JMS over http and JMS security domain

Version 2

    Chinese Version: Wildfly8 - 如何配置 基于HTTP协议传输消息的JMS 以及 JMS的security domain配置

     

     

    Summary

    I spend many hour on this topic (actually, it is very easy).

    I think it is useful to other guys.

    Now, I post what I knows here.

     

    references:

    wildfly8-CR1: How to configure http/servlet transport with HornetQ and how to set client's context properties?

    Security domain does NOT work for <subsystem xmlns="urn:jboss:domain:messaging:2.0">!!!

     

    Many thanks to Jeff Mesnil !!!

     

     

     

    1. JMS Over HTTP

    1.1 standalone.xml

         Do NOT change any thing in standalone.xml

     

    1.2 user account and role

          Add one account( username=guest, password=guest, role=guest) through ${JBOSS_HOME}/bin/add-user.bat.

     

    1.3 Client

     

     

    import java.util.Properties;

     

    import javax.jms.ConnectionFactory;

    import javax.jms.JMSConsumer;

    import javax.jms.JMSContext;

    import javax.jms.TemporaryQueue;

    import javax.naming.Context;

    import javax.naming.InitialContext;

    import javax.naming.NamingException;

     

    public class SimpleClient {

        public static String serverIP = "localhost";

        public static String serverHttpPort = "80";

        public static String username = "guest";

        public static String password = "guest";

      

        public static void main(String[] args) throws NamingException {

     

            InitialContext initialContext = null;

            try

            {

                // Step 1. Create an initial context to perform the JNDI lookup.

                final Properties env = new Properties();

                env.put(Context.INITIAL_CONTEXT_FACTORY,"org.jboss.naming.remote.client.InitialContextFactory");

                env.put(Context.PROVIDER_URL, "http-remoting://" + serverIP + ":"+serverHttpPort);

                env.put(Context.SECURITY_PRINCIPAL, username);

                env.put(Context.SECURITY_CREDENTIALS, password);

     

                initialContext = new InitialContext(env);

                ConnectionFactory cf = (ConnectionFactory) initialContext.lookup("/jms/HTTPConnectionFactory");// "jms/HTTPConnectionFactory" is OK too!

     

                try{

                    JMSContext context = cf.createContext(username, password);

                    TemporaryQueue tempQueue = context.createTemporaryQueue();

                    context.createProducer().send(tempQueue, "hello");

                    JMSConsumer consumer = context.createConsumer(tempQueue);

                    String response = consumer.receiveBody(String.class, 2000);

                    System.out.println("response = " + response);

                }catch(Exception e){

                    e.printStackTrace();

                }

            } finally {

                if (initialContext != null)

                {

                    initialContext.close();

                }

            }

        }

    }

     

     

     

     

     

     

     

     

    2. JMS security domain

     

    2.1 standalone.xml

     

    2.1.1 <subsystem xmlns="urn:jboss:domain:messaging:2.0">

     

    <subsystem xmlns="urn:jboss:domain:messaging:2.0">
    <hornetq-server>
    <persistence-enabled>true</persistence-enabled>
    <security-domain>nms-jaas-security-domain</security-domain>
    ...
    <security-settings>
    <security-setting match="#">
    <permission type="send" roles="admin"/>
    <permission type="consume" roles="admin"/>
    <permission type="createDurableQueue" roles="admin"/>
    <permission type="deleteDurableQueue" roles="admin"/>
    <permission type="createNonDurableQueue" roles="admin"/>
    <permission type="deleteNonDurableQueue" roles="admin"/>
    </security-setting>
    </security-settings>
    ...
    <hornetq-server>
    </subsystem>

     

    2.1.2 security domain

     

    <subsystem xmlns="urn:jboss:domain:security:1.2">
    <security-domains>
    <security-domain name="nms-jaas-security-domain" cache-type="default">
    <authentication>
    ...
    </authentication>
    </security-domain>
    ...
    </subsystem>

     

     

    2.2 Client

     

     

     

        import java.util.Properties;

     

        import javax.jms.ConnectionFactory;

        import javax.jms.JMSConsumer;

        import javax.jms.JMSContext;

        import javax.jms.TemporaryQueue;

        import javax.naming.Context;

        import javax.naming.InitialContext;

        import javax.naming.NamingException;

     

        public class SecurityDomainClient {

            public static String serverIP = "localhost";

            public static String serverHttpPort = "80";

            public static String username = "admin";

            public static String password = "admin";

          

            public static void main(String[] args) throws NamingException {

     

                InitialContext initialContext = null;

                try

                {

                    // Step 1. Create an initial context to perform the JNDI lookup.

                    final Properties env = new Properties();

                    env.put(Context.INITIAL_CONTEXT_FACTORY,"org.jboss.naming.remote.client.InitialContextFactory");

                    env.put(Context.PROVIDER_URL, "http-remoting://" + serverIP + ":"+serverHttpPort);

                    env.put(Context.SECURITY_PRINCIPAL, username);

                    env.put(Context.SECURITY_CREDENTIALS, password);  

                    env.put("jboss.naming.client.connect.options.org.xnio.Options.SASL_POLICY_NOPLAINTEXT", "false");

     

                    initialContext = new InitialContext(env);

                    ConnectionFactory cf = (ConnectionFactory) initialContext.lookup("/jms/HTTPConnectionFactory");// "jms/HTTPConnectionFactory" is OK too!

     

                    try{

                        JMSContext context = cf.createContext(username, password);

                        TemporaryQueue tempQueue = context.createTemporaryQueue();

                        context.createProducer().send(tempQueue, "hello");

                        JMSConsumer consumer = context.createConsumer(tempQueue);

                        String response = consumer.receiveBody(String.class, 2000);

                        System.out.println("response = " + response);

                    }catch(Exception e){

                        e.printStackTrace();

                    }

                } finally {

                    if (initialContext != null)

                    {

                        initialContext.close();

                    }

                }

            }

        }

     

     

     

     

    Good Luck, my friends!