Return-Path:
<connector id="tcp" bind="tcp://0.0.0.0:61613" protocol="mqtt"/>
+<connector id="tcp" bind="tcp://0.0.0.0:61613" protocol="mqtt"/>
+
Alternatively, you can limit which protocols can be “detected” using the <detect>
configuration element like this:
<connector id="tcp" bind="tcp://0.0.0.0:61613">
<detect protocols="mqtt openwire" />
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <detect protocols="mqtt openwire" />
+</connector>
+
The protocols
attribute in the <detect>
element takes space delimited protoco values.
The protocol
attribtue of the <connector>
element takes a single protocol, not space delimited. It defaults to
@@ -102,7 +108,11 @@ The protocol
attribtue of t
If you wish to tune the MQTT defaults, you can use the mqtt
configuration element within the connector
element
in the apollo.xml
configuration file :
<connector id="tcp" bind="tcp://0.0.0.0:61613">
<mqtt max_message_length="1000" />
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <mqtt max_message_length="1000" />
+</connector>
+
The mqtt
element supports the following configuration attributes:
apollo.xml
configuration file to change the default settings used
in the OpenWire protocol implementation.
-<connector id="tcp" bind="tcp://0.0.0.0:61613">
<openwire attribute="value"/>
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <openwire attribute="value"/>
+</connector>
+
The openwire
element supports the following configuration attributes:
<connector id="tcp" bind="tcp://0.0.0.0:61613">
<openwire tight_encoding="false" tcp_no_delay="true"/>
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <openwire tight_encoding="false" tcp_no_delay="true"/>
+</connector>
+
<connector protocol="openwire" ... />
+<connector protocol="openwire" ... />
+
You can also support a limited subset of protocols:
-<connector bind="...">
<detect protocols="openwire stomp" />
</connector>
+<connector bind="...">
+ <detect protocols="openwire stomp" />
+</connector>
+
Or you can leave it open to any of the supported protocols (default), and the correct protocol will be used depending on what the client is using. You do this by not specifying any protocol settings.
@@ -246,7 +260,16 @@ a value of “me”, pass a seleHere's an example of producing the message:
-MessageProducer producer = session.createProducer(destination);
for (int i = 0; i < NUM_MESSAGES_TO_SEND; i++) {
TextMessage message = session.createTextMessage("Message #" + i);
LOG.info("Sending message #" + i);
producer.send(message);
Thread.sleep(DELAY);
}
+MessageProducer producer = session.createProducer(destination);
+
+for (int i = 0; i < NUM_MESSAGES_TO_SEND; i++) {
+ TextMessage message = session.createTextMessage("Message #" + i);
+ LOG.info("Sending message #" + i);
+ producer.send(message);
+ Thread.sleep(DELAY);
+}
+
Example:
-<connector id="tcp" bind="tcp://0.0.0.0:61613">
<stomp max_header_length="10000">
<add_user_header separator=",">user</add_user_header>
</stomp>
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <stomp max_header_length="10000">
+ <add_user_header separator=",">user</add_user_header>
+ </stomp>
+</connector>
+
s
<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
<virtual_host id="default">
<host_name>localhost</host_name>
<null_store/>
</virtual_host>
<connector id="tcp" bind="tcp://0.0.0.0:61613"/>
</broker>
s
+<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
+
+ <virtual_host id="default">
+ <host_name>localhost</host_name>
+ <null_store/>
+ </virtual_host>
+
+ <connector id="tcp" bind="tcp://0.0.0.0:61613"/>
+
+</broker>
+
The broker, virtual host, and connector are assigned an id which which
is used to by the REST based administration console to identify
@@ -205,7 +216,12 @@ it finds problems. You would want to th
if any issues are found with the schema validation you should set
the broker
element's validation
attribute to strict
. Example:
<broker validation="strict"
xmlns="http://activemq.apache.org/schema/activemq/apollo">
...
</broker>
+<broker validation="strict"
+ xmlns="http://activemq.apache.org/schema/activemq/apollo">
+ ...
+</broker>
+
If you would like the broker to automatically trigger a Java
heap garbage collection (GC) cycle periodically, add a auto_gc
@@ -219,7 +235,13 @@ forced GC cycles. If interval is not se
Example:
-<broker>
...
<auto_gc interval="10">
...
</broker>
+<broker>
+ ...
