How to talk to the JBoss JMS provider over HTTPS (including the jndi lookup operations)
HTTPs Tomcat connector
An HTTPs Tomcat connector needs to be configured in order to make http requests over SSL
Edit ${jboss.dist}/server/{server.conf}/deploy/jbossweb-tomcat55.sar/server.xml and add/enable the following connection descriptor.
<Connector port="8443" address="${jboss.bind.address}"
maxThreads="100" minSpareThreads="5" maxSpareThreads="15"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
keystorePass="rmi+ssl"
sslProtocol = "TLS" ></Connector>
Http(s)ProxyFactory
Edit ${jboss.dist}/server/{server.conf}/deploy/http-invoker.sar/META-INF/jboss-service.xml and add the following ProxyFactory mbean
<!-- Expose the Naming service interface via HTTPS --> <mbean code="org.jboss.invocation.http.server.HttpProxyFactory" name="jboss:service=invoker,type=https,target=Naming"> <!-- The Naming service we are proxying --> <attribute name="InvokerName">jboss:service=Naming</attribute> <!-- Compose the invoker URL from the cluster node address --> <attribute name="InvokerURLPrefix">https://</attribute> <attribute name="InvokerURLSuffix">:8443/invoker/JMXInvokerServlet</attribute> <attribute name="UseHostName">true</attribute> <attribute name="ExportedInterface">org.jnp.interfaces.Naming</attribute> <attribute name="JndiName"></attribute> <attribute name="ClientInterceptors"> <interceptors> <interceptor>org.jboss.proxy.ClientMethodInterceptor</interceptor> <interceptor>org.jboss.proxy.SecurityInterceptor</interceptor> <interceptor>org.jboss.naming.interceptors.ExceptionInterceptor</interceptor> <interceptor>org.jboss.invocation.InvokerInterceptor</interceptor> </interceptors> </attribute> </mbean>
JNDIFactorySSL servlet
Edit ${jboss.dist}/server/{server.conf}/deploy/http-invoker.sar/invoker.war/WEB-INF/web.xml and add the following servlet declaration
<servlet> <servlet-name>JNDIFactorySSL</servlet-name> <description>A servlet that exposes the JBoss JNDI Naming service stub through http. The return content is a serialized MarshalledValue containg the org.jnp.interfaces.Naming stub. This configuration handles requests for the standard JNDI naming service. </description> <servlet-class>org.jboss.invocation.http.servlet.NamingFactoryServlet</servlet-class> <init-param> <param-name>namingProxyMBean</param-name> <param-value>jboss:service=invoker,type=https,target=Naming</param-value> </init-param> <init-param> <param-name>proxyAttribute</param-name> <param-value>Proxy</param-value> </init-param> <load-on-startup>2</load-on-startup> </servlet> <servlet-mapping> <servlet-name>JNDIFactorySSL</servlet-name> <url-pattern>/JNDIFactorySSL/*</url-pattern> </servlet-mapping>
HTTPServerILService
You need to configure now a connection factory to get connections which talk to the jms provider over https.
The HTTPServerILService mbean is defined in ${jboss.dist}/server/{server.conf}/deploy/jms/jbossmq-httpil.sar/META-INF/jboss-service.xml
.... <mbean code="org.jboss.mq.il.http.HTTPServerILService" name="jboss.mq:service=InvocationLayer,type=HTTPS"> <depends optional-attribute-name="Invoker">jboss.mq:service=Invoker</depends> <depends>jboss.web:service=WebServer</depends> <attribute name="ConnectionFactoryJNDIRef">HTTPSConnectionFactory</attribute> <attribute name="XAConnectionFactoryJNDIRef">HTTPSXAConnectionFactory</attribute> <attribute name="PingPeriod">2000</attribute> <attribute name="TimeOut">5</attribute> <attribute name="RestInterval">2</attribute> <attribute name="URLPrefix">https://</attribute> <attribute name="URLPort">8443</attribute> </mbean> ....
Using TimeOut and RestInternal, we configure the consumer to poll the jms server every 2 seconds and spend at most 5 seconds of waiting there, if no message was available. Those attributes may be adjusted as needed.
The client will also be pinging the server every 2 seconds ("PingPeriod")
Check out this wiki page for details http://wiki.jboss.org/wiki/Wiki.jsp?page=ConfigHTTPIL
Client code
package jmslab.client;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.jms.*;
public class JMSClient
{
public static void main(String args[]) throws Exception
{
Properties env = new Properties();
env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.naming.HttpNamingContextFactory");
env.setProperty(Context.PROVIDER_URL, "https://localhost:8443/invoker/JNDIFactorySSL");
Connection conn = null;
try {
Context ctx = new InitialContext(env);
System.out.println("Created InitialContext, env= " + env);
//looking up JMS connection factory over HTTPs
ConnectionFactory connectionFactory = (ConnectionFactory)ctx.lookup("HTTPSConnectionFactory");
System.out.println("connectionFactory= " + connectionFactory.toString());
Destination queue = (Destination)ctx.lookup("queue/A");
conn = connectionFactory.createConnection();
Session session = conn.createSession(false, Session.AUTO_ACKNOWLEDGE);
MessageProducer producer = session.createProducer(queue);
Message m = session.createTextMessage(new String("wazzaaa??!"));
producer.send(m);
}catch(Exception e){
e.printStackTrace();
}finally{
if(conn != null)
conn.close();
}
}
}
Installation
Download the attached archive.
Edit ant.properties file where you define the JBossAS root path
jboss.dist=/tmp/jboss-4.0.4.GA
then cd to src/build and execute:
$ant config
Start the server configuration being created called jmsssl
$run.sh -c jmsssl
and execute the client code
$ant run
References:
Original document from justkeys http://www.jboss.org/index.html?module=bb&op=viewtopic&t=60443
Comments