JMS Over SSL (genericra.rar)| JBoss.org Content Archive (Read Only)

1. Re: JMS Over SSL (genericra.rar)

jbertram Sep 20, 2013 9:34 AM (in response to janik.paul678678)

To what "genericra" are you referring specifically?

2. Re: Re: JMS Over SSL (genericra.rar)

janik.paul678678 Sep 23, 2013 1:34 AM (in response to jbertram)

the third party rar adapter extends the genericra impl.

The standard MDB

<resource-adapter>
                    <archive>
                        webm-jmsra.rar
                    </archive>
                    <transaction-support>XATransaction</transaction-support>
                    <config-property name="ProviderIntegrationMode">
                        jndi
                    </config-property>
                    <config-property name="JndiProperties">
<connection-definitions>
                        <connection-definition class-name="com.sun.genericra.outbound.ManagedTopicConnectionFactory">

is in this manner configured and I'm try to find out how is it possible to make it consume JMS messages over 2-way SSL. The <config-property name="UserName"> and <config-property name="Password">

are not enough since I need the keystore and trustore for the SSL.

3. Re: JMS Over SSL (genericra.rar)

ybxiang.china Sep 23, 2013 4:41 AM (in response to janik.paul678678)

WHY NOT use Hornetq shipped with JBoss AS 7?

jboss-messaging(HornetQ) SSL configuration in my standalone.xml:

...

	<subsystem xmlns="urn:jboss:domain:messaging:1.3">
	<hornetq-server>
	<persistence-enabled>true</persistence-enabled>
	<security-domain>nms-jaas-security-domain</security-domain>
	<journal-file-size>102400</journal-file-size>
	<journal-min-files>2</journal-min-files>

	<connectors>
	<netty-connector name="netty-ssl-connector" socket-binding="messaging">
	<param key="ssl-enabled" value="true"/>
	<param key="key-store-path" value="client.truststore"/>
	<param key="key-store-password" value="ybxiang_truststore_password"/>
	</netty-connector>
	<netty-connector name="netty-throughput" socket-binding="messaging-throughput">
	<param key="batch-delay" value="50"/>
	</netty-connector>
	<in-vm-connector name="in-vm" server-id="0"/>
	</connectors>

	<acceptors>
	<netty-acceptor name="netty-ssl-acceptor" socket-binding="messaging">
	<param key="ssl-enabled" value="true"/>
	<param key="key-store-path" value="server.keystore"/>
	<param key="key-store-password" value="ybxiang_keystore_password"/>
	<param key="trust-store-path" value="client.truststore"/>
	<param key="trust-store-password" value="ybxiang_truststore_password"/>
	</netty-acceptor>
	<netty-acceptor name="netty-throughput" socket-binding="messaging-throughput">
	<param key="batch-delay" value="50"/>
	<param key="direct-deliver" value="false"/>
	</netty-acceptor>
	<in-vm-acceptor name="in-vm" server-id="0"/>
	</acceptors>

	<security-settings>
	<security-setting match="#">
	<permission type="send" roles="admin jms_sender"/>
	<permission type="consume" roles="admin jms_consumer"/>
	<permission type="createDurableQueue" roles="admin jms_DurableQueue_creator"/>
	<permission type="deleteDurableQueue" roles="jms_DurableQueue_killer admin"/>
	<permission type="createNonDurableQueue" roles="admin jms_NonDurableQueue_creator"/>
	<permission type="deleteNonDurableQueue" roles="jms_NonDurableQueue_killer admin"/>
	</security-setting>
	</security-settings>

	<address-settings>
	<address-setting match="#">
	<dead-letter-address>jms.queue.DLQ</dead-letter-address>
	<expiry-address>jms.queue.ExpiryQueue</expiry-address>
	<redelivery-delay>0</redelivery-delay>
	<max-size-bytes>10485760</max-size-bytes>
	<address-full-policy>BLOCK</address-full-policy>
	<message-counter-history-day-limit>10</message-counter-history-day-limit>
	</address-setting>
	</address-settings>

	<jms-connection-factories>
	<connection-factory name="InVmConnectionFactory">
	<connectors>
	<connector-ref connector-name="in-vm"/>
	</connectors>
	<entries>
	<entry name="java:/ConnectionFactory"/>
	</entries>
	</connection-factory>
	<connection-factory name="RemoteConnectionFactory">
	<connectors>
	<connector-ref connector-name="netty-ssl-connector"/>
	</connectors>
	<entries>
	<entry name="java:jboss/exported/jms/RemoteConnectionFactory"/>
	</entries>
	</connection-factory>
	<pooled-connection-factory name="hornetq-ra">
	<transaction mode="xa"/>
	<connectors>
	<connector-ref connector-name="in-vm"/>
	</connectors>
	<entries>
	<entry name="java:/JmsXA"/>
	</entries>
	</pooled-connection-factory>
	</jms-connection-factories>

	<jms-destinations>
	<jms-queue name="testQueue">
	<entry name="queue/test"/>
	<entry name="java:jboss/exported/jms/queue/test"/>
	</jms-queue>
	<jms-topic name="testTopic">
	<entry name="topic/test"/>
	<entry name="java:jboss/exported/jms/topic/test"/>
	</jms-topic>
	<jms-topic name="nmsSOETopic">
	<entry name="topic/nmsSOE"/>
	<entry name="java:jboss/exported/jms/topic/nmsSOE"/>
	</jms-topic>
	</jms-destinations>
	</hornetq-server>
	</subsystem>

4. Re: JMS Over SSL (genericra.rar)

jbertram Sep 23, 2013 5:50 PM (in response to janik.paul678678)

Whether or not this RA can do 2-way SSL is a question you'll need to ask the people who wrote/support this RA. This is not really a Wildfly issue.