+ <auto_gc interval="10">
+ ...
+</broker>
+
<connector id="tcp" bind="tcp://0.0.0.0:61613">
<stomp add_user_header="user_id"/>
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <stomp add_user_header="user_id"/>
+</connector>
+
If your using the any
protocol then actual protocol being used will be
detected by examining the client's initial request. You can use the
@@ -271,7 +297,11 @@ the connection is closed.
Example of how to set the protocol detection timeout to 30 seconds:
-<connector id="tcp" bind="tcp://0.0.0.0:61613">
<detect timeout="30000"/>
</connector>
+<connector id="tcp" bind="tcp://0.0.0.0:61613">
+ <detect timeout="30000"/>
+</connector>
+
Example which uses a couple of options:
-<connector id="tcp" bind="tcp://0.0.0.0:61613?receive_buffer_size=1024&max_read_rate=65536"/>
+<connector id="tcp" bind="tcp://0.0.0.0:61613?receive_buffer_size=1024&max_read_rate=65536"/>
+
Note that
&
Note that
&
&
since the
URI is within an XML file. In the URI string, we specify what the buffer sizes
should be when the socket is created, but their values can change if auto-tuning is enabled.
@@ -347,7 +379,9 @@ not all browsers support binary WebSocke
Example configuraiton:
-<connector id="ws" bind="ws://0.0.0.0:61623?binary_transfers=false"/>
+<connector id="ws" bind="ws://0.0.0.0:61623?binary_transfers=false"/>
+
One thing worth noting is that web sockets (just as Ajax) implements the same
origin policy, so by default you can access only brokers running on the same host as
@@ -358,7 +392,9 @@ by different hosts then your should add
a common seperated list of domains that are allowed to access the WebSocket
connector. Use *
to allow access from any domain. Example:
<connector id="ws" bind="ws://0.0.0.0:61623?cors_origin=*"/>
+<connector id="ws" bind="ws://0.0.0.0:61623?cors_origin=*"/>
+
<connector id="udp" bind="udp://0.0.0.0:61615" protocol="udp"/>
+<connector id="udp" bind="udp://0.0.0.0:61615" protocol="udp"/>
+
The supported protocols that can be used with the udp transport are:
@@ -543,7 +581,15 @@ Defaults to 'block' if not specified.Example configuraiton: -...
<virtual_host id="default">
...
<queue id="app1.**" dlq="dlq.*" nak_limit="3" auto_delete_after="0"/>
...
</virtual_host>
...
+...
+ <virtual_host id="default">
+ ...
+ <queue id="app1.**" dlq="dlq.*" nak_limit="3" auto_delete_after="0"/>
+ ...
+ </virtual_host>
+...
+
queue
ele
swap_range_size
, quota
, full_policy
, fast_delivery_rate
,
catchup_enqueue_rate
, max_enqueue_rate
, dlq
, nak_limit
. Example:
-...
<virtual_host id="default">
...
<topic id="example" slow_consumer_policy="queue">
<subscription tail_buffer="4k"/>
</topic>
...
</virtual_host>
...
+...
+ <virtual_host id="default">
+ ...
+ <topic id="example" slow_consumer_policy="queue">
+ <subscription tail_buffer="4k"/>
+ </topic>
+ ...
+ </virtual_host>
+...
+
It is enabled when your virtual_host
element contains a leveldb_store
element.
...
<virtual_host id="default">
...
<leveldb_store directory="${apollo.base}/data"/>
..
</virtual_host>
...
+ ...
+ <virtual_host id="default">
+ ...
+ <leveldb_store directory="${apollo.base}/data"/>
+ ..
+ </virtual_host>
+ ...
+
A leveldb_store
element may be configured with the following attributes:
${APOLLO
Once that is done, you can enable the store by adding a bdb_store
element
inside your virtual_host
. Example:
- ...
<virtual_host id="default">
...
<bdb_store directory="${apollo.base}/data"/>
..
</virtual_host>
...
+
+ ...
+ <virtual_host id="default">
+ ...
+ <bdb_store directory="${apollo.base}/data"/>
+ ..
+ </virtual_host>
+ ...
+
A bdb_store
element may be configured with the following attributes:
@@ -760,7 +832,16 @@ the encryption keys and certificates are
Example:
- ...
