Commit Graph

907 Commits

Author SHA1 Message Date
Clebert Suconic cc4a51a3ea [maven-release-plugin] prepare for next development iteration 2021-08-06 17:04:18 -04:00
Clebert Suconic 0b30187091 [maven-release-plugin] prepare release 2.18.0 2021-08-06 17:04:16 -04:00
Clebert Suconic 0e2ce484ba [maven-release-plugin] prepare for next development iteration 2021-08-06 13:46:56 -04:00
Clebert Suconic cb705b5c5c [maven-release-plugin] prepare release 2.18.0 2021-08-06 13:46:54 -04:00
Domenico Francesco Bruscino 9fd1d5941d ARTEMIS-3365 Fix NPE on CORE client disconnecting 2021-08-06 18:48:49 +02:00
Domenico Francesco Bruscino 3555dd7d25 ARTEMIS-3365 Add broker balancers 2021-08-06 08:33:21 -04:00
Domenico Francesco Bruscino 6d2b96c79e ARTEMIS-3275 Lock CORE client communication during failover retries 2021-08-06 08:32:59 -04:00
gtully ca7a100de0 ARTEMIS-3340 Sequential activation tracking for pluggable quorum replication policies + peer
Co-authored-by: franz1981 <nigro.fra@gmail.com>
2021-08-05 14:18:20 -04:00
Francesco Nigro 536271485f ARTEMIS-2716 Pluggable Quorum Vote 2021-08-05 14:18:20 -04:00
Clebert Suconic feddd94276 NO-JIRA Updating parameter description 2021-08-04 17:08:11 -04:00
Domenico Francesco Bruscino a741ae9994 ARTEMIS-3367 Set verifyHost true for connectors by default 2021-08-03 18:14:51 -04:00
Clebert Suconic 813ed88ecb ARTEMIS-3243 Implementing dual mirror with Broker Connections
There are some major tests added as part of this PR.

This PR has been done through an extensive collaboration with Robbie Gemmel on https://github.com/apache/activemq-artemis/pull/3633
2021-08-03 16:50:43 -04:00
Justin Bertram 516f3425e7 ARTEMIS-3393 support securityDomain on in-vm acceptor 2021-08-03 10:19:22 -04:00
Justin Bertram 7a9de8eea3 ARTEMIS-3302 swap deprecated X509Certificate
Casting the result of getPeerCertificates() to X509Certificate[] mirrors
what is done in the ActiveMQ "Classic" code-base.

A few tests which were imported from ActiveMQ "Classic" to verify our
OpenWire implementation were removed as they relied on a "stub"
implementation of javax.net.ssl.SSLSession that never would have worked
across multiple JDKs once javax.security.cert.X509Certificate[] was
removed. Furthermore, the tests appeared to be related to the OpenWire
*client* and not relevant to our broker-side implementation.
2021-08-03 09:55:36 -04:00
Andy Taylor c358688fd6 ARTEMIS-3404 - expose max retry interval on bridge mbean
https://issues.apache.org/jira/browse/ARTEMIS-3404
2021-08-03 09:07:39 -04:00
Justin Bertram b7f9807cd9 ARTEMIS-2919 support timestamping incoming messages 2021-07-06 14:09:00 -05:00
Justin Bertram 1d02d06eab ARTEMIS-3374 config-managed queue can be deleted by durable subscriber 2021-07-06 14:06:39 -05:00
Robbie Gemmell 567c4fc16b ARTEMIS-3155: fix javadoc error introduced in #3624 2021-06-15 12:53:43 +01:00
Justin Bertram 867bf5e01e ARTEMIS-3155 support better backwards compatibility
Support better backwards compability for SSL keyStoreProvider and
trustStoreProvider.
2021-06-14 18:04:06 -04:00
Markus Meierhofer 3b1f6eee7d ARTEMIS-3337: Correctly handle multiple connection failures
Previously, when during reconnect one session couldn't be transferred
to the new connection, we instantly returned and didn't execute failover
for the other sessions. This produced the issue that for sessions
where no failover was executed, their channels were still present on the
old connection. When the old connection was then destroyed, these channels
were closed although the reconnect was still ongoing, which lead to
"dead" sessions.

