Commit Graph

789 Commits

Author SHA1 Message Date
Luis De Bello cf73e895f3
ARTEMIS-3613: Deprecating stompMaxFramePayloadLength in favour of webSocketMaxFramePayloadLength 2022-02-07 19:44:18 -06:00
Domenico Francesco Bruscino 290e5016c8
ARTEMIS-3645 Support broker balancer cache persistence 2022-02-07 19:08:00 -06:00
Justin Bertram d377a5a638 ARTEMIS-3658 remove refs to Jetty's deprecated NCSARequestLog 2022-02-04 13:48:49 -05:00
Justin Bertram 9c459eb313 ARTEMIS-2413 upgrade JGroups
JGroups 3.x hasn't been updated in some time now. The last release was
in April 2020 almost 2 years ago. Lots of protocols have been updated
and added and users are wanting to use them. There is also increasing
concern about using older components triggered mainly by other
recently-discovered high-profile vulnerabilities in the wider Open
Source Java community.

This commit bumps JGroups up to the latest release - 5.2.0.Final.
However, there is a cost associated with upgrading.

The old-style properties configuration is no longer supported. I think
it's unlikely that end-users are leveraging this because it is not
exposed via broker.xml. The JGroups XML configuration has been around
for a long time, is widely adopted, and is still supported. I expect
most (if not all) users are using this. However, a handful of tests
needed to be updated and/or removed to deal with this absence.

Some protocols and/or protocol properties are no longer supported. This
means that users may have to change their JGroups stack configurations
when they upgrade. For example, our own clustered-jgroups example had to
be updated or it wouldn't run properly.
2022-02-04 13:47:11 -05:00
Justin Bertram e184038d05 ARTEMIS-3670 support diverting to multiple addresses 2022-02-04 11:39:16 -05:00
Justin Bertram 8063110644 ARTEMIS-3638 Support MQTT 5
MQTT 5 is an OASIS standard which debuted in March 2019. It boasts
numerous improvments over its predecessor (i.e. MQTT 3.1.1) which will
benefit users. These improvements are summarized in the specification
at:
https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901293

The specification describes all the behavior necessary for a client or
server to conform. The spec is highlighted with special "normative"
conformance statements which distill the descriptions into concise
terms. The specification provides a helpful summary of all these
statements. See:
https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901292

This commit implements all of the mandatory elements from the
specification and provides tests which are identified using the
corresponding normative conformance statement. All normative
conformance statements either have an explicit test or are noted in
comments with an explanation of why an explicit test doesn't exist. See
org.apache.activemq.artemis.tests.integration.mqtt5 for all those
details.

