Wildfly Security Manager : Permission failed for javax.management.MBeanPermission - wildfly-10

I have My JBOSS Wildfly10 set up. I am enabling SECMGR flag in standlone.conf.bat file to true for enabling java security manager and as my war is deployed in wildfy 10 ,I am giving following permission set in standalone.xml as below and getting following error:
14:49:56,804 INFO [stdout] (ServerService Thread Pool -- 58)
2017-03-28 14:49:56,804 ServerService Thread Pool -- 58 ERROR Could
not unregister MBeans for org.apac
he.logging.log4j2:type=2483b420,component=Loggers,name=*,subtype=RingBuffer
java.security.AccessControlException: WFSM000001: Permission check
failed (permission "( "javax.management.MBeanPermission" "-#-[-]"
"queryNames")" in code source
"(vfs:/C:/wildfly-10.0.0.Final/standalone/deployments/mySample.war/WEB-INF/lib/log4j-core-2.5.
jar )" of "null")
My Standalone.xml configuration is as below so please can anyone help me out here where I am doing wrong ?
<subsystem xmlns="urn:jboss:domain:security-manager:1.0">
<deployment-permissions>
<minimum-set>
<permission class="java.lang.RuntimePermission" name="shutdownHooks"/>
<permission class="java.util.PropertyPermission" name="*" actions="read"/>
<permission class="java.lang.RuntimePermission" name="createClassLoader"/>
<permission class="java.lang.RuntimePermission" name="getClassLoader"/>
<permission class="java.lang.RuntimePermission" name="shutdownHooks"/>
<permission class="javax.management.MBeanServerPermission" name="createMBeanServer"/>
<permission class="java.lang.reflect.ReflectPermission" name="suppressAccessChecks"/>
<permission class="javax.management.MBeanPermission" name="registerMBean"/>
<permission class="javax.management.MBeanPermission" name="queryNames"/>
</minimum-set>
</deployment-permissions>
</subsystem>

The queryNames and registerMBean permissions aren't quite right. The name attribute should be the name of the MBean. The registerMBeanand queryNames are actions.
It should probably look something like:
<permission class="javax.management.MBeanPermission" name="*" actions="registerMBean"/>
<permission class="javax.management.MBeanPermission" name="*" actions="queryNames"/>
You can specify the specific names or just use * as a wildcard. Have a look at the MBeanPermission for more details.

Hi James thanks for reply, I am little new to java security management as you said I have corrected the permission and referred the MBeanPermission link , It was helpful for me and that issue got fixed.

Related

Define Datasource validation in Thorntail

In WildFly standalone configuration we can define a validation query in the datasource. In case the DB connection is lost, after the background validation milliseconds defined, the connection can be recovered. Without this validation if the connection is lost, it will not be recovered until the application is restarted.
<datasource jndi-name="java:jboss/datasources/MyDS" pool-name="MyDS" enabled="true" use-java-context="true">
<connection-url>jdbc:postgresql://localhost:5432/myDB</connection-url>
<driver>postgresql</driver>
<security>
<user-name>dbuser</user-name>
<password>password</password>
</security>
<validation>
<check-valid-connection-sql>select 1</check-valid-connection-sql>
<validate-on-match>false</validate-on-match>
<background-validation>true</background-validation>
<background-validation-millis>30000</background-validation-millis>
</validation>
</datasource>
How can I achieve the same in Thorntail project.yml file?
thorntail:
datasources:
data-sources:
MyDS:
driver-name: postgresql
connection-url: jdbc:postgresql://localhost:5432/myDB
user-name: dbuser
password: password
I tried adding a validation node, but it didn't work
validation:
check-valid-connection-sql: select 1
validate-on-match: false
background-validation: true
background-validation-millis: 30000
Here's an example PostgreSQL datasource taken from this documentation: https://docs.thorntail.io/2.7.0.Final/#_example_datasource_definitions It includes connection validation, too.
thorntail:
datasources:
data-sources:
MyDS:
driver-name: postgresql
connection-url: jdbc:postgresql://localhost:5432/postgresdb
user-name: admin
password: admin
valid-connection-checker-class-name: org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLValidConnectionChecker
validate-on-match: true
background-validation: false
exception-sorter-class-name: org.jboss.jca.adapters.jdbc.extensions.postgres.PostgreSQLExceptionSorter
Other connection validation options, including those that you use, are described in the same documentation.

