How to configure a bridge to a server behind a firewall
vianna_dbmax Apr 15, 2016 2:31 PMI have a Wildfly 10 server installed on a local network binding to IP 192.168.1.9:8085.
The firewall of the network have a public IP (myfirewall.com) and i created a port redirection from my firewall to the wildfly server.
It works fine.
I have another Wildfly 10 server running outside this local network and I need to create a bridge between them.
The following configuration worked between two Wildfly instances running on the same network:
<server>
<http-acceptor name="http-acceptor" http-listener="default"/>
<http-connector name="http-connector" endpoint="http-acceptor" socket-binding="http"/>
<connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
<connection-factory name="RemoteConnectionFactory" reconnect-attempts="-1" block-on-acknowledge="true" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector"/>
...
</server>
<jms-bridge name="transport-bridge" max-batch-time="60000" max-batch-size="5" max-retries="-1" failure-retry-interval="10000" quality-of-service="DUPLICATES_OK">
<source destination="jms/queue/mySource" connection-factory="ConnectionFactory"/>
<target password="myPassord" user="myUser" destination="jms/queue/myTarget" connection-factory="jms/RemoteConnectionFactory">
<target-context>
<property name="java.naming.factory.initial" value="org.jboss.naming.remote.client.InitialContextFactory"/>
<property name="java.naming.provider.url" value="http-remoting://192.168.1.9:8085"/>
<property name="java.naming.security.principal" value="myUser"/>
<property name="java.naming.security.credentials" value="myPassword"/>
</target-context>
</target>
</jms-bridge>
But when I try to use this configuration in a Wildfly server outside my local network (changing the property java.naming.provider.url from 192.168.1.9:8085 to myfirewall.com:8085) I get the following error:
2016-04-15 14:27:13,494 WARN [org.apache.activemq.artemis.jms.bridge] (ServerService Thread Pool -- 67) AMQ342010: Failed to connect JMS Bridge: javax.jms.JMSException: Failed to create session factory
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:727)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:233)
at org.apache.activemq.artemis.jms.bridge.impl.JMSBridgeImpl.createConnection(JMSBridgeImpl.java:937)
at org.apache.activemq.artemis.jms.bridge.impl.JMSBridgeImpl.setupJMSObjects(JMSBridgeImpl.java:1104)
at org.apache.activemq.artemis.jms.bridge.impl.JMSBridgeImpl.start(JMSBridgeImpl.java:383)
at org.wildfly.extension.messaging.activemq.jms.bridge.JMSBridgeService.startBridge(JMSBridgeService.java:105)
at org.wildfly.extension.messaging.activemq.jms.bridge.JMSBridgeService$1.run(JMSBridgeService.java:76)
...
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ119007: Cannot connect to server(s). Tried with all available servers.]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:777)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:724)
... 10 more
Trying to better understand the problem I created a client to connect to the same server. It worked fine using both IPs (192.168.1.9 from inside the network and myfirewall.com from outside the network), but I was creating my own ConnectionFactory. When I changed the code to get the connection factory throught JNDI, I reproduced the bridge error.
Inspecting the ConnectionFactory instance returned by the JNDI I got the following:
ActiveMQConnectionFactory [serverLocator=ServerLocatorImpl [initialConnectors=[TransportConfiguration(name=null, factory=org-apache-activemq-artemis-core-remoting-impl-netty-NettyConnectorFactory) ?httpUpgradeEnabled=true&port=8085&host=192-168-1-9], discoveryGroupConfiguration=null], clientID=null, consumerWindowSize = 1048576, dupsOKBatchSize=1048576, transactionBatchSize=1048576, readOnly=false]
So I understand that the problem is that the Wildfly server only knows the IP 192.168.1.9, so the ConnectionFactory obtained by JNDI is configured to estabilish the connection in a IP that is not public.
My question is: how can I configure the bridge or the connection factory to recognizes the public IP.
It is important to emphasize that the public IP (myfirewall.com) is in an interface of another server (the firewall), so I can't bind the Wildfly to this IP.
Thanks in advance!