This commit also includes documentation about how to configure
everything related to the new MQTT 5 features.
2022-02-04 09:57:15 -05:00
Gergő Rubint 605079d4ba NO-JIRA: Fix Undelivered Messages typo 2022-02-04 09:28:36 +01:00
Paul Wright ba62bc66a7 NO-JIRA: fix broken links in docs
This closes #3798
2022-02-02 16:21:10 +00:00
Gergő Rubint 99466278f1 NO-JIRA: Fix Address Model Auto Address Deletion typo
This closes #3920
2022-02-02 16:20:51 +00:00
Justin Bertram 30d27c6226
NO-JIRA add version info on 2.20.0 2022-01-20 10:37:27 -06:00
Justin Bertram f7bb4c754a
NO-JIRA update Java version in documentation 2022-01-20 08:54:58 -06:00
Justin Bertram 9ae18066b3
NO-JIRA clarify doc on security-setting with FQQN 2022-01-14 17:06:36 -06:00
Justin Bertram 1ddfa069bf
NO-JIRA update logos with ® and better quality 2022-01-14 17:01:18 -06:00
Clebert Suconic 4e52758a62 NO-JIRA Updating activemq.org links 2021-12-20 14:46:01 -05:00
Marlon Müller d56d299456 ARTEMIS-3574 multiple bindings for embedded webserver
* Add BindingDTO to allow configuring multiple addresses to listen on
* Start a new ServerConnector for each binding and deploy the corresponding web-applications
* Update documentation and tests
* Add tests to verify old and new configuration style produce equal results
2021-12-14 19:16:34 -05:00
Clebert Suconic 1857017abe Revert "ARTEMIS-3574 multiple bindings for embedded webserver"
This reverts commit 182334359c.
2021-12-14 15:18:16 -05:00
Marlon Müller 182334359c ARTEMIS-3574 multiple bindings for embedded webserver
* Add BindingDTO to allow configuring multiple addresses to listen on
* Start a new ServerConnector for each binding and deploy the corresponding web-applications
* Update documentation and tests
* Add tests to verify old and new configuration style produce equal results
2021-12-14 09:38:59 -05:00
gtully 158157260c ARTEMIS-2097 - via elastic queue use case test based on ARTEMIS-3365 and ARTEMIS-3569
scenario - avoid paging, if address is full chain another broker and produce to the head, consume from the tail using producer and consumer roles to partition connections. When tail is drained, drop it.
 - adds a option to treat an idle consumer as slow
 - adds basic support for credit based address blocking ARTEMIS-2097
 - adds some more visiblity to address memory usage and balancer attribute modifier operations
2021-12-09 10:14:20 +00:00
gtully e0b16217a1 ARTEMIS-3594 - add support for a local target key transformer and an instance of CONSISTENT_HASH_MODULO that can be used to partition in a static cluster 2021-12-07 13:17:37 +00:00
Robbie Gemmell e04f3214cb NO-JIRA: update source file to ensure apache/activemq-website#68 remains resolved for future site refreshes 2021-12-01 12:07:05 +00:00
nbrendah ff0e97150e Broken link in tests.md 2021-11-29 12:03:41 -05:00
gtully b979189187 ARTEMIS-3569 - balancer role_name local target, matches role of authenticated user 2021-11-24 11:28:16 +01:00
gtully 8d50aa916c ARTEMIS-3581 - allow max-size-bytes=0 configuration force paging for an address, independent of the page-size-bytes 2021-11-18 09:44:13 +00:00
pahamala a0c4cba7e1 ARTEMIS-3140 Extra options in LDAP login module
Adds support for extra configuration options to LDAP login module to
prepare for supporting any future/custom string configuration in LDAP
directory context creation.

Details:

 - Changed LDAPLoginModule to pass any string configuration not
recognized by the module itself to the InitialDirContext contruction
environment.
 - Changed the static LDAPLoginModule configuration key fields to an
enum to be able to loop through the specified keys (e.g. to filter out
the internal LDAPLoginModule configuration keys from the keys passed to
InitialDirContext).
 - Few fixes for issues reported by static analysis tools.
 - Tested that LDAP authentication with TLS+GSSAPI works against a
recent Windows AD server with Java
OpenJDK11U-jdk_x64_windows_hotspot_11.0.13_8 by setting the property
com.sun.jndi.ldap.tls.cbtype (see ARTEMIS-3140) in JAAS login.conf.
 - Moved LDAPLoginModuleTest to the correct package to be able to
access LDAPLoginModule package privates from the test code.
 - Added a test to LDAPLoginModuleTest for the task changes.
 - Updated documentation to reflect the changes.
2021-10-29 12:19:30 -05:00
Erwin Dondorp 524bc7bd71 ARTEMIS-3531 after review comment from gtully 2021-10-21 10:36:40 +01:00
Erwin Dondorp 99ed1a7056 ARTEMIS-3531 added documentation for address-setting "management-message-attribute-size-limit" 2021-10-21 10:36:40 +01:00
gtully 1ef059db2b ARTEMIS-3533, ARTEMIS-3308 - doc extra params and large messages for federation 2021-10-20 10:02:31 +01:00
Justin Bertram f3f92edd2e NO-JIRA update release notes for 2.19.0 2021-10-11 10:56:21 -05:00
gtully 5508b8a87a ARTEMIS-3365 - add simple local-target balancer example with amqp failover, remove manditory pool and policy config and update doc with data gravity concept 2021-10-07 15:23:58 +01:00
Robbie Gemmell a5b5a504e0 ARTEMIS-3038: unwind effect of defunct changes from ARTEMIS-1264
Follows earlier test removal in a3de3d4c75
2021-10-07 10:45:02 +01:00
Justin Bertram 1740f9cfef
ARTEMIS-3488 add system property for setting key in DefaultSensitiveStringCodec 2021-10-06 11:12:41 -05:00
Justin Bertram 1992143836 ARTEMIS-1960 clarify scale-down docs 2021-09-27 13:55:15 -05:00
Domenico Francesco Bruscino 371a7099a6 NO-JIRA clarify console access using certs
Co-authored-by: Paul Wright <5154224+pwright@users.noreply.github.com>
2021-09-27 07:04:50 +02:00
Robbie Gemmell 8c90068527 ARTEMIS-3106: list the actual mechanism names not just the generalisation 2021-09-24 15:23:39 +01:00
gtully 28a10450b7 ARTEMIS-3106 - add some doc for SASL SCRAM-SHA
Update docs/user-manual/en/security.md
Co-authored-by: Robbie Gemmell <robbie@apache.org>
2021-09-24 15:03:00 +01:00
Justin Bertram dada1cdb6a
NO-JIRA update versions doc 2021-09-19 21:35:52 -05:00
Andy Taylor 0545664b3d ARTEMIS-3474 - replace whitelist with allowlist in management.xml
https://issues.apache.org/jira/browse/ARTEMIS-3474
2021-09-16 17:19:02 -05:00
Paul Wright 236f280688 remove duplicate cache-timeout docs 2021-09-16 17:17:33 -05:00
Robbie Gemmell 8451f50b57 ARTEMIS-3486: update docs around data tools commands, note use of broker instance and refresh shown output 2021-09-16 17:16:38 -05:00
Clebert Suconic 0f23e29f01 NO-JIRA Rewording chapter Protocols as they don't refer to APIs 2021-09-16 11:42:24 -04:00
Paul Wright 1d73f7d2eb update description of cache-timeout 2021-09-16 10:48:02 -04:00
Justin Bertram 447422604c ARTEMIS-3484 flesh out Jakarta Messaging support
Back in version 2.17.0 we began to provide Maven artifacts for Jakarta
Messaging client resources. This commit expands that support in the
following ways:

 - Distribute a Jakarta Messaging 3.0 client with the broker (in the
   'lib/client' directory alongside the JMS client.
 - Update documentation.
 - Add example using the Jakarta Messaging client.
 - Update Artemis CLI to use core instead of JMS as it was causing
   conflicts with the new Jarkarta Messaging client.
 - Add example to build Jarkarta Messaging version of the JCA RA for
   deployment into Jakarta EE 9 application servers.
2021-09-15 15:20:54 -04:00
Justin Bertram 6ec4ab6766 NO-JIRA update 'versions' doc
- Added more new features for 2.18.0.
 - Added links for new features in 2.18.0.
 - Added missing upgrade instructions for 2.18.0 & 2.16.0.
2021-09-14 12:10:49 -05:00
Paul Wright 1f1ee28b34 NO-JIRA fixing doc about pools 2021-09-09 15:45:17 -04:00
franz1981 1e5b361b6a ARTEMIS-3446 Pluggable quorum vote force live CLI command 2021-09-06 18:14:29 +02:00
gtully 276f822a0e ARTEMIS-1925 - allow redistribution with new loadbalance type of OFF_WITH_REDISTRIBUTION to ensure local consumers get priority, we only optionally redistribute when messages are stuck 2021-09-06 11:18:11 +01:00
gtully 224b89810d ARTEMIS-2007 - allow redistribution if there are unmatched messages pending on a queue and there is new remote demand 2021-09-06 10:40:39 +01:00
Justin Bertram 6ee7e72db1 ARTEMIS-3445 automatically clean-up abandoned MQTT subscriptions 2021-09-03 16:48:01 -04:00
tdinev 79a4154573 Correct minor typo 2021-09-01 12:35:43 -04:00
Paul Wright 0e909cfcff update link for download 2021-09-01 12:35:07 -04:00
Justin Bertram 04232db99d NO-JIRA add upgrade details for 2.18.0 2021-08-25 12:14:39 -05:00
Robbie Gemmell d7f30e7a33 ARTEMIS-3421: update docs to reflect change in default, missed from ARTEMIS-3367, and clarify a bit 2021-08-18 16:24:08 +01:00
Clebert Suconic 36620e9475 NO-JIRA Update version.md for documentation 2021-08-06 16:42:46 -04:00
Domenico Francesco Bruscino 3555dd7d25 ARTEMIS-3365 Add broker balancers 2021-08-06 08:33:21 -04:00
gtully ca7a100de0 ARTEMIS-3340 Sequential activation tracking for pluggable quorum replication policies + peer
Co-authored-by: franz1981 <nigro.fra@gmail.com>
2021-08-05 14:18:20 -04:00
Francesco Nigro 536271485f ARTEMIS-2716 Pluggable Quorum Vote 2021-08-05 14:18:20 -04:00
Clebert Suconic b34363964f ARTEMIS-3243 Fixing typo on amqp-broker-connections.md 2021-08-05 12:00:54 -04:00
Clebert Suconic 813ed88ecb ARTEMIS-3243 Implementing dual mirror with Broker Connections
There are some major tests added as part of this PR.