KC-SERVICES0089: Failed to run scheduled task ClearExpiredClientInitialAccessTokens

I use Keycloak 10.0.2 and SQL Server as database. Sometimes I get an error in Keycloak which prevents the application to run properly and the only solution is to restart the application.
Seems that connection gets closed somehow and keycloak is not able to open it again. What could be the reason?
2020-06-22 09:09:28,649 ERROR [org.keycloak.services] (Timer-2)
KC-SERVICES0089: Failed to run scheduled task
ClearExpiredClientInitialAccessTokens:
javax.persistence.PersistenceException:
org.hibernate.exception.GenericJDBCException: could not prepare
statement
at org.hibernate#5.3.15.Final//org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:154)
at org.hibernate#5.3.15.Final//org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:181)
at org.hibernate#5.3.15.Final//org.hibernate.query.internal.AbstractProducedQuery.executeUpdate(AbstractProducedQuery.java:1594)
at org.keycloak.keycloak-model-jpa#10.0.2//org.keycloak.models.jpa.JpaRealmProvider.removeExpiredClientInitialAccess(JpaRealmProvider.java:826)
at org.keycloak.keycloak-model-infinispan#10.0.2//org.keycloak.models.cache.infinispan.RealmCacheSession.removeExpiredClientInitialAccess(RealmCacheSession.java:1208)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.services.scheduled.ClearExpiredClientInitialAccessTokens.run(ClearExpiredClientInitialAccessTokens.java:30)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner$1.call(ClusterAwareScheduledTaskRunner.java:56)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner$1.call(ClusterAwareScheduledTaskRunner.java:52)
at org.keycloak.keycloak-model-infinispan#10.0.2//org.keycloak.cluster.infinispan.InfinispanClusterProvider.executeIfNotExecuted(InfinispanClusterProvider.java:78)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.services.scheduled.ClusterAwareScheduledTaskRunner.runTask(ClusterAwareScheduledTaskRunner.java:52)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.services.scheduled.ScheduledTaskRunner.run(ScheduledTaskRunner.java:45)
at org.keycloak.keycloak-services#10.0.2//org.keycloak.timer.basic.BasicTimerProvider$1.run(BasicTimerProvider.java:51)
at java.base/java.util.TimerThread.mainLoop(Timer.java:556)
at java.base/java.util.TimerThread.run(Timer.java:506) Caused by: org.hibernate.exception.GenericJDBCException: could not prepare
statement
at org.hibernate#5.3.15.Final//org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
at org.hibernate#5.3.15.Final//org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:113)
at org.hibernate#5.3.15.Final//org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:186)
at org.hibernate#5.3.15.Final//org.hibernate.engine.jdbc.internal.StatementPreparerImpl.prepareStatement(StatementPreparerImpl.java:81)
at org.hibernate#5.3.15.Final//org.hibernate.hql.internal.ast.exec.BasicExecutor.doExecute(BasicExecutor.java:87)
at org.hibernate#5.3.15.Final//org.hibernate.hql.internal.ast.exec.BasicExecutor.execute(BasicExecutor.java:59)
at org.hibernate#5.3.15.Final//org.hibernate.hql.internal.ast.exec.DeleteExecutor.execute(DeleteExecutor.java:109)
at org.hibernate#5.3.15.Final//org.hibernate.hql.internal.ast.QueryTranslatorImpl.executeUpdate(QueryTranslatorImpl.java:453)
at org.hibernate#5.3.15.Final//org.hibernate.engine.query.spi.HQLQueryPlan.performExecuteUpdate(HQLQueryPlan.java:378)
at org.hibernate#5.3.15.Final//org.hibernate.internal.SessionImpl.executeUpdate(SessionImpl.java:1550)
at org.hibernate#5.3.15.Final//org.hibernate.query.internal.AbstractProducedQuery.doExecuteUpdate(AbstractProducedQuery.java:1603)
at org.hibernate#5.3.15.Final//org.hibernate.query.internal.AbstractProducedQuery.executeUpdate(AbstractProducedQuery.java:1585)
... 11 more Caused by: com.microsoft.sqlserver.jdbc.SQLServerException: The connection is
closed.
at com.microsoft//com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDriverError(SQLServerException.java:234)
at com.microsoft//com.microsoft.sqlserver.jdbc.SQLServerConnection.checkClosed(SQLServerConnection.java:1088)
at com.microsoft//com.microsoft.sqlserver.jdbc.SQLServerConnection.prepareStatement(SQLServerConnection.java:3409)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnection.doPrepareStatement(BaseWrapperManagedConnection.java:761)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.BaseWrapperManagedConnection.prepareStatement(BaseWrapperManagedConnection.java:747)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.WrappedConnection$4.produce(WrappedConnection.java:478)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.WrappedConnection$4.produce(WrappedConnection.java:476)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.SecurityActions.executeInTccl(SecurityActions.java:97)
at org.jboss.ironjacamar.jdbcadapters#1.4.20.Final//org.jboss.jca.adapters.jdbc.WrappedConnection.prepareStatement(WrappedConnection.java:476)
at org.hibernate#5.3.15.Final//org.hibernate.engine.jdbc.internal.StatementPreparerImpl$1.doPrepare(StatementPreparerImpl.java:90)
at org.hibernate#5.3.15.Final//org.hibernate.engine.jdbc.internal.StatementPreparerImpl$StatementPreparationTemplate.prepareStatement(StatementPreparerImpl.java:176)
... 20 more
EDITED:
Here is the datasource configuration part within standalone-ha.xml
<subsystem xmlns="urn:jboss:domain:datasources:5.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true" statistics-enabled="${wildfly.datasources.statistics-enabled:${wildfly.statistics-enabled:false}}">
<connection-url>jdbc:sqlserver://sqlserver\sqlinstance:1431;DatabaseName=keycloak;</connection-url>
<driver>sqlserver</driver>
<security>
<user-name>keycloak</user-name>
<password>keycloak</password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
<driver name="sqlserver" module="com.microsoft">
<driver-class>com.microsoft.sqlserver.jdbc.SQLServerDriver</driver-class>
<xa-datasource-class>com.microsoft.sqlserver.jdbc.SQLServerXADataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>

