qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kw...@apache.org
Subject svn commit: r1769087 - in /qpid/java/trunk/doc: java-broker/src/docbkx/management/managing/ jms-client-0-8/src/docbkx/
Date Thu, 10 Nov 2016 11:19:42 GMT
Author: kwall
Date: Thu Nov 10 11:19:42 2016
New Revision: 1769087

URL: http://svn.apache.org/viewvc?rev=1769087&view=rev
Log:
QPID-7466: [Java Docs] Incorporate comments from Lorenz Quack <lquack@apache.org>

Modified:
    qpid/java/trunk/doc/java-broker/src/docbkx/management/managing/Java-Broker-Management-Managing-Truststores.xml
    qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Appendix-Exceptions.xml
    qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Message-Encryption.xml

Modified: qpid/java/trunk/doc/java-broker/src/docbkx/management/managing/Java-Broker-Management-Managing-Truststores.xml
URL: http://svn.apache.org/viewvc/qpid/java/trunk/doc/java-broker/src/docbkx/management/managing/Java-Broker-Management-Managing-Truststores.xml?rev=1769087&r1=1769086&r2=1769087&view=diff
==============================================================================
--- qpid/java/trunk/doc/java-broker/src/docbkx/management/managing/Java-Broker-Management-Managing-Truststores.xml
(original)
+++ qpid/java/trunk/doc/java-broker/src/docbkx/management/managing/Java-Broker-Management-Managing-Truststores.xml
Thu Nov 10 11:19:42 2016
@@ -76,6 +76,11 @@
                     <para><emphasis>Name the truststore</emphasis>. Used
to identify the
                         truststore.</para>
                 </listitem>
+                <listitem>
+                    <para><emphasis>Exposed as Message Source</emphasis>.
If enabled, the Broker
+                        will distribute certificates contained within the trustore to clients.
+                        Used by the end to end message encryption feature.</para>
+                </listitem>
             </itemizedlist>
         </para>
         <para>The following attributes apply to <emphasis>File Trust Stores</emphasis>
only.</para>
@@ -110,11 +115,6 @@
                         certificate exactly matching a certificate contained within the Truststore
                         database.</para>
                 </listitem>
-                <listitem>
-                    <para><emphasis>Exposed as Message Source</emphasis>.
If enabled, the Broker
-                        will distribute certificates contained within the trustore to clients.
-                        Used by the end to end message encryption feature.</para>
-                </listitem>
             </itemizedlist>
         </para>
         <para>The following attributes apply to <emphasis>Non Java Trust Stores</emphasis>

Modified: qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Appendix-Exceptions.xml
URL: http://svn.apache.org/viewvc/qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Appendix-Exceptions.xml?rev=1769087&r1=1769086&r2=1769087&view=diff
==============================================================================
--- qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Appendix-Exceptions.xml (original)
+++ qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Appendix-Exceptions.xml Thu Nov
10 11:19:42 2016
@@ -103,6 +103,15 @@
               group) has not been permissioned within the Broker's <link xmlns:xlink="http://www.w3.org/1999/xlink"
xlink:href="${qpidJavaBrokerBook}Java-Broker-Security-ACLs.html">Access Control List
                 (ACL)</link>.</para></entry>
         </row>
+        <row xml:id="JMS-Client-0-8-Appendix-Exceptions-CertificateException">
+          <entry>CertificateException</entry>
+          <entry>Unable to find certificate for recipient '&lt;recipient&gt;'</entry>
+          <entry>
+            <para>When using end to end message encryption, this exception indicates
the the message recipent's
+              principal cannot be found in the truststore. See <xref linkend="JMS-Client-Message-Encryption"/>
+            </para>
+          </entry>
+        </row>
       </tbody>
     </tgroup>
   </table>

Modified: qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Message-Encryption.xml
URL: http://svn.apache.org/viewvc/qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Message-Encryption.xml?rev=1769087&r1=1769086&r2=1769087&view=diff
==============================================================================
--- qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Message-Encryption.xml (original)
+++ qpid/java/trunk/doc/jms-client-0-8/src/docbkx/JMS-Client-Message-Encryption.xml Thu Nov
10 11:19:42 2016
@@ -272,7 +272,8 @@ java.naming.factory.initial = org.apache
 # connection factories. This is where end-to-end encryption is configured on the client.
 # connectionfactory.[jndiname] = [ConnectionURL]
 connectionfactory.producerConnectionFactory = amqp://&lt;username&gt;:&lt;password&gt;@?brokerlist='tcp://localhost:5672?encryption_remote_trust_store='$certificates%255c/clientcerts''
-connectionfactory.consumerConnectionFactory = amqp://&lt;username&gt;:&lt;password&gt;@?brokerlist='tcp://localhost:5672?encryption_key_store='path/to/client_1.jks'&amp;encryption_key_store_password='&lt;keystore_password&gt;''
+connectionfactory.consumer1ConnectionFactory = amqp://&lt;username&gt;:&lt;password&gt;@?brokerlist='tcp://localhost:5672?encryption_key_store='path/to/client_1.jks'&amp;encryption_key_store_password='&lt;keystore_password&gt;''
+connectionfactory.consumer2ConnectionFactory = amqp://&lt;username&gt;:&lt;password&gt;@?brokerlist='tcp://localhost:5672?encryption_key_store='path/to/client_2.jks'&amp;encryption_key_store_password='&lt;keystore_password&gt;''
 
 # Rest of JNDI configuration. For example
 # destination.[jniName] = [Address Format]
@@ -288,7 +289,11 @@ queue.myTestQueue = testQueue
                 <literal>x-qpid-encrypt</literal>
                 and
                 <literal>x-qpid-encrypt-recipients</literal>
-                message properties.
+                message properties. Note that the order of the relative distinguished name
(RDN) entries within the
+                recipent's distinguished name (DNs) is significant. If the order does not
match that recorded in
+                truststore, a
+                <link linkend="JMS-Client-0-8-Appendix-Exceptions-CertificateException">CertificateException</link>
+                will be encountered.
             </para>
             <para>
                 On the receiving side, there is nothing to do.  The application code does
not have to add decryption code as this is handled transparently by the Qpid client library.
@@ -310,7 +315,6 @@ public class EncryptionExample {
     {
         Connection connection = createConnection("producerConnectionFactory");
         try {
-            connection.start();
             Session session = connection.createSession(true, Session.SESSION_TRANSACTED);
             Destination destination = createDesination("myTestQueue");
 
@@ -332,7 +336,7 @@ public class EncryptionExample {
 
     private void runReceiverExample() throws Exception
     {
-        Connection connection = createConnection("consumerConnectionFactory");
+        Connection connection = createConnection("consumer1ConnectionFactory");
         try {
             connection.start();
             Session session = connection.createSession(true, Session.SESSION_TRANSACTED);



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message