This PR has been done through an extensive collaboration with Robbie Gemmel on https://github.com/apache/activemq-artemis/pull/3633
2021-08-03 16:50:43 -04:00
Justin Bertram 3a8e9953f1 NO-JIRA add broker config doc for REST 2021-07-20 15:38:35 -05:00
Justin Bertram eefb748552 NO-JIRA update REST doc with caveats 2021-07-20 15:11:20 -05:00
Justin Bertram b7f9807cd9 ARTEMIS-2919 support timestamping incoming messages 2021-07-06 14:09:00 -05:00
Justin Bertram 48d489ec42
NO-JIRA clarify broker setup/config doc 2021-06-15 12:16:11 -05:00
Justin Bertram 9791a96c58
NO-JIRA further clarify clustered grouping 2021-06-11 11:47:16 -05:00
Erwin Dondorp 3ff70cb7d3 ARTEMIS-3334 suggest to use the etc directory, which is already in the classpath and also has all other config files 2021-06-10 09:22:53 -04:00
Justin Bertram a38f0092f2
ARTEMIS-1883 clarify docs for use of '::' 2021-06-07 13:45:01 -05:00
Clebert Suconic 7137252c5d NO-JIRA fixing spelling udpate as update 2021-06-03 10:43:11 -04:00
franz1981 14dddb04d7 ARTEMIS-3280 Netty Pool micrometer metric plugin 2021-05-27 13:32:06 -05:00
Justin Bertram 6bdb511bbd
NO-JIRA update JDBC docs 2021-05-25 13:15:11 -05:00
Justin Bertram 295cf7996b
NO-JIRA fix cluster doc XML order 2021-05-25 11:37:59 -05:00
Justin Bertram a3fb3ffdce
NO-JIRA fix security doc typo 2021-05-25 11:21:03 -05:00
Justin Bertram e9c94e57d9 ARTEMIS-3288 support bulk user loading with basic security manager 2021-05-25 11:13:35 -05:00
Martyn Taylor 3c0e14de58 ARTEMIS-3283 Added SlowConsumerThreshold unit configuration option 2021-05-24 11:49:38 -05:00
Clebert Suconic 27c343913f ARTEMIS-3297 Journal Retention Feature 2021-05-18 16:29:18 -04:00
Erwin Dondorp a008c0ecc9 ARTEMIS-3257 fixed documentation issue wrt federation configuration 2021-04-20 16:18:46 -04:00
Justin Bertram e633e173ea NO-JIRA management doc updates and clarifications 2021-04-01 12:18:03 -05:00
Andy Taylor 658d45f543 ARTEMIS-3202 - add a flag to deleted diverts removed from config
https://issues.apache.org/jira/browse/ARTEMIS-3202
2021-03-24 19:24:16 -04:00
Justin Bertram 186481bbe8 ARTEMIS-3155 differentiate SSL store type and provider
The provider of an SSL key/trust store is different from that store's
type. However, the broker currently doesn't differentiate these and uses
the provider for both. Changing this *may* potentially break existing
users who are setting the provider, but I don't see any way to avoid
that. This is a bug that needs to be fixed in order to support use-cases
like PKCS#11.