Failed to create session factory AMQ219007 when sending messages to AMQ Artemis from Camel JMS component

I try to send messages from the Camel rout JMS component, on some messages the error below occurs. Out of 50,000 messages, 4937 reached an average speed of 497 mes/sec. At the same time, with the same settings, the classic ActiveMQ gives about 10,000 mes/sec
Artemis version 2.11.0. Camel version 2.20.2
Error
Error while routing: Message has put to DEAD.LETTER.QUEUE
org.springframework.jms.UncategorizedJmsException: Uncategorized exception occurred during JMS processing; nested exception is javax.jms.JMSException: Failed to create session factory; nested exception is ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
at org.springframework.jms.support.JmsUtils.convertJmsAccessException(JmsUtils.java:316)
at org.springframework.jms.support.JmsAccessor.convertJmsAccessException(JmsAccessor.java:169)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:487)
at org.apache.camel.component.jms.JmsConfiguration$CamelJmsTemplate.send(JmsConfiguration.java:516)
at org.apache.camel.component.jms.JmsProducer.doSend(JmsProducer.java:440)
at org.apache.camel.component.jms.JmsProducer.processInOnly(JmsProducer.java:394)
at org.apache.camel.component.jms.JmsProducer.process(JmsProducer.java:157)
at org.apache.camel.processor.SendDynamicProcessor$1.doInAsyncProducer(SendDynamicProcessor.java:132)
at org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:445)
at org.apache.camel.processor.SendDynamicProcessor.process(SendDynamicProcessor.java:127)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:548)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:201)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:97)
at org.apache.camel.processor.WireTapProcessor$1.call(WireTapProcessor.java:158)
at org.apache.camel.processor.WireTapProcessor$1.call(WireTapProcessor.java:153)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Suppressed: org.springframework.jms.UncategorizedJmsException: Uncategorized exception occurred during JMS processing; nested exception is javax.jms.JMSException: Failed to create session factory; nested exception is ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
... 19 more
Suppressed: org.springframework.jms.UncategorizedJmsException: Uncategorized exception occurred during JMS processing; nested exception is javax.jms.JMSException: Failed to create session factory; nested exception is ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
... 19 more
Suppressed: org.springframework.jms.UncategorizedJmsException: Uncategorized exception occurred during JMS processing; nested exception is javax.jms.JMSException: Failed to create session factory; nested exception is ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
... 19 more
Caused by: javax.jms.JMSException: Failed to create session factory
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:886)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:299)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:294)
at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:474)
... 16 more
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:799)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:884)
... 20 more
Caused by: javax.jms.JMSException: Failed to create session factory
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:886)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:299)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:294)
at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:474)
... 16 more
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:799)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:884)
... 20 more
Caused by: javax.jms.JMSException: Failed to create session factory
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:886)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:299)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:294)