Now, if a session failover fails, for the remaining sessions the "client-side" part
of failover is executed, which removes the sessions from the old connection so that
they are not closed when the old connection is closed afterwards.
2021-06-14 16:36:23 -04:00
Justin Bertram 26b83985cf ARTEMIS-3330 JMS session stopped on failed rollback 2021-06-07 15:00:34 -04:00
Clebert Suconic 7137252c5d NO-JIRA fixing spelling udpate as update 2021-06-03 10:43:11 -04:00
Robbie Gemmell c993b5a0e9 NO-JIRA: fix javadoc errors on JDK11+, enable CI javadoc check on JDK11+ 2021-06-02 17:37:06 +01:00
franz1981 14dddb04d7 ARTEMIS-3280 Netty Pool micrometer metric plugin 2021-05-27 13:32:06 -05:00
Domenico Francesco Bruscino ba6422d45f ARTEMIS-3315 Fix JSON serialization of AMQP messages
Replace the JSON serialization errors for unknown types with their respective string representation.
2021-05-27 11:31:25 -04:00
Erwin Dondorp d50fbc4908 ARTEMIS-3258 added warning for url parameters that are explicitly ignored 2021-05-24 13:38:07 -05:00
Domenico Francesco Bruscino e03c4fe193 ARTEMIS-3309 Add a parameter to limit messages to move or transfer 2021-05-24 14:09:20 -04:00
Justin Bertram 81bbca15c1 ARTEMIS-3229 add details to AdressControl MBean 2021-05-24 11:51:14 -05:00
Jacob Middag 6b86770079 NO-JIRA Fix description of DiskStoreUsage
In 73c4e399d9 a description is added to DiskStoreUsage. It incorrectly describes the diskStoreUsage as a percentage. This commit changes it to a fraction which it is (also before the description change). A percentage would be better, since MaxDiskUsage is also specified as percentage.
2021-04-19 12:47:29 -04:00
Domenico Francesco Bruscino b4789a894f ARTEMIS-3221 Migrating to Jakarta EE 8 artifacts 2021-04-09 11:49:59 -04:00
Justin Bertram 186481bbe8 ARTEMIS-3155 differentiate SSL store type and provider
The provider of an SSL key/trust store is different from that store's
type. However, the broker currently doesn't differentiate these and uses
the provider for both. Changing this *may* potentially break existing
users who are setting the provider, but I don't see any way to avoid
that. This is a bug that needs to be fixed in order to support use-cases
like PKCS#11.

