Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1089274 - [Doc Bug Fix] Chapter on transports configuration should be extended
Summary: [Doc Bug Fix] Chapter on transports configuration should be extended
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Documentation
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ER8
: EAP 6.3.0
Assignee: Nidhi
QA Contact: Martin Svehla
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-04-18 11:48 UTC by Martin Svehla
Modified: 2014-08-14 15:17 UTC (History)
4 users (show)

Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Build Name: 22508, Administration and Configuration Guide-6.3-1 Build Date: 11-04-2014 10:15:39 Topic ID: 4813-591676 [Latest]
Last Closed: 2014-06-28 15:24:57 UTC
Type: Enhancement


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
JBoss Issue Tracker JBQA-9650 Major Open Chapter on transports configuration should be extended 2014-07-31 08:42:11 UTC
Red Hat Bugzilla 1065238 None None None Never

Internal Links: 1065238

Description Martin Svehla 2014-04-18 11:48:23 UTC
Currently, the chapter on transports (connectors and acceptors) only contains configuration of basic netty transports. It should be extended with:

 - Netty transport over SSL (this is very important)
 - Netty HTTP transport (with note that this transport is not supported for HA)
 - Netty TunnelingServlet (tunneling through HTTP port; this is also not supported for HA)

Comment 1 Martin Svehla 2014-06-16 08:51:31 UTC
You can use upstream documentation as a source: http://docs.jboss.org/hornetq/2.3.0.Final/docs/user-manual/html/configuring-transports.html#d0e3370

Comment 2 Martin Svehla 2014-06-20 08:24:39 UTC
Configuration examples (this will be long):

Use upstream as basis please. I think the attribute description is quite good there. Here are specific examples and notes to individual parts.


- For netty SSL (Showing only additional properties. All properties for normal Netty acceptors are also available):

<netty-acceptor name="netty" socket-binding="messaging">
    <param key="ssl-enabled" value="true"/>
    <param key="key-store-password" value="[keystore password]"/>
    <param key="key-store-path" value="[path to keystore file]"/>
</netty-acceptor>

for 1-way SSL and

<netty-acceptor name="netty" socket-binding="messaging">
    <param key="ssl-enabled" value="true"/>
    <param key="need-client-auth" value="true"/>
    <param key="key-store-password" value="[keystore password]"/>
    <param key="key-store-path" value="[path to keystore file]"/>
    <param key="trust-store-password" value="[truststore password]"/>
    <param key="trust-store-path" value="[path to truestore file]"/>
</netty-acceptor>

for 2-way SSL (i.e. mutual authentication between server and client).

Take attribute description from upstream documentation please. Parameter "need-client-auth" is not described there, but you can use just "Require 2-way (ie mutual authentication) for client connections".

I wouldn't bother with connector examples, they are pretty much same and the attribute description explains the difference between using these attributes in connectors and acceptors.


- Netty HTTP

First you need to define socket binding for new HTTP port:

<socket-binding mame="messaging-http" port="7080" />

Then you bind acceptor/connector to that socket-binding together with attribute http-enabled set to true:

<netty-connector name="netty" socket-binding="messaging-http">
    <param key="http-enabled" value="true"/>
</netty-connector>

<netty-acceptor name="netty" socket-binding="messaging-http">
    <param key="http-enabled" value="true"/>
</netty-acceptor>

Use the attribute description from upstream documentation again please, all other attributes are valid, though only http-enabled is required for this.

Please add a warning that automatic client failover is not supported for clients connecting through Netty HTTP transport.

Also add a note that this transport doesn't allow to reuse standard HTTP port 8080 (HornetQ throws BindException when you try that). You can use Netty Servlet transport for tunneling HornetQ connections through standard HTTP port (see below).


- Netty Servlet

The snippet with the servlet configuration can be used as is in there.

Acceptor will be same as is in upstream documentation, but configuration file is standalone.xml/domain.xml instead of hornetq-configuration.xml.

Connector example will change to:

<netty-connector name="netty-servlet" socket-binding="http">
    <param key="use-servlet" value="true"/>
    <param key="servlet-path" value="/messaging/HornetQServlet"/>
</netty-connector>

Again, configuration file is standalone.xml/domain.xml instead of hornetq-configuration.xml.

The example with SSL active will be:

<netty-connector name="netty-servlet" socket-binding="https">
   <param key="use-servlet" value="true"/>
   <param key="servlet-path" value="/messaging/HornetQServlet"/>
   <param key="ssl-enabled" value="true"/>
   <param key="key-store-path" value="path to a key-store"/>
   <param key="key-store-password" value="key-store password"/>
</connector>

(Ignore the part under SSL example - the paragraph starting with "You will also have to configure the Application server to use a KeyStore...". That part is not relevant for EAP.)

Please add a warning that automatic client failover is not supported for clients connecting through http tunneling servlet.

Comment 4 Martin Svehla 2014-06-20 12:24:19 UTC
One more note: in the upstream documentation in the attribute description please ignore host and port. These are replaced by socket-binding attribute in netty-connector / netty-acceptor elements in EAP config.

Comment 17 Martin Svehla 2014-06-26 11:29:48 UTC
Thanks Nidhi!


Note You need to log in before you can comment on or make changes to this bug.