at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:474)
... 16 more
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:799)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:884)
... 20 more
Caused by: javax.jms.JMSException: Failed to create session factory
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:886)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:299)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnection(ActiveMQConnectionFactory.java:294)
at org.springframework.jms.support.JmsAccessor.createConnection(JmsAccessor.java:180)
at org.springframework.jms.core.JmsTemplate.execute(JmsTemplate.java:474)
... 16 more
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ219007: Cannot connect to server(s). Tried with all available servers.]
at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:799)
at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:884)
... 20 more
Camel route
<?xml version="1.0" encoding="UTF-8"?>
<beans factor:name="Send to Artemis" factor:status="true"
xmlns="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:cxf="http://camel.apache.org/schema/cxf"
xmlns:factor="factor-schema"
xmlns:jdbc="http://www.springframework.org/schema/jdbc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd">
<camelContext errorHandlerRef="myDeadLetterErrorHandler"
id="e726891b-7413-4428-9bf5-f6c85116c771" xmlns="http://camel.apache.org/schema/spring">
<interceptFrom>
<bean method="updateMDC" ref="logInterceptorService"/>
</interceptFrom>
<route factor:name="Send to Artemis" id="route-4cd627f9-ba6d-43e3-ba24-4f61d8c1b69b">
<from id="35ecd8c3-ea1e-48ee-8d1e-85815576242c" uri="timer://init?delay=-1&repeatCount=50000">
<description>Timer</description>
</from>
<setBody factor:component="SetBodyEndpoint"
factor:custom-name="Установить тело сообщения"
factor:guid="endpoint-34546317-7707-4c92-9d08-c388ea6cc390" id="endpoint-34546317-7707-4c92-9d08-c388ea6cc390">
<simple><![CDATA[<?xml version="1.0" encoding="utf-8"?>
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header>
<props:MessageInfo xmlns:props="urn:cbr-ru:msg:props:v1.3">
<props:To>uic:5454</props:To>
<props:From>uic:newuser</props:From>
<props:AppMessageID>guid:1134f9d42bc98c84caea7ee62c17881312</props:AppMessageID>
<props:MessageID>guid:1429e234ae7016f981111361</props:MessageID>
<props:MessageType>1</props:MessageType>
<props:Priority>5</props:Priority>
<props:CreateTime>2016-07-27T12:41:13Z</props:CreateTime>
<props:LegacyTransportFileName>20191008 # pacs.008.001.08 # AAAACNBJXXX # BBBBRUMMYYY # 123456789.xml</props:LegacyTransportFileName>
<props:SendTime>2016-07-27T12:41:14Z</props:SendTime>
<props:AckRequest>false</props:AckRequest>
</props:MessageInfo>
<props:DocInfo xmlns:props="urn:cbr-ru:msg:props:v1.3">
<props:DocFormat>1</props:DocFormat>
<props:DocType>ED311</props:DocType>
<props:EDRefID EDNo="1" EDDate="2016-07-27" EDAuthor="1203709000" />
</props:DocInfo>
</env:Header>
<env:Body>
<sen:SigEnvelope xmlns:sen="urn:cbr-ru:dsig:env:v1.1">kk
</sen:SigEnvelope>
</env:Body>
</env:Envelope>]]></simple>
</setBody>
<setHeader factor:component="SetHeaderEndpoint"
factor:custom-name="Установить заголовки"
factor:guid="87ba2d3e-7eff-42cd-9efc-048764539364"
headerName="JMSDeliveryMode" id="87ba2d3e-7eff-42cd-9efc-048764539364">
<constant>NON_PERSISTENT</constant>
</setHeader>
<wireTap id="18382f84-1f34-487e-a55a-a731e1ec9560" uri="jms://TEST.FROM.CAMEL?connectionFactory=#RemoteArtemisMQ">
<description>JMS</description>
</wireTap>
</route>
</camelContext>
<bean
class="org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory"
factor:bean-type="DEFAULT" id="RemoteArtemisMQ" name="RemoteArtemisMQ">
<constructor-arg value="tcp://192.168.58.6:61619"/>
</bean>
</beans>
Artemis config
<configuration xmlns="urn:activemq"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xi="http://www.w3.org/2001/XInclude"