Change summary:
 - Added documentation.
 - Consolidated several 2-way SSL tests classes into a single
   parameterized test class. All these classes were essentially the same
   except for a few key test parameters. Consolidating them avoided
   having to update the same code in multiple places.
 - Expanded tests to include different providers & types.
 - Regenerated all SSL artifacts to allow tests to pass with new
   constraints.
 - Improved logging for when SSL handler initialization fails.
2021-03-24 09:08:33 -04:00
dhawkins 4f4231f629 ARTEMIS-3156 Better support for PKCS #11 2021-03-24 09:08:33 -04:00
franz1981 7bd2a4d080 ARTEMIS-3045 NettyConnection should null-check Netty buffer 2021-03-24 09:07:46 -04:00
Andy Taylor bb94d0a5b3 ARTEMIS-3196 - expose journal pool files in JMX
https://issues.apache.org/jira/browse/ARTEMIS-3196
2021-03-23 10:01:24 +00:00
gtully 02bb7031c2 ARTEMIS-3175 - implement address setting management-message-attribute-size-limit to sensibly limit data returned by list/browse/filter management ops 2021-03-23 09:48:45 +00:00
AntonRoskvist e9e1e476ee ARTEMIS-3198 Add concurrency option on core bridges 2021-03-22 19:13:06 -04:00
Erwin Dondorp 1a4fd1d7ae NO-JIRA Cosmetic logging change
prevent items in a debug line to be joined; and 2 additional small inconsistencies for the same
2021-03-16 18:06:38 -04:00
Clebert Suconic f49a163427 ARTEMIS-3137 Fixing Test with wrong message type on Xpath and Core 2021-03-10 21:44:07 -05:00
Justin Bertram eb26f67ab6 ARTEMIS-3137 support XPath filters
Change summary:
 - Remove the existing Xalan-based XPath evaluator since Xalan appears
   to be no longer maintained.
 - Implement a JAXP XPath evaluator (from the ActiveMQ 5.x code-base).
 - Pull in the changes from https://issues.apache.org/jira/browse/AMQ-5333
   to enable configurable XML parser features.
 - Add a method to the base Message interface to make it easier to get
   the message body as a string. This relieves the filter from having
   to deal with message implementation details.
 - Update the Qpid JMS client to get the jms.validateSelector parameter.
2021-03-10 09:32:23 -05:00
franz1981 bc83b31232 ARTEMIS-3133 Reduce memory usage for Null an Ping packets 2021-03-03 13:51:05 -05:00
sebthom 026f3859a2 ARTEMIS-3117 Provide CachingOpenSSLContextFactory
to mitigate performance degradation in JDK 11 during TLS connection
initialization.
2021-03-03 10:06:45 -06:00
franz1981 6c7231928f ARTEMIS-3138 Shared Nothing Live broker shouldn't try to connect to itself (2) 2021-02-25 10:19:02 -05:00
gtully a0ce3812ba ARTEMIS-3067, ARTEMIS-3135 - rework accounting for lazy decoding by directly referencing the owning page store, owner now tracked on a message rather than the message reference. This avoids the error prone checks around potential decoding sites 2021-02-24 15:50:13 +00:00
franz1981 6126d926dd ARTEMIS-3045 ReplicationManager can batch sent replicated packets 2021-02-19 15:18:20 -05:00
Clebert Suconic 21ee5985ea [maven-release-plugin] prepare for next development iteration 2021-02-11 12:00:04 -05:00
Clebert Suconic 36a771150b [maven-release-plugin] prepare release 2.17.0 2021-02-11 11:59:51 -05:00
Clebert Suconic c0867f0361 [maven-release-plugin] prepare for next development iteration 2021-02-09 12:12:48 -05:00
Clebert Suconic 9b473698e0 [maven-release-plugin] prepare release 2.17.0 2021-02-09 12:12:35 -05:00
Clebert Suconic 6ed1e4c87d [maven-release-plugin] prepare for next development iteration 2021-02-08 15:56:31 -05:00
Clebert Suconic 06b29806ca [maven-release-plugin] prepare release 2.17.0 2021-02-08 15:56:18 -05:00
Ingo Karkat 044d6101e9 ARTEMIS-3081 Swap precedence of key/tr.store props
If an application wants to use a special key/truststore for Artemis but
have the remainder of the application use the default Java store, the
org.apache.activemq.ssl.keyStore needs to take precedence over Java's
javax.net.ssl.keyStore. However, the current implementation takes the
first non-null value from
  System.getProperty(JAVAX_KEYSTORE_PATH_PROP_NAME),
  System.getProperty(ACTIVEMQ_KEYSTORE_PATH_PROP_NAME),
  keyStorePath

So if the default Java property is set, no override is possible. Swap
the order of the JAVAX_... and ACTIVEMQ_... property names so that the
ActiveMQ ones come first (as a component-specific overrides), the
standard Java ones comes second, and finally a local attribute value
(through Stream.of(...).firstFirst()).

