[jboss-cvs] JBossAS SVN: r83107 - in branches/JBPAPP_4_2_0_GA_CP/messaging/src: main/org/jboss/mq/il/uil2 and 1 other directory.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Jan 20 09:42:30 EST 2009 

Author: jhowell at redhat.com
Date: 2009-01-20 09:42:30 -0500 (Tue, 20 Jan 2009)
New Revision: 83107

Added:
   branches/JBPAPP_4_2_0_GA_CP/messaging/src/etc/server/examples/deploy/sslext-uil2-service.xml
Modified:
   branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILService.java
   branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILServiceMBean.java
Log:
[JBPAPP-1279] JBAS-3755 : Expose all SSL socket factory settings via properties or attributes for UIL2

Added: branches/JBPAPP_4_2_0_GA_CP/messaging/src/etc/server/examples/deploy/sslext-uil2-service.xml
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/messaging/src/etc/server/examples/deploy/sslext-uil2-service.xml	                        (rev 0)
+++ branches/JBPAPP_4_2_0_GA_CP/messaging/src/etc/server/examples/deploy/sslext-uil2-service.xml	2009-01-20 14:42:30 UTC (rev 83107)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!-- $Id: ssl-uil2-service.xml 33429 2005-07-11 19:59:46Z adrian $ -->
+
+<server>
+
+  <!-- An example invocation layer using ssl
+       JBossMQ using the Unified Invocation Layer
+       All communication uses one socket connection -->
+
+  <mbean code="org.jboss.mq.il.uil2.UILServerILService"
+	 name="jboss.mq:service=InvocationLayer,type=SSLUIL2">
+
+    <!-- The server chain -->
+    <depends optional-attribute-name="Invoker">jboss.mq:service=Invoker</depends>
+
+    <!-- JNDI binding -->
+    <attribute name="ConnectionFactoryJNDIRef">SSLUIL2ConnectionFactory</attribute>
+
+    <!-- JNDI binding for XA -->
+    <attribute name="XAConnectionFactoryJNDIRef">SSLUIL2XAConnectionFactory</attribute>
+
+    <!-- The bind address -->
+    <attribute name="BindAddress">${jboss.bind.address}</attribute>
+
+    <!-- The bind port -->
+    <attribute name="ServerBindPort">8091</attribute>
+
+    <!-- The ping period in millis -->
+    <attribute name="PingPeriod">60000</attribute>
+
+    <!-- Whether tcp/ip does not wait for buffer fills -->
+
+    <attribute name="EnableTcpNoDelay">true</attribute>
+    <!-- Used to disconnect the client on the serverside if there is no activity -->
+    <!-- Ensure this is greater than the ping period -->
+    <attribute name="ReadTimeout">120000</attribute>
+
+    <!-- Used to disconnect the client on the clientside if there is no activity -->
+    <!-- Ensure this is greater than the ping period -->
+    <attribute name="ClientReadTimeout">300000</attribute>
+
+    <!-- The size of the buffer (in bytes) wrapping the socket -->
+    <!-- The buffer is flushed after each request -->
+    <attribute name="BufferSize">2048</attribute>
+
+    <!-- Large messages may block the ping/pong -->
+    <!-- A pong is simulated after each chunk (in bytes) for both reading and writing -->
+    <!-- It must be larger than the buffer size -->
+    <attribute name="ChunkSize">1000000</attribute>
+    
+    <!-- Minimum number of threads in the internal thread pool -->
+    <attribute name="MinimumThreads">1</attribute>
+    
+    <!-- Maximum number of threads in the internal thread pool -->
+    <!-- This is not strict, it represents how many threads go back into the pool -->
+    <!-- rather than are reaped immediately -->
+    <attribute name="MaximumThreads">50</attribute>
+    
+    <!-- The timeout for unused threads in the internal pool in millis -->
+    <attribute name="TimeoutThreads">60000</attribute>
+
+    <!-- SSL Socket Factories -->
+    <attribute name="ClientSocketFactory">org.jboss.security.ssl.ClientSocketFactory</attribute>
+    <attribute name="ServerSocketFactoryBean"
+             attributeClass="org.jboss.security.ssl.DomainServerSocketFactory"
+             serialDataType="javaBean">
+            <property name="bindAddress">${jboss.bind.address}</property>
+            <property name="securityDomain">java:/jaas/SSL</property>
+            <property name="wantsClientAuth">true</property>
+            <property name="needsClientAuth">true</property>
+            <property name="CiperSuites">TLS_DHE_DSS_WITH_AES_128_CBC_SHA</property>
+            <property name="Protocols">SSLv2Hello,SSLv3,TLSv1</property>
+    </attribute>
+  </mbean>
+
+  <!-- Configures the keystore on the security domain
+       This mbean is better placed in conf/jboss-service.xml where it
+       can be used by other services. But it will still work from anywhere.
+       Use keytool from the sdk to create the keystore.
+  -->
+  <mbean code="org.jboss.security.plugins.JaasSecurityDomain"
+         name="jboss.security:service=JaasSecurityDomain,domain=SSL">
+     <!-- This must correlate with the java:/jaas/SSL above -->
+     <constructor>
+        <arg type="java.lang.String" value="SSL"/>
+     </constructor>
+     <!-- The location of the keystore
+          resource: loads from the classloaders conf/ is the first classloader -->
+     <attribute name="KeyStoreURL">resource:test.keystore</attribute>
+     <attribute name="KeyStorePass">changeme</attribute>
+  </mbean>
+
+</server>

Modified: branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILService.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILService.java	2009-01-20 14:00:27 UTC (rev 83106)
+++ branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILService.java	2009-01-20 14:42:30 UTC (rev 83107)
@@ -510,6 +510,22 @@
       return name;
    }
 
+   /** Set the javax.net.ServerSocketFactory instance to use to
+    * create the service SocketFactory.
+    */
+   public void setServerSocketFactoryBean(ServerSocketFactory factory)
+   {
+      serverSocketFactory = factory;
+   }
+
+   /** Get the javax.net.ServerSocketFactory instance used to
+    * create the service SocketFactory.
+    */
+   public ServerSocketFactory getServerSocketFactoryBean()
+   {
+      return serverSocketFactory;
+   }
+
    /** Set the security domain name to use with SSL aware socket factories
     *@jmx:managed-attribute
     */

Modified: branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILServiceMBean.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILServiceMBean.java	2009-01-20 14:00:27 UTC (rev 83106)
+++ branches/JBPAPP_4_2_0_GA_CP/messaging/src/main/org/jboss/mq/il/uil2/UILServerILServiceMBean.java	2009-01-20 14:42:30 UTC (rev 83107)
@@ -140,6 +140,15 @@
    java.lang.String getServerSocketFactory();
 
    /**
+    * Set the javax.net.ServerSocketFactory instance used to create the service SocketFactory.
+    */
+   void setServerSocketFactoryBean(javax.net.ServerSocketFactory factory);
+   /**
+    * Get the javax.net.ServerSocketFactory instance used to create the service SocketFactory.
+    */
+   javax.net.ServerSocketFactory getServerSocketFactoryBean();
+
+   /**
     * Set the security domain name to use with SSL aware socket factories
     */
    void setSecurityDomain(java.lang.String domainName);

More information about the jboss-cvs-commits mailing list