xsi:schemaLocation="urn:activemq /schema/artemis-configuration.xsd">
<core xmlns="urn:activemq:core" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:activemq:core ">
<name>0.0.0.0</name>
<persistence-enabled>true</persistence-enabled>
<!-- this could be ASYNCIO, MAPPED, NIO
ASYNCIO: Linux Libaio
MAPPED: mmap files
NIO: Plain Java Files
-->
<journal-type>ASYNCIO</journal-type>
<paging-directory>data/paging</paging-directory>
<bindings-directory>data/bindings</bindings-directory>
<journal-directory>data/journal</journal-directory>
<large-messages-directory>data/large-messages</large-messages-directory>
<journal-datasync>true</journal-datasync>
<journal-min-files>2</journal-min-files>
<journal-pool-files>10</journal-pool-files>
<journal-device-block-size>4096</journal-device-block-size>
<journal-file-size>10M</journal-file-size>
<!--
This value was determined through a calculation.
Your system could perform 83.33 writes per millisecond
on the current journal configuration.
That translates as a sync write every 12000 nanoseconds.
Note: If you specify 0 the system will perform writes directly to the disk.
We recommend this to be 0 if you are using journalType=MAPPED and journal-datasync=false.
-->
<journal-buffer-timeout>12000</journal-buffer-timeout>
<!--
When using ASYNCIO, this will determine the writing queue depth for libaio.
-->
<journal-max-io>4096</journal-max-io>
<!--
You can verify the network health of a particular NIC by specifying the <network-check-NIC> element.
<network-check-NIC>theNicName</network-check-NIC>
-->
<!--
Use this to use an HTTP server to validate the network
<network-check-URL-list>http://www.apache.org</network-check-URL-list> -->
<!-- <network-check-period>10000</network-check-period> -->
<!-- <network-check-timeout>1000</network-check-timeout> -->
<!-- this is a comma separated list, no spaces, just DNS or IPs
it should accept IPV6
Warning: Make sure you understand your network topology as this is meant to validate if your network is valid.
Using IPs that could eventually disappear or be partially visible may defeat the purpose.
You can use a list of multiple IPs, and if any successful ping will make the server OK to continue running -->
<!-- <network-check-list>10.0.0.1</network-check-list> -->
<!-- use this to customize the ping used for ipv4 addresses -->
<!-- <network-check-ping-command>ping -c 1 -t %d %s</network-check-ping-command> -->
<!-- use this to customize the ping used for ipv6 addresses -->
<!-- <network-check-ping6-command>ping6 -c 1 %2$s</network-check-ping6-command> -->
<!-- how often we are looking for how many bytes are being used on the disk in ms -->
<disk-scan-period>5000</disk-scan-period>
<!-- once the disk hits this limit the system will block, or close the connection in certain protocols
that won't support flow control. -->
<max-disk-usage>90</max-disk-usage>
<!-- should the broker detect dead locks and other issues -->
<critical-analyzer>true</critical-analyzer>
<critical-analyzer-timeout>120000</critical-analyzer-timeout>
<critical-analyzer-check-period>60000</critical-analyzer-check-period>
<critical-analyzer-policy>HALT</critical-analyzer-policy>
<page-sync-timeout>84000</page-sync-timeout>
<!-- the system will enter into page mode once you hit this limit.
This is an estimate in bytes of how much the messages are using in memory
The system will use half of the available memory (-Xmx) by default for the global-max-size.
You may specify a different value here if you need to customize it to your needs.
<global-max-size>100Mb</global-max-size>
-->
<acceptors>
<!-- useEpoll means: it will use Netty epoll if you are on a system (Linux) that supports it -->
<!-- amqpCredits: The number of credits sent to AMQP producers -->
<!-- amqpLowCredits: The server will send the # credits specified at amqpCredits at this low mark -->