Change summary:
 - Added documentation.
 - Consolidated several 2-way SSL tests classes into a single
   parameterized test class. All these classes were essentially the same
   except for a few key test parameters. Consolidating them avoided
   having to update the same code in multiple places.
 - Expanded tests to include different providers & types.
 - Regenerated all SSL artifacts to allow tests to pass with new
   constraints.
 - Improved logging for when SSL handler initialization fails.
2021-03-24 09:08:33 -04:00
gtully d71d54b38a ARTEMIS-3168 - add example using authentication delegation to keycloak, principal conversion for jms clients and oath for the web cosole 2021-03-23 09:51:50 +00:00
gtully 06461f146c ARTEMIS-3168 - add PrincipalConversionLoginModule feature 2021-03-23 09:51:50 +00:00
gtully 8fd1b33d16 ARTEMIS-3197 - add selectorAware option to virtualTopicConsumerWildcards for openwire acceptor 2021-03-22 19:15:02 -04:00
AntonRoskvist e9e1e476ee ARTEMIS-3198 Add concurrency option on core bridges 2021-03-22 19:13:06 -04:00
Justin Bertram fea5e246e7 ARTEMIS-3166 support disabling configuration file reload 2021-03-17 09:52:13 -05:00
Justin Bertram eb26f67ab6 ARTEMIS-3137 support XPath filters
Change summary:
 - Remove the existing Xalan-based XPath evaluator since Xalan appears
   to be no longer maintained.
 - Implement a JAXP XPath evaluator (from the ActiveMQ 5.x code-base).
 - Pull in the changes from https://issues.apache.org/jira/browse/AMQ-5333
   to enable configurable XML parser features.
 - Add a method to the base Message interface to make it easier to get
   the message body as a string. This relieves the filter from having
   to deal with message implementation details.
 - Update the Qpid JMS client to get the jms.validateSelector parameter.
2021-03-10 09:32:23 -05:00
gtully 20007ad485 ARTEMIS-3141 - respect the browse page limit on all queue controll/jmx operations that use a queue browser 2021-03-10 08:51:06 -05:00
Domenico Francesco Bruscino 5a5794021c ARTEMIS-3044 Add Artemis web console tests 2021-03-10 08:23:13 -05:00
Erwin Dondorp 8f7970cd59 NO-JIRA clarify REST doc to use ttl parameter 2021-03-09 10:39:14 -06:00
sebthom 026f3859a2 ARTEMIS-3117 Provide CachingOpenSSLContextFactory
to mitigate performance degradation in JDK 11 during TLS connection
initialization.
2021-03-03 10:06:45 -06:00
Jan Šmucr 5dc038b537 NO-JIRA Add a note about the `jms-client-id` session metadata to the docs 2021-02-11 10:43:27 -05:00
Erwin Dondorp 2aedde1c80 NO_JIRA mention that a multiple values are allowed for anycastPrefix/multicastPrefix 2021-02-11 10:35:41 -05:00
Justin Bertram f0cb730672 NO-JIRA clarify clustered grouping docs 2021-02-10 13:44:25 -06:00
Clebert Suconic c81ba279e1 NO-JIRA update versions.md 2021-02-08 12:18:26 -05:00
Justin Bertram 0b62fdcf3d NO-JIRA update versions.md before release 2021-02-08 10:52:33 -06:00
Justin Bertram 86cb888b62 NO-JIRA remove failover-on-server-shutdown from bridge doc 2021-02-08 11:18:23 -05:00
Ryan Yeats 86a2cad12a ARTEMIS-1884 add plugin API for message level authorization policies 2021-01-25 13:44:36 -06:00
Justin Bertram 4fbc8bf67d ARTEMIS-3008 mngmnt op to reload config file 2021-01-25 13:35:19 -06:00
Domenico Francesco Bruscino 7cb95352bd NO-JIRA Add JDBC connection pooling doc 2021-01-25 13:33:13 -06:00
Justin Bertram 8b093ec428 NO-JIRA minor logging doc updates 2021-01-20 12:19:58 -06:00
Andy Taylor 6b6d993a1d NO-JIRA updating the console docs 2021-01-19 09:13:46 +00:00
Urs Roesch 57e6d2757a NO-JIRA: Correct misspellings in documentation 2020-12-07 14:54:16 -05:00
Domenico Francesco Bruscino 03a64f6b50 NO-JIRA Add proxy forwarding doc 2020-12-07 11:33:06 -05:00
Gary Tully 4843a09afe
no jira - indicate what journal-compact-percentage is a percentage of 2020-12-03 12:44:31 +00:00
Justin Bertram c64d4d62e3 ARTEMIS-3010 doc updates 2020-11-27 11:04:08 +00:00
Justin Bertram 05b9c3cb6d NO-JIRA formatting error in versions.md 2020-11-17 15:19:09 -06:00
