules to accounts, groups, or directories
• Configure rule states (active, passive, disabled)
• Monitor compliance rule violations
• Review historical compliance events

Risk Management

• Configure risk parameters per account
• Set buying power limits
• Define net loss thresholds
• Configure risk state transitions
• Monitor real-time profit and loss
• View position summaries and inventory snapshots

Order and Execution Monitoring

• View order history and execution reports
• Monitor active orders
• Review trade activity by account or region
• Generate reports on trading performance
• Track order routing and fill statistics

Administrative Tools

• User session management
• System configuration and settings
• Audit logs and activity tracking
• Service health monitoring
• Operational reports and analytics

Access Control

The Web Portal enforces permissions based on account roles:

• Administrators have full access to all management functions
• Managers can manage accounts within their assigned groups
• Traders can view their own account details and activity
• Service accounts have restricted programmatic access

All operations are authenticated through the Service Locator and logged for audit purposes.

Installation & Setup

A setup.py script is provided to generate the final config.yml from the config.default.yml template.

The script supports the following arguments:

python setup.py
  --local 0.0.0.0           # Local interface (default: auto-detected IP)
  --world 198.51.100.5      # Global/public interface (optional)
  --address 10.0.0.5:20000  # Service Locator address (default: local_interface:20000)
  --password [REQUIRED]     # Service password for authentication

Operations

The Web Portal is controlled using three operational scripts: start.sh, stop.sh, and check.sh.

Log files are generated in the format:

srv_YYYYMMDD_HH_MM_SS.log

Upon startup, older log files are moved into the logs/ directory.

check.sh

The check.sh script verifies whether the server is currently running by inspecting the PID recorded in pid.lock and testing whether the associated process exists.

If the server is not running, it prints:

WebPortal is not running.

start.sh

The start.sh script:

• Exits immediately if the server is already running
• Creates a logs/ directory if necessary
• Moves any existing srv_*.log files into logs/
• Starts the WebPortal process in the background
• Writes the PID to pid.lock
• Reads network interfaces from config.yml and waits until the server is listening on at least one configured address

This ensures the server is fully initialized before the script exits.

stop.sh

The stop.sh script:

• Reads the PID from pid.lock
• Sends SIGINT to request a graceful shutdown
• Waits for termination using exponential backoff (up to 300 seconds)
• Sends SIGKILL if the server fails to stop cleanly
• Appends a forced-termination message to the most recent log file (if applicable)
• Removes the pid.lock file

This guarantees consistent shutdown behavior across normal and exceptional conditions.