Rony, your email seems to be completely unrelated to the rest of this thread discussing plugin migration. Please start a new thread of your own on the *users* list. Thanks!
Justin On Thu, Jan 5, 2023 at 1:14 AM Rony Christian <[email protected]> wrote: > Thanks for your reply. > > Currently I have connected to artemis (mqtt) but not able to connect with > mqtts. I have attached here the current configuration (broker.xml). > <acceptors> > <!-- MQTT Acceptor --> > <acceptor name="mqtt">tcp:// > > 0.0.0.0:1883?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=MQTT;useEpoll=true > </acceptor> > <acceptor name="mqtt-ssl-acceptor">tcp:// > > 0.0.0.0:8883?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass;protocols=MQTT > </acceptor> > <acceptor > > name="netty-ssl-acceptor">tcp://localhost:5500?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass</acceptor> > </acceptors> > > I'm using nodejs and here is my nodejs code to connect the mqtt server: > this.username = 'myuname'; > this.password = 'mypass'; > this.endpoint = 'mqtt://my.endpoint.com;'; > this.options = { > username: this.username, > password: this.password, > // ca: [fs.readFileSync(['/usr/share/ca-certificates/client.crt'])], > rejectUnauthorized: false, > protocol: "mqtts", > port : 8883, > // clientId: "mqttjs_" + new Date().getTime() > // ssl: { > // key: fs.readFileSync('./ssl/petpooja.pem'), > // cert: fs.readFileSync('./ssl/STAR_petpooja_com.pem'), > // }, > sslEnabled: true, > trustStorePath: fs.readFileSync('./keystore.jks'), > trustStorePassword: 'mypass', > // keyStorePath: fs.readFileSync('./d/client-keystore.jks'), > // keyStorePassword: 'securepass', > }; > > Can you please look into this, where I'm doing wrong? > > Thanks and Regards, > > On Thu, Jan 5, 2023 at 9:01 AM Justin Bertram <[email protected]> wrote: > > > Can you elaborate on what exactly you haven't been able to translate into > > Artemis' plugin architecture? As Gary mentioned, there's a fairly rich > set > > of integration points with the various plugins and the fact that the > > security manager is pluggable as well. Examples of most of these are > > shipped with the broker to help you get going. You shouldn't need to > > implement your own JAAS login module as far as I can tell from your > > description. > > > > That said, right now you'll have to jump through a few hoops to get > details > > from the SSL certificate into the authorization method as the > > RemotingConnection is no longer passed into it [1]. See ARTEMIS-4059 [2] > > for additional discussion on that point. > > > > Ultimately there's no set of classes which will give you a 1 to 1 > > translation for migrating plugins since the internal broker architectures > > are so different. However, the basic concepts should translate such that > > just about anything you could do in "Classic" you should be able to do in > > Artemis. If not, we'll implement those abilities where it makes sense. > > > > > > Justin > > > > [1] > > > > > https://activemq.apache.org/components/artemis/documentation/javadocs/javadoc-latest/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager5.html > > [2] https://issues.apache.org/jira/browse/ARTEMIS-4059 > > > > On Wed, Dec 28, 2022 at 4:45 AM Jędrzej Dudkiewicz < > > [email protected]> wrote: > > > > > Hello, > > > > > > I wrote to this group earlier > > > (https://www.mail-archive.com/[email protected]/msg67666.html) > > > and got a response regarding migrating plugin from AMQ to Artemis. But > > > honestly even after reading links provided by Garry Tully I can't > > > figure out how I should proceed. My plugin extends BrokerFilter > > > (import org.apache.activemq.broker.BrokerFilter) and uses most/all > > > available methods: start(), addConnection(), removeConnection(), > > > addConsumer(), removeConsumer(), addDestination(), > > > addDestinationInfo(), removeDestination(), removeDestinationInfo(), > > > addProducer() and send(). > > > > > > My first problem is that the first thing I want to do is to retrieve > > > the certificate from connection (so probably getTransportConnection() > > > from RemotingConnection in Artemis should be used?), parse it, read > > > few fields and store proper information in SecurityContext associated > > > with this connection. Later this info is used to determine whether a > > > connected client can create, delete or send messages to specific > > > destinations (queues/topics?). Plugin also sends information about > > > connecting/disconnecting clients and so on to predefined queue. > > > > > > I tried to figure out how the JAAS plugin can be used for this, but > > > JAAS as a whole seems to be overly complicated and I'd rather > > > reimplement everything from scratch than try to figure out how to use > > > such umm... well regarded and mature solution. > > > > > > Is there some set of classes allowing for 1 to 1 translation of > > > ActiveMQ to Artemis plugins? > > > > > > TIA, > > > -- > > > Jędrzej Dudkiewicz > > > > > > I really hate this damn machine, I wish that they would sell it. > > > It never does just what I want, but only what I tell it. > > > > > > > > >