<!-- amqpDuplicateDetection: If you are not using duplicate detection, set this to false
as duplicate detection requires applicationProperties to be parsed on the server. -->
<!-- Note: If an acceptor needs to be compatible with HornetQ and/or Artemis 1.x clients add
"anycastPrefix=jms.queue.;multicastPrefix=jms.topic." to the acceptor url.
See https://issues.apache.org/jira/browse/ARTEMIS-1644 for more information. -->
<!-- Acceptor for every supported protocol -->
<acceptor name="artemis">tcp://0.0.0.0:61619?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=CORE,AMQP,STOMP,HORNETQ,MQTT,OPENWIRE;useEpoll=true;amqpCredits=1000;amqpLowCredits=300;amqpDuplicateDetection=true</acceptor>
</acceptors>
<security-settings>
<security-setting match="#">
<permission type="createNonDurableQueue" roles="amq"/>
<permission type="deleteNonDurableQueue" roles="amq"/>
<permission type="createDurableQueue" roles="amq"/>
<permission type="deleteDurableQueue" roles="amq"/>
<permission type="createAddress" roles="amq"/>
<permission type="deleteAddress" roles="amq"/>
<permission type="consume" roles="amq"/>
<permission type="browse" roles="amq"/>
<permission type="send" roles="amq"/>
<!-- we need this otherwise ./artemis data imp wouldn't work -->
<permission type="manage" roles="amq"/>
</security-setting>
</security-settings>
<address-settings>
<!-- if you define auto-create on certain queues, management has to be auto-create -->
<address-setting match="activemq.management#">
<dead-letter-address>DLQ</dead-letter-address>
<expiry-address>ExpiryQueue</expiry-address>
<redelivery-delay>0</redelivery-delay>
<!-- with -1 only the global-max-size is in use for limiting -->
<max-size-bytes>-1</max-size-bytes>
<message-counter-history-day-limit>10</message-counter-history-day-limit>
<address-full-policy>PAGE</address-full-policy>
<auto-create-queues>true</auto-create-queues>
<auto-create-addresses>true</auto-create-addresses>
<auto-create-jms-queues>true</auto-create-jms-queues>
<auto-create-jms-topics>true</auto-create-jms-topics>
</address-setting>
<!--default for catch all-->
<address-setting match="#">
<dead-letter-address>DLQ</dead-letter-address>
<expiry-address>ExpiryQueue</expiry-address>
<redelivery-delay>0</redelivery-delay>
<!-- with -1 only the global-max-size is in use for limiting -->
<max-size-bytes>-1</max-size-bytes>
<message-counter-history-day-limit>10</message-counter-history-day-limit>
<address-full-policy>PAGE</address-full-policy>
<auto-create-queues>true</auto-create-queues>
<auto-create-addresses>true</auto-create-addresses>
<auto-create-jms-queues>true</auto-create-jms-queues>
<auto-create-jms-topics>true</auto-create-jms-topics>
</address-setting>
</address-settings>
<addresses>
<address name="DLQ">
<anycast>
<queue name="DLQ" />
</anycast>
</address>
<address name="ExpiryQueue">
<anycast>
<queue name="ExpiryQueue" />
</anycast>
</address>
</addresses>
<!-- Uncomment the following if you want to use the Standard LoggingActiveMQServerPlugin pluging to log in events
<broker-plugins>
<broker-plugin class-name="org.apache.activemq.artemis.core.server.plugin.impl.LoggingActiveMQServerPlugin">
<property key="LOG_ALL_EVENTS" value="true"/>
<property key="LOG_CONNECTION_EVENTS" value="true"/>
<property key="LOG_SESSION_EVENTS" value="true"/>
<property key="LOG_CONSUMER_EVENTS" value="true"/>
<property key="LOG_DELIVERING_EVENTS" value="true"/>
<property key="LOG_SENDING_EVENTS" value="true"/>
<property key="LOG_INTERNAL_EVENTS" value="true"/>
</broker-plugin>
</broker-plugins>
-->
</core>
</configuration>
I pointed out for Artemis -Xmx6G, but it didn’t affect anything, only about 5-7% of the allocated memory is consumed
Please tell me why this error occurs and how to improve performance?
I had a different version of the artemis jms client in the project, after I strictly indicated which version to use, the error went away