(In our case the application uses the default Java truststore location
at $JAVA_HOME/lib/security/jssecacerts, and only supplies its password
in javax.net.ssl.trustStorePassword, and then uses a dedicated
truststore for Artemis. Defining both org.apache.activemq.ssl.trustStore
and org.apache.activemq.ssl.trustStorePassword now makes Artemis use the
dedicated truststore (javax.net.ssl.trustStore is not set as we use the
default location, so the second choice
org.apache.activemq.ssl.trustStore applies), but with the Java default
truststore password (first choice javax.net.ssl.trustStorePassword
applies instead of the second choice because it is set for the default
truststore). Obviously, this does not work unless both passwords are
identical!)
2021-02-03 12:02:19 -05:00
Tomas Hofman ebeea15c2a ARTEMIS-3074 Add ActiveMQServerControl#createBridge() method variant accepting a JSON string 2021-02-01 19:21:40 -05:00
Justin Bertram 4fbc8bf67d ARTEMIS-3008 mngmnt op to reload config file 2021-01-25 13:35:19 -06:00
franz1981 2e0f051d2d ARTEMIS-3063 AMQPMessage get property can use a String switch 2021-01-12 12:07:23 +01:00
Andy Taylor ea7f001776 ARTEMIS-3043 - improvements on new console
https://issues.apache.org/jira/browse/ARTEMIS-3043
2021-01-06 10:47:57 -05:00
franz1981 2b585508cc ARTEMIS-3025 JsonReader char[] leak 2020-12-09 10:55:09 -06:00
Domenico Francesco Bruscino 383ec0870e NO-JIRA Mask ssl context log passwords 2020-12-08 10:44:29 -05:00
Clebert Suconic e6a6e81b02 ARTEMIS-3019 expiry changes in AMQP Large Message 2020-12-07 10:44:51 -05:00
sebthom 80c51803da ARTEMIS-3001 Provide address and queue count via ActiveMQServerControl
See https://issues.apache.org/jira/browse/ARTEMIS-3001
2020-11-17 15:55:50 -05:00
Justin Bertram 1551983a73 ARTEMIS-2961 reset TLS values w/forceSSLParameters 2020-11-12 11:06:35 -05:00
Domenico Francesco Bruscino 14ec3cb7b0 ARTEMIS-2976 Remove password before creating server locator 2020-11-05 11:39:35 -05:00
Robbie Gemmell 5ff075b7ff ARTEMIS-2971: add ANONYMOUS and EXTERNAL SASL mechanism support for outgoing AMQP server connections 2020-11-05 11:32:35 -05:00
Clebert Suconic 4e7bb97df7 [maven-release-plugin] prepare for next development iteration 2020-11-02 17:45:51 -05:00
Clebert Suconic 9768017530 [maven-release-plugin] prepare release 2.16.0 2020-11-02 17:45:38 -05:00
Clebert Suconic 28919b6ad8 [maven-release-plugin] prepare for next development iteration 2020-10-30 10:16:29 -04:00
Clebert Suconic af5ca9f1e6 [maven-release-plugin] prepare release 2.16.0 2020-10-30 10:16:17 -04:00
Clebert Suconic 8499eac76c ARTEMIS-2937 Server Side AMQP Connectivity with options to transfer queues or replicate data 2020-10-28 11:37:25 -04:00
franz1981 b5753a0000 ARTEMIS-2958 Timed out waiting pool stop on backup restart
BackupManager::activated should correctly unblock
unauthorized blocking requests to allow a backup broker
to prompty restart in case of live failback
2020-10-22 12:44:42 -04:00
Domenico Francesco Bruscino 90434a4cf4 ARTEMIS-2935 Fix JMX ObjectNames
Fix invalid object names setting a default broker name if it cannot be used.
2020-10-22 15:10:02 +08:00
Emmanuel Hugonnet fdfc58171b [ARTEMIS-2939]: Artemis should not delete corrupt log files.
* Moving corrupted journal files to the attic folder.

Jira: https://issues.apache.org/jira/browse/ARTEMIS-2939
2020-10-20 18:39:06 -04:00
Justin Bertram 75e12b5e1d ARTEMIS-2947 Implement SecurityManager that supports replication 2020-10-19 10:07:57 -04:00
Andy Taylor 0ce173dcb5 ARTEMIS-2838 - migrate to HawtIO 2
https://issues.apache.org/jira/browse/ARTEMIS-2838
2020-10-09 09:20:29 +01:00
Mikko Uoti 2faafec737 ARTEMIS-2823 Use datasource with JDBC store db connections
Replaces direct jdbc connections with dbcp2 datasource. Adds
configuration options to use alternative datasources and to alter the
parameters. While adding slight overhead, this vastly improves the
management and pooling capabilities with db connections.
2020-10-06 08:32:58 +03:00
Andy Taylor c77bf50db4 ARTEMIS-2908 - Persist Divert Configuration in Bindings journal
https://issues.apache.org/jira/browse/ARTEMIS-2908
2020-09-25 10:03:40 -04:00
Justin Bertram 0f60b5a8e4 ARTEMIS-2906 add lastAckTimestamp to message counter 2020-09-24 12:51:00 -04:00
Justin Bertram beaacbfa8d ARTEMIS-2904 prevent acceptor from automatically starting 2020-09-23 20:19:16 -04:00
Justin Bertram 246bf08391 ARTEMIS-2909 revert ARTEMIS-2322
This reverts commit dbb3a90fe6.

