qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Qpid > 0.13 - config.xml
Date Mon, 18 Jul 2011 09:36:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/2042/9/21/_/styles/combined.css?spaceKey=qpid&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/qpid/0.13+-+config.xml">0.13
- config.xml</a></h2>
    <h4>Page  <b>added</b> by             <a href="https://cwiki.apache.org/confluence/display/~k-wall">keith
wall</a>
    </h4>
         <br/>
    <div class="notificationGreySide">
         <h2><a name="0.13-config.xml-0.13Brokerconfig.xmldetails"></a>0.13
Broker config.xml details</h2>

<h3><a name="0.13-config.xml-Majorchangesfromearlierversions"></a>Major
changes from earlier versions</h3>

<p>Here are the major changes required to config.xml from earlier versions:</p>

<p>1. Authentication Manager</p>

<ul>
	<li>It is now required that an single authentication manager is plugged in within the
<b>broker/security</b> section.&nbsp; This element replaces the old <b>security/principal-database</b><b><ins>s</ins></b>
and <b>security/jmx</b> sections. In future it will allow for authentication to
be delegated to a third party system (i.e. an Enterprise Directory).</li>
</ul>



<p><a name="0.13-config.xml-fileformat"></a></p>

<h3><a name="0.13-config.xml-FileFormat"></a>File Format</h3>

<p>This is an overview of the top level of the config file. Description of each section
is embedded below. Each section is then described in detail in their own section..</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;broker&gt;
    &lt;connector&gt;
&lt;!-- Type of connections and properties --&gt;
    &lt;management&gt;
&lt;!-- Enablement of management functionality --&gt;
    &lt;advanced&gt;
&lt;!-- Various advanced flags --&gt;
    &lt;security&gt;
&lt;!-- Definition of available security options --&gt;
    &lt;virtualhosts&gt;
&lt;!-- Definition of available virtual hosts --&gt;
    &lt;heartbeat&gt;
&lt;!-- Heartbeat configuration --&gt;
    &lt;queue&gt;
&lt;!-- General queue configuration options--&gt;
    &lt;virtualhosts&gt;
&lt;!-- Configuration of various virtual hosts. --&gt;
&lt;/broker&gt;

</pre>
</div></div>

<p><a name="0.13-config.xml-config"></a></p>

<h2><a name="0.13-config.xml-ConfigurationSectionsDetailedInformation"></a>Configuration
Sections - Detailed Information</h2>

<p>The following sections provide an element by element overview of the config.xml.</p>

<p><a name="0.13-config.xml-configbroker"></a></p>

<h3><a name="0.13-config.xml-Broker"></a>Broker</h3>

<p>The setting of the prefixes for QPID_HOME and QPID_WORK allows environment variables
to be used throughout the config.xml and removes the need for hard coding of paths in this
file.</p>

<p>See the <a href="/confluence/display/qpid/Getting+Started+Guide#GettingStartedGuide-environmentvars">Environment
Variables</a> section of the <a href="/confluence/display/qpid/Getting+Started+Guide"
title="Getting Started Guide">Getting Started Guide</a> for more information on these
variables.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;broker&gt;
    &lt;prefix&gt;${QPID_HOME}&lt;/prefix&gt;
    &lt;work&gt;${QPID_WORK}&lt;/work&gt;
    &lt;conf&gt;${prefix}/etc&lt;/conf&gt;
    &lt;plugin-directory&gt;${QPID_HOME}/lib/plugins&lt;/plugin-directory&gt;
    &lt;cache-directory&gt;${QPID_WORK}/cache&lt;/cache-directory&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configconnector"></a></p>