JBoss datasource reference in web.xml fails

I have the following configuration in my web.xml
<resource-ref id="ResourceRef_1234567890">
<res-ref-name>jdbc/pcbDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Application</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
While I deploy my application I am getting the following error.
16:29:57,745 ERROR [org.jboss.as.controller.management-operation] (HttpManagementService-threads - 6) JBAS014612: Operation ("deploy") failed - address: ([("deployment" => "APP-5.3.ear")]) - failure description: {"JBAS014771: Services with missing/unavailable dependencies" => [
"jboss.naming.context.java.module.\"App-5.3\".\"WebArchive-5.1\".env.jdbc.pcbDB is missing [jboss.naming.context.java.jboss.resources.jdbc.pcbDB]"
]}
Rollback happens following that,
16:29:57,777 ERROR [org.jboss.as.server] (HttpManagementService-threads - 6) JBAS015870: Deploy of deployment "APP-5.3.ear" was rolled back with the following failure message:
{"JBAS014771: Services with missing/unavailable dependencies" => [
"jboss.naming.context.java.module.\"App-5.3\".\"WebArchive-5.1\".env.jdbc.pcbDB is missing [jboss.naming.context.java.jboss.resources.jdbc.pcbDB]"
]}
I have corresponding datasource created in standalone.xml. From the web console Test Connection Succeeds....
Name: pcbdb
JNDI: java:/jdbc/pcbDB
And this is the datasource definition I have in standalone.xml.....
<!--Here is datasource config.... As I had many spaces in xml config I couldn't add it as code..... Now I have copied it by the char comes with tilt ~ -->
<datasource jndi-name="java:/jdbc/pcbDB" pool-name="pcbdb" enabled="true">
<connection-url>jdbc:oracle:thin:#(DESCRIPTION=(LOAD_BALANCE=off)(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=XE)(SERVER=DEDICATED)))</connection-url>
<driver>com.oracle</driver>
<pool>
<min-pool-size>3</min-pool-size>
<max-pool-size>5</max-pool-size>
</pool>
<security>
<user-name>pcbdb</user-name>
<password>passwd</password>
</security>
<validation>
<exception-sorter class-name="org.jboss.resource.adapter.jdbc.vendor.OracleExceptionSorter"/>
</validation>
<timeout>
<blocking-timeout-millis>5000</blocking-timeout-millis>
<idle-timeout-minutes>5</idle-timeout-minutes>
</timeout>
</datasource>
Please give the solution.... For the same I have the context.lookup as well. It looks like initCtx.lookup("java:comp/env/jdbc/pcbDB");... is this correct......?
JDNI lookup fails for this,- java:comp/env/jdbc/pcbDB
JNDI lookup for this string,- java:/jdbc/pcbDB succeeds....