<key_storage
file="${apollo.base}/etc/keystore"
password="password"
key_password="password"/>
<connector id="stomp-secure" bind="ssl://0.0.0.0:61614"/>
...
+
+ ...
+ <key_storage
+ file="${apollo.base}/etc/keystore"
+ password="password"
+ key_password="password"/>
+
+ <connector id="stomp-secure" bind="ssl://0.0.0.0:61614"/>
+ ...
+
The connector
element's bind
attribute controls which secure transport
algorithm gets used by the sever. Supported values are:
@@ -816,7 +897,27 @@ any virtual hosts which did not define a
want to disable authentication in a virtual host, you set the enable
attribute
to false
.
-<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
<authentication domain="internal"/>
<virtual_host id="wine.com">
<authentication domain="external"/>
<host_name>wine.com</host_name>
</virtual_host>
<virtual_host id="internal.wine.com"
span>>
<host_name>internal.wine.com</host_name>
</virtual_host>
<virtual_host id="test">
<authentication enabled="false"/>
<host_name>cheeze.com</host_name>
</virtual_host>
<connector id="tcp" bind="tcp://0.0.0.0:61613"/>
</broker>
+
+<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
+ <authentication domain="internal"/>
+
+ <virtual_host id="wine.com">
+ <authentication domain="external"/>
+ <host_name>wine.com</host_name>
+ </virtual_host>
+
+ <virtual_host id="internal.wine.com">
+ <host_name>internal.wine.com</host_name>
+ </virtual_host>
+
+ <virtual_host id="test">
+ <authentication enabled="false"/>
+ <host_name>cheeze.com</host_name>
+ </virtual_host>
+
+ <connector id="tcp" bind="tcp://0.0.0.0:61613"/>
+</broker>
+
The above example uses 2 JAAS domains, internal
and external
. Broker
The wine.com
host will use the external domain, the internal.wine.com
@@ -852,7 +953,17 @@ kinds listed here.
Example of customizing the principal kinds used:
- ...
<authentication domain="apollo">
<user_principal_kind>com.sun.security.auth.UnixPrincipal</user_principal_kind>
<user_principal_kind>com.sun.security.auth.LdapPrincipal</user_principal_kind>
<acl_principal_kind>com.sun.security.auth.UnixPrincipal</acl_principal_kind>
<acl_principal_kind>com.sun.security.auth.LdapPrincipal</acl_principal_kind>
</authentication>
...
</broker>
+
+ ...
+ <authentication domain="apollo">
+ <user_principal_kind>com.sun.security.auth.UnixPrincipal</user_principal_kind>
+ <user_principal_kind>com.sun.security.auth.LdapPrincipal</user_principal_kind>
+ <acl_principal_kind>com.sun.security.auth.UnixPrincipal</acl_principal_kind>
+ <acl_principal_kind>com.sun.security.auth.LdapPrincipal</acl_principal_kind>
+ </authentication>
+ ...
+</broker>
+
Authorization
@@ -862,7 +973,13 @@ access control rules using a acces
denied access to perform actions against server resources. An example list of
rule is shown below:
-<broker>
<access_rule deny="guest" action="send"/>
<access_rule allow="*" action="send"/>
<access_rule allow="app1" action="receive"/>
</broker>
+
+<broker>
+ <access_rule deny="guest" action="send"/>
+ <access_rule allow="*" action="send"/>
+ <access_rule allow="app1" action="receive"/>
+</broker>
+
The allow
and deny
attributes define the principals which are allowed or
denied access. If set to “+" then it matches all principals but requires at
@@ -905,19 +1022,27 @@ matches determines if he will have acces
groups 'blue' and 'red', and you are matching against the following
rules:
-<access_rule deny="blue" action="send"/>
<access_rule allow="red" action="send"/>
+
+<access_rule deny="blue" action="send"/>
+<access_rule allow="red" action="send"/>
+
Then the user would not be allowed to send since the deny rule was
matched first. If the order in the ACL list were reversed, like
so:
-<access_rule allow="red" action="send"/>
<access_rule deny="blue" action="send"/>
+
+<access_rule allow="red" action="send"/>
+<access_rule deny="blue" action="send"/>
+
Then the user would be allowed access to the resource since the allow
rule matched first. When a single rule defines both allow
and
deny
attributes and they both match then the action is denied.