The org.apache.activemq.artemis.core.server.Queue#getRate method is for
slow-consumer detection and is designed for internal use only.

Furthermore, it's too opaque to be trusted by a remote user as it only
returns the number of message added to the queue since *the last time
it was called*. The problem here is that the user calling it doesn't
know when it was invoked last. Therefore, they could be getting the
rate of messages added for the last 5 minutes or the last 5
milliseconds. This can lead to inconsistent and misleading results.

There are three main ways for users to track rates of message
production and consumption:

 1. Use a metrics plugin. This is the most feature-rich and flexible
way to track broker metrics, although it requires tools (e.g.
Prometheus) to store the metrics and display them (e.g. Grafana).

 2. Invoke the getMessageCount() and getMessagesAdded() management
methods and store the returned values along with the time they were
retrieved. A time-series database is a great tool for this job. This is
exactly what tools like Prometheus do. That data can then be used to
create informative graphs, etc. using tools like Grafana. Of course, one
can skip all the tools and just do some simple math to calculate rates
based on the last time the counts were retrieved.

 3. Use the broker's message counters. Message counters are the broker's
simple way of providing historical information about the queue. They
provide similar results to the previous solutions, but with less
flexibility since they only track data while the broker is up and
there's not really any good options for graphing.
2020-09-23 12:08:57 -04:00
Bernd Gutjahr 100d070942 ARTEMIS-2878 Add numberOfPages as metric
Added metric 'number.of.pages' to provide numberOfPages for an address.
2020-09-16 09:16:55 -05:00
Justin Bertram e47eb5ae20 ARTEMIS-589 flow control for individual STOMP subscribers 2020-09-16 10:13:47 -04:00
Justin Bertram 6be8966164 ARTEMIS-2901 support namespace for temporary queues 2020-09-16 10:10:28 -04:00
Andy Taylor c29a8cda5c ARTEMIS-2902 - expose at queue control messages held in a prepared tx
https://issues.apache.org/jira/browse/ARTEMIS-2902
2020-09-15 11:08:59 -04:00
Clebert Suconic 7cf5289efa ARTEMIS-2900 Expose property (getWholeMessageSize) so users can intercept size of messages and large messages 2020-09-14 15:35:46 -04:00
Stefan Krutzler 1783aa15cb ARTEMIS-2875 - retry to reattach sessions on failed failover for the specified amount of times set in reconnectAttempts parameter 2020-09-10 08:21:18 +02:00
Justin Bertram 90853409a0 ARTEMIS-2886 optimize security auth
Both authentication and authorization will hit the underlying security
repository (e.g. files, LDAP, etc.). For example, creating a JMS
connection and a consumer will result in 2 hits with the *same*
authentication request. This can cause unwanted (and unnecessary)
resource utilization, especially in the case of networked configuration
like LDAP.

There is already a rudimentary cache for authorization, but it is
cleared *totally* every 10 seconds by default (controlled via the
security-invalidation-interval setting), and it must be populated
initially which still results in duplicate auth requests.