JBoss 5.0.0.GA datasource security-domain and login-config.xml

Running into an issue where our datasources for two different DBMS (MS-SQLServer and Informix) are not picking up the security-domain configuration in the login-config.xml file.
Our datasources look like this:
<datasources>
<local-tx-datasource>
<jndi-name>ourTX</jndi-name>
<connection-url>jdbc:informix-sqli://our.server.com:1526/wlms:informixserver=ol_db</connection-url>
<driver-class>com.informix.jdbc.IfxDriver</driver-class>
<security-domain>ourDS</security-domain>
<!-- corresponding type-mapping in the standardjbosscmp-jdbc.xml (optional) -->
<metadata>
<type-mapping>InformixDB</type-mapping>
</metadata>
<min-pool-size>5</min-pool-size>
<max-pool-size>50</max-pool-size>
<prefill>yes</prefill>
<prepared-statement-cache-size>10</prepared-statement-cache-size>
<idle-timeout-minutes>5</idle-timeout-minutes>
<new-connection-sql>set lock mode to wait 4;set isolation to cursor stability;</new-connection-sql>
<check-valid-connection-sql>SELECT count(*) FROM dummy;</check-valid-connection-sql>
</local-tx-datasource>
</datasources>
And our login-config.xml has the following entry:
<application-policy name="ourDS">
<authentication>
<login-module code="org.jboss.resource.security.SecureIdentityLoginModule" flag="required">
<module-option name="userName">user</module-option>
<module-option name="password">-4e5f8b6c4217c342c03b57ed16d31678</module-option>
<module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=ourTX</module-option>
</login-module>
</authentication>
</application-policy>
However, once the JBoss server is deployed, we get an error like this for Informix:
13:23:13,521 WARN [JBossManagedConnectionPool] Throwable while attempting to get a new connection: null
org.jboss.resource.JBossResourceException: Could not create connection; - nested throwable: (java.sql.SQLException: Incorrect password or user com.informix.asf.IfxASFRemoteException: user#my.computer.com is not known on the database server.)
And for MS-SQLServer we get a similar error to Informix which looks like:
13:25:23,053 WARN [JBossManagedConnectionPool] Throwable while attempting to get a new connection: null
org.jboss.resource.JBossResourceException: Could not create connection; - nested throwable: (com.microsoft.sqlserver.jdbc.SQLServerException: Login failed for user ''. The user is not associated with a trusted SQL Server connection.)
Now if, we comment out the security-domain element in the *-ds.xml file and replace it with a simple user name and a clear text password, both datasource work with both database engines. We're using the 'all' server configuration in JBoss. We've made sure that login-config.xml is getting loaded on start-up. And the hqsqldb-ds.xml using the security-domain element works. But using our added application-policy to the login-config.xml, it seems that the datasource does not get the values when establishing a new connection.
Any ideas what we're doing wrong? Have we missed something?
We were testing the validity of the datasource through the admin-console. Because of where we were testing the database, this is bug in the JBoss EAP 5.0.0.GA version. While not confirmed, may also be a but bug in the admin-console for 5.0.1.GA and maybe 5.0.2.GA.
Everything above was actually working.

Resources