-<access_rule deny="blue" allow="red" action="send"/>
+
+<access_rule deny="blue" allow="red" action="send"/>
+
Resource Actions
@@ -960,7 +1085,14 @@ using the apollo encrypt
co
Lets say you your current key_storage
contains plain text passwords that
need to be replaced with encrypted versions:
- ...
<key_storage
file="${apollo.base}/etc/keystore"
password="open"
key_password="sesame"/>
...
+
+ ...
+ <key_storage
+ file="${apollo.base}/etc/keystore"
+ password="open"
+ key_password="sesame"/>
+ ...
+
Lets first find out what the encrypted versions of the passwords would be.
Apollo encrypts and decrypts values using the password stored in
@@ -984,7 +1116,14 @@ key.pass=ENC(FP+H2FIg++sSaOxg/ISknw==)
Finally the last step of securing the configuration is to replace the plain
text passwords with variable references to the corresponding property names:
- ...
<key_storage
file="${apollo.base}/etc/keystore"
password="${store.pass}"
key_password="${key.pass}"/>
...
+
+ ...
+ <key_storage
+ file="${apollo.base}/etc/keystore"
+ password="${store.pass}"
+ key_password="${key.pass}"/>
+ ...
+
When you use encrypted passwords in your configuration, you MUST make
sure that the APOLLO_ENCRYPTION_PASSWORD
environment variable is set
@@ -1010,7 +1149,14 @@ it bind either the 0.0.0.0
For example:
-<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
...
<web_admin bind="http://0.0.0.0:61680"/>
<web_admin bind="https://0.0.0.0:61681"/>
...
</broker>
+
+<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
+ ...
+ <web_admin bind="http://0.0.0.0:61680"/>
+ <web_admin bind="https://0.0.0.0:61681"/>
+ ...
+</broker>
+
A web_admin
element may be configured with the following attributes:
@@ -1023,7 +1169,14 @@ then your should add cors_origin
a common seperated list of domains that are allowed to access the web
admin APIs. Use *
to allow access from any domain. Example:
-<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
...
<web_admin bind="http://0.0.0.0:61680?cors_origin=*"/>
<web_admin bind="https://0.0.0.0:61681?cors_origin=www.foo.com,bar.com"/>
...
</broker>
+
+<broker xmlns="http://activemq.apache.org/schema/activemq/apollo">
+ ...
+ <web_admin bind="http://0.0.0.0:61680?cors_origin=*"/>
+ <web_admin bind="https://0.0.0.0:61681?cors_origin=www.foo.com,bar.com"/>
+ ...
+</broker>
+
Managing Brokers
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/documentation/verification.html
==============================================================================
--- websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/documentation/verification.html (original)
+++ websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/documentation/verification.html Thu Mar 21 17:29:17 2013
@@ -52,11 +52,17 @@ broker is operating correctly.
Change to the examples/stomp/ruby
directory that was included in the Apollo
distribution. Then in a terminal window, run:
-Unix/Linux/OS X
cd ${APOLLO_HOME}/examples/stomp/ruby
ruby listener.rb
Windows
cd %APOLLO_HOME%\examples\stomp\ruby
ruby listener.rb
+Unix/Linux/OS X
cd ${APOLLO_HOME}/examples/stomp/ruby
+ruby listener.rb
Windows
cd %APOLLO_HOME%\examples\stomp\ruby
+ruby listener.rb
+
Then in a separate terminal window, run:
-Unix/Linux/OS X
cd ${APOLLO_HOME}/examples/stomp/ruby
ruby publisher.rb
Windows
cd %APOLLO_HOME%\examples\stomp\ruby
ruby publisher.rb
+Unix/Linux/OS X
cd ${APOLLO_HOME}/examples/stomp/ruby
+ruby publisher.rb
Windows
cd %APOLLO_HOME%\examples\stomp\ruby
+ruby publisher.rb
+
If everything is working well, the publisher should produce output similar to:
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/download.html
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/images/module-deps-graph.png
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/images/project-logo-vector.png
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/images/project-logo.png
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/images/rss.gif
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/index.html
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/privacy-policy.html
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/scripts/jquery.js
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/styles/impact/blog.template
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/styles/impact/css/pygmentize.css
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/styles/impact/css/site.css
==============================================================================
(empty)
Modified: websites/production/activemq/content/apollo/versions/99-trunk-SNAPSHOT/website/versions/index.html
==============================================================================
(empty)