This commit optimizes authentication and authorization via the following
changes:

 - Replace our home-grown cache with Google Guava's cache. This provides
simple caching with both time-based and size-based LRU eviction. See more
at https://github.com/google/guava/wiki/CachesExplained. I also thought
about using Caffeine, but we already have a dependency on Guava and the
cache implementions look to be negligibly different for this use-case.
 - Add caching for authentication. Both successful and unsuccessful
authentication attempts will be cached to spare the underlying security
repository as much as possible. Authenticated Subjects will be cached
and re-used whenever possible.
 - Authorization will used Subjects cached during authentication. If the
required Subject is not in the cache it will be fetched from the
underlying security repo.
 - Caching can be disabled by setting the security-invalidation-interval
to 0.
 - Cache sizes are configurable.
 - Management operations exist to inspect cache sizes at runtime.
2020-08-26 13:36:24 -05:00
Domenico Francesco Bruscino 32bf9680f2 [maven-release-plugin] prepare for next development iteration 2020-08-24 16:03:24 +02:00
Domenico Francesco Bruscino a549fcedde [maven-release-plugin] prepare release 2.15.0 2020-08-24 16:03:12 +02:00
Michael Pearce 2c506cc52a [ARTEMIS-2863] Add support to pause dispatch when group rebalance
Add test case
Add implementation
Add docs
2020-08-19 12:04:50 -04:00
franz1981 40f20cfe6a ARTEMIS-2877 Fix journal replication scalability
This is allowing journal appends to happen in burst
during replication, by batching replication response
into the network at the end of the append burst.
2020-08-17 13:01:41 -04:00
Clebert Suconic c551df770c ARTEMIS-2868 Protect Topology Updates from Split Brain on broker shutdown as well 2020-08-07 12:39:20 -04:00
Clebert Suconic 27cb9b37b1 ARTEMIS-2868 Protect Topology Updates from Split Brain 2020-08-06 17:40:57 -04:00
Clebert Suconic 3d86d78828 ARTEMIS-2587 Exposing ActiveMQServer::isActivate through management at ActiveMQServerControl 2020-07-29 11:41:41 -04:00
Scott Werner e3ed8e815b ARTEMIS-2847 socks5h support
Added 'socksRemoteDNS' transport parameter.
If set to true, remote destination socket is created unresolved
and DNS resolution is disabled.
2020-07-21 16:04:15 -04:00
Clebert Suconic 6690ba1d24 [maven-release-plugin] prepare for next development iteration 2020-07-09 12:49:08 -04:00
Clebert Suconic a76f41a7ed [maven-release-plugin] prepare release 2.14.0 2020-07-09 12:48:54 -04:00
Howard Gao 6f8ff55dec ARTEMIS-2835 Porting HORNETQ-1575 and HORNETQ-1578
1 of 2) - Porting of HORNETMQ-1575

In a live-backup scenario, when live is down and backup becomes live, clients
using HA Connection Factories can failover automatically. However if a
client decides to create a new connection by itself (as in camel jms case)
there is a chance that the new connection is pointing to the dead live
and the connection won't be successful. The reason is that if the old
connection is gone the backup will not get a chance to announce itself
back to client so it fails on initial connection.

The fix is to let CF remember the old topology and use it on any
initial connection attempts.
2020-07-08 11:27:36 -04:00
Justin Bertram fd207e75b0 ARTEMIS-2829 wrong return type for getDiskStoreUsage
Since getDiskStoreUsage on the ActiveMQServerControl is converting a
double to a long the value is always 0 in the management API. It should
return a double instead.
2020-07-07 08:18:28 -04:00
Justin Bertram cb7cd729d7 ARTEMIS-2828 add addressSize metric
Adding this metric required moving the meter registration code from the
AddressInfo class to the ManagementService in order to get clean access
to both the AddressInfo and AddressControl classes.
2020-07-07 08:18:28 -04:00
Justin Bertram 73c4e399d9 NO-JIRA clarify diskStoreUsage description 2020-07-07 08:18:28 -04:00
Justin Bertram ac8ffedf66 ARTEMIS-2827 add addressMemoryUsagePercentage as metric 2020-07-07 08:18:28 -04:00
Justin Bertram 26091f1907 ARTEMIS-2825 wrong calc for DiskStoreUsagePercentage
The calculation used by
ActiveMQServerControlImpl.getDiskStoreUsagePercentage() is incorrect. It
uses disk space info with global-max-size which is for address memory.
Also, the existing getDiskStoreUsage() method *already* returns a
percentage of total disk store usage so this method seems redundant.
2020-07-07 08:18:28 -04:00