<h3><a name="0.13-config.xml-Connector"></a>Connector</h3>

<p>The connector section allows configuration of SSL and related keystore settings.
By default this section is commented out and thus SSL is not enabled.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;connector&gt;
    &lt;!-- Uncomment out this block and edit the keystorePath and keystorePassword
         to enable SSL support
    &lt;ssl&gt;
        &lt;enabled&gt;true&lt;/enabled&gt;
        &lt;sslOnly&gt;true&lt;/sslOnly&gt;
        &lt;keystorePath&gt;/path/to/keystore.ks&lt;/keystorePath&gt;
        &lt;keystorePassword&gt;keystorepass&lt;/keystorePassword&gt;
    &lt;/ssl&gt;--&gt;
    &lt;port&gt;5672&lt;/port&gt;
    &lt;sslport&gt;8672&lt;/sslport&gt;
    &lt;socketReceiveBuffer&gt;262144&lt;/socketReceiveBuffer&gt;
    &lt;socketSendBuffer&gt;262144&lt;/socketSendBuffer&gt;
&lt;/connector&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configmanagement"></a></p>

<h3><a name="0.13-config.xml-Management"></a>Management</h3>

<p>This element allows the user to switch the connectivity of the management console
on/off i.e. if the enabled tag is set to false you will not be able to connect a management
console to this broker instance. The JMX Management port is set to 8999 by default but it
can be changed here in the XML or on the <a href="/confluence/display/qpid/Getting+Started+Guide#GettingStartedGuide-commandlineargs">command
line</a>. The management console has the ability to utilise some additional Sun Binary
Code License code to improve the security of JMX Connections. Full details of this can be
found <a href="/confluence/display/qpid/Management+Console+Security" title="Management
Console Security">here</a>.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;management&gt;
    &lt;enabled&gt;true&lt;/enabled&gt;
    &lt;jmxport&gt;8999&lt;/jmxport&gt;
    &lt;ssl&gt;
        &lt;enabled&gt;false&lt;/enabled&gt;
        &lt;!-- Update below path to your keystore location, or run the bin/create-example-ssl-stores(.sh|.bat)
             script from within the etc/ folder to generate an example store with self-signed
cert --&gt;
        &lt;keyStorePath&gt;${conf}/qpid.keystore&lt;/keyStorePath&gt;
        &lt;keyStorePassword&gt;password&lt;/keyStorePassword&gt;
    &lt;/ssl&gt;
&lt;/management&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configadvanced"></a></p>

<h3><a name="0.13-config.xml-Advanced"></a>Advanced</h3>

<p>The elements in this section are used under the covers in the broker. At present,
we do not recommend any changes to these settings.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;advanced&gt;
   &lt;filterchain enableExecutorPool="true"/&gt;
   &lt;framesize&gt;65535&lt;/framesize&gt;
   &lt;enableJMSXUserID&gt;false&lt;/enableJMSXUserID&gt;
   &lt;locale&gt;en_US&lt;/locale&gt;
&lt;/advanced&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configsecurity"></a></p>

<h3><a name="0.13-config.xml-Security"></a>Security</h3>

<p>The security section specifies exactly one authentication manager (responsible for
determining that a user's credentials are correct) and zero or more access plugins (limits
what the user may and may not do).&nbsp; See also <a href="/confluence/display/qpid/Configure+ACLs"
title="Configure ACLs">Configure ACLs</a> and <a href="/confluence/display/qpid/Firewall+Configuration"
title="Firewall Configuration">Firewall Configuration</a></p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;security&gt;
    &lt;!-- Exactly one auth-manager must be defined --&gt;
    &lt;pd-auth-manager&gt;
        &lt;!-- pd-auth-manager authenticates against a ´╗┐password file in the filesystem
--&gt;
        &lt;principal-database&gt;
            &lt;!-- The type of flat file --&gt;
            &lt;class&gt;org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase&lt;/class&gt;
            &lt;!-- Any attributes associated with the database. Here it is a password
file to load. --&gt;
            &lt;attributes&gt;
                &lt;attribute&gt;
                    &lt;name&gt;passwordFile&lt;/name&gt;
                    &lt;value&gt;${conf}/passwd&lt;/value&gt;
                &lt;/attribute&gt;
            &lt;/attributes&gt;
        &lt;/principal-database&gt;
    &lt;/pd-auth-manager&gt;
    &lt;!-- Zero or more access managers e.g. firewall, aclv2, allow-all etc --&gt;
    &lt;allow-all /&gt;
&lt;/security&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configvirtualhosts"></a></p>

