Hi Team, This is a try to resolve https://wso2.org/jira/browse/MB-407.
I did a search to find out what are the unfamiliar configurations in andes-config.xml file. We need to know them, test if they work, consider if they are valid, remove if not relevant (specially the highlighted ones). @Prabath, *I also saw a config for OOM controlling. Please note. * Below are the findings. == Extended Configuration through config.xml == The config.xml contains the extended configuration information associated with the Qpid Java Broker. === The JMX Management Console Configuration === The management console configuration can be setup by editing the management child element of the broker configuration. The available options are: 1. enabled 2. jmxport 3. security-enabled Setting enabled to "true" will enable the JMX Management Console support. And, changing the jmxport will make it possible to connect using a different port. Setting the security-enabled option to "true" will make it possible to use SASL Authentication. Advanced security configuration is made effective once the security-enabled is set to "true". Further customization is explained in the Security Configuration section below. === Connector Configuration === The connetor configuration element manages connections to/from the Java Broker. Among the various options available are: 1. ssl 2. qpidnio 3. protectio 4. bind 5. port 6. sslport 7. socketReceiveBuffer 8. socketSendBuffer 9. processors 10. tcpNoDelay The ssl and *protecio* elements are discussed below. The port corresponds to the port in which the non-secure Java Broker runs. The *sslport* corresponds to the port in which the secure Java Broker runs. The *socketReceiveBuffer* and the *socketSendBuffer* sizes (in bytes) are configured using the respective elements. Setting *qpidnio* to "true" will setup a multithreaded MINA socket acceptor that will make an attempt to boost the performance by simultaneously allowing reading from and writing to a socket. Processors represent the the number of SocketProcessors you wish to create. And, *bind* represents the ip-address to bind to. In addition to that, you can enable TCP NoDelay by setting *tcpNoDelay* to "true'. Please note that the element transport is no longer used. ==== SSL Configuration ==== The SSL configuration can be setup by editing the connector child element's ssl child. The available options are: 1. enabled 2. sslOnly 3. keystorePath 4. keystorePassword The enabled option controls whether SSL is enabled or not. Setting this to "true" will enable SSL support. The sslOnly option will decide whether SSL will operate in parallel with non-SSL ports or not. The remaining options are on setting up an SSL keystore. Please note that the keystore password is seen in clear text in the config.xml. Do take necessary precautions when setting this option. ==== Protect I/O Configuration ==== *This feature is meant for the protection of the Java Broker from running out of* *memory due to runnaway clients or non-responsive clients*. The protection is achieved by limiting the data written to or read from a pending queue. The enabled option controls whether I/O protection is in place or not. To enable, set the enabled element's value to "true". === Security Configuration === There are various sub sections under the security configuration, which are: 1. principal-databases 2. access 3. jmx More on principal-databases and jmx are discussed below. The access element is used to set the ACLPlugin implementation which is capable of controlling access. This can be set through the class element. ==== Principal Databases ==== The *principal-databases* section contains definitions of principal databases. An example of a principal database is a set of Base64 encoded MD5 hashes, which is stored on a file, which can be used for authentication via the CRAM-MD5-Hashed SASL authentication mechanism. *(We have put org.wso2.carbon.andes.authentication.andes.CarbonBasedPrincipalDatabase here. I am not aware what it is??)* Among various options a principal-database configuration posses are: 1. name 2. class 3. attributes The name of the resource is identified by name. The class is the Java class capable of handling the resource. The attribute passwordFile will have a value of which is the path to the password database file. An example password database file is ../etc/passwd, which contains plain-text password. More information on this section can be found online at, http://cwiki.apache.org/qpid/qpid-design-authentication.html ==== JMX Security Configuration ==== The *JMX Security* configuration is used to specify the access restrictions, which is written on a file (../etc/jmxremote.access is an example). The path to this file is specified in access. The principal-database to be used can also be configured. Among the available options are: 1. access 2. principal-database === Virtual Host Configuration === The virtual hosts are configured through the virtualhosts element. This has two major subsections: 1. directory 2. virtualhost The directory is the* path to the directory in which extended virtual host* *configurations are present*. An example is ../etc/vitualhosts. More on the virtual host directory is found below in the Virtual Host Directory section below. Under the virtualhost subsection there are various properties that can be set through the config.xml. They are: 1. name 2. store 3. housekeeping The name will represent the corresponding name which recognizes the virtualhost in both the config.xml as well as the virtual host directory. The store is a class that represents the type of store implemented. The housekeeping element is used to set the expiredMessageCheckPeriod used by housekeeping timers. === Advanced Configuration === The Advanced Configuration section is not intended to be customized by a user as it might lead the broker into an unstable state. For more information please contact the developer list. == The Virtual Hosts Directory == TBD Thanks -- *Hasitha Abeykoon* Senior Software Engineer; WSO2, Inc.; http://wso2.com *cell:* *+94 719363063* *blog: **abeykoon.blogspot.com* <http://abeykoon.blogspot.com>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