<h3><a name="0.13-config.xml-Virtualhosts"></a>Virtualhosts</h3>

<p>This section allows you to define the set of virtual hosts which will be contained
in your broker instance, and the message store &amp; location for each. NB: The commented
out section referencing BDBMessageStore should be used for all applications wishing to use
persistence to disk.</p>

<p>If you are using transient messaging you can use the MemoryMessageStore, with the
caveat that scalability for transient use is limited by heap size.</p>

<p>In our example config.xml, we define three virtual hosts which we commonly use for
development (development), system testing (test) and integration testing (localhost). In the
config.xml the per virtual host sections define both the Message Store in use (MemoryMessageStore
for non-persistent applications or BDBMessageStore for persistent application usage) and zero
or more access plugins.</p>

<p>The default virtual host for connections which do not specify a host on the url is
'test' in the example config.xml.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;virtualhost&gt;
            &lt;name&gt;localhost&lt;/name&gt;
            &lt;localhost&gt;
                &lt;store&gt;
                    &lt;!-- &lt;class&gt;org.apache.qpid.server.store.berkeleydb.BDBMessageStore&lt;/class&gt;
                    &lt;environment-path&gt;${work}/localhost-store&lt;/environment-path&gt;
--&gt;

                    &lt;class&gt;org.apache.qpid.server.store.MemoryMessageStore&lt;/class&gt;
                &lt;/store&gt;
            &lt;/localhost&gt;
&lt;/virtualhost&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configheartbeat"></a></p>

<h3><a name="0.13-config.xml-Heartbeat"></a>Heartbeat</h3>

<p>The Qpid broker sends an internal (only) heartbeat. This element allows configuration
of the frequency of this heartbeat. At present, we recommend that you leave this section unchanged
&#33;</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;heartbeat&gt;
    &lt;delay&gt;0&lt;/delay&gt;
    &lt;timeoutFactor&gt;2.0&lt;/timeoutFactor&gt;
&lt;/heartbeat&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configqueue"></a></p>

<h3><a name="0.13-config.xml-Queue"></a>Queue</h3>

<p>This should NOT be changed lightly as it sets the broker up to automatically bind
queues to exchanges.</p>

<p>It could theoretically be used to prevent users creating new queues at runtime, assuming
that you have created all queues/topics etc at broker startup. However, best advice is to
leave unchanged for now.</p>

<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;queue&gt;
    &lt;auto_register&gt;true&lt;/auto_register&gt;
&lt;/queue&gt;
</pre>
</div></div>

<p><a name="0.13-config.xml-configvirtualhostfile"></a></p>

<h3><a name="0.13-config.xml-Virtualhosts"></a>Virtualhosts</h3>

<p>This element allows you to specify a location for the virtualhosts.xml file that
you wish to use. If you are not using a subdirectory under $QPID_HOME you can provide a fully
qualified path instead. For more information on the content of the virtualhosts.xml file please
see <a href="/confluence/display/qpid/Configure+the+Virtual+Hosts+via+virtualhosts.xml"
title="Configure the Virtual Hosts via virtualhosts.xml">Configure the Virtual Hosts via
virtualhosts.xml</a></p>


<div class="preformatted panel" style="border-width: 1px;"><div class="preformattedContent
panelContent">
<pre>&lt;virtualhosts&gt;${conf}/virtualhosts.xml&lt;/virtualhosts&gt;
</pre>
</div></div>
    </div>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>
       <a href="https://cwiki.apache.org/confluence/display/qpid/0.13+-+config.xml">View
Online</a>
              |
       <a href="https://cwiki.apache.org/confluence/display/qpid/0.13+-+config.xml?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
           </div>
</div>
</div>
</div>
</div>
</body>
</html>

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org


Mime
View raw message