Justin Bertram 4cacd93fff NO-JIRA update version docs 2020-11-17 12:36:19 -06:00
Urs Roesch f491651fdb NO-JIRA: remove duplicate consecutive words
Removes duplicate consecutives words from markdown
documentation files.
2020-11-16 15:19:29 -06:00
Howard Gao 3ab5dcfc28 NO JIRA - fixing doc typo 2020-11-05 10:28:41 -05:00
Shrikant Chavan 6772314488 ARTEMIS-1730 Adding Restart Sequence of brokers on doc 2020-10-30 08:57:25 -04:00
Clebert Suconic dc7eb5c23d ARTEMIS-2937 Broker connection improvements
- Adding a paragraph about addressing and distinct queue names
- Renaming match on peers, senders and receivers as "address-match"
- Changing qpid dispatch test to use a single listener
- Fixing reconnect attemps message
2020-10-29 15:01:51 -04:00
Robbie Gemmell ef5d257f3f ARTEMIS-2937: improve the docs, particularly around use of 'peer' config to waypoint for Dispatch 2020-10-29 13:02:23 +00:00
Clebert Suconic bf52134dc0 ARTEMIS-2937 Fixing Tests and some review 2020-10-28 15:08:48 -04:00
Clebert Suconic 12280cdaaa ARTEMIS-2937 DOCS & Examples on AMQP Broker Connection 2020-10-28 11:37:25 -04:00
Justin Bertram 75e12b5e1d ARTEMIS-2947 Implement SecurityManager that supports replication 2020-10-19 10:07:57 -04:00
gtully 583bd3602a ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - revert new page-store-name addressSetting, when the page store respects the target address and the size is tallied on the target address store, it is no longer neecessary 2020-10-19 14:04:35 +01:00
Justin Bertram a8d718166d NO-JIRA higher quality logos 2020-09-29 12:19:39 -05:00
Justin Bertram 7ed83a78a0 NO-JIRA update doc logos 2020-09-29 11:34:07 -05:00
Justin Bertram 0f60b5a8e4 ARTEMIS-2906 add lastAckTimestamp to message counter 2020-09-24 12:51:00 -04:00
gtully fa04881c6f ARTEMIS-2888 ARTEMIS-2859 ARTEMIS-2768 - new page-store-name addressSetting to allow wildcard subscriptions share a single page store 2020-09-24 09:39:31 +01:00
Justin Bertram beaacbfa8d ARTEMIS-2904 prevent acceptor from automatically starting 2020-09-23 20:19:16 -04:00
Justin Bertram 9a90248f49 ARTEMIS-2889 better support for JMS topics with legacy LDAP plugin 2020-09-16 10:14:57 -04:00
Justin Bertram e47eb5ae20 ARTEMIS-589 flow control for individual STOMP subscribers 2020-09-16 10:13:47 -04:00
Domenico Francesco Bruscino f467bc0d55 NO-JIRA Fix PDF header and table of content
Override the default theme page.html of gitbook to fix the issue at
https://github.com/GitbookIO/theme-default/pull/80
2020-09-16 10:11:56 -04:00
Justin Bertram 6be8966164 ARTEMIS-2901 support namespace for temporary queues 2020-09-16 10:10:28 -04:00
Urs Roesch 7cf787af55 NO-JIRA: web-server.md documentation typos
Fixing case for `trustStorePath`, `trustStorePassword`, `keyStorePath`
and `keyStorePassword` to prevent org.xml.sax.SAXParseException.
2020-09-16 10:09:38 -04:00
gtully ec1c5a96c7 ARTEMIS-2895 - ensure propagated credentials are visible for bind and removed for subsequent mapping operations 2020-09-07 16:32:57 +01:00
Justin Bertram 90853409a0 ARTEMIS-2886 optimize security auth
Both authentication and authorization will hit the underlying security
repository (e.g. files, LDAP, etc.). For example, creating a JMS
connection and a consumer will result in 2 hits with the *same*
authentication request. This can cause unwanted (and unnecessary)
resource utilization, especially in the case of networked configuration
like LDAP.

There is already a rudimentary cache for authorization, but it is
cleared *totally* every 10 seconds by default (controlled via the
security-invalidation-interval setting), and it must be populated
initially which still results in duplicate auth requests.

This commit optimizes authentication and authorization via the following
changes:

 - Replace our home-grown cache with Google Guava's cache. This provides
simple caching with both time-based and size-based LRU eviction. See more
at https://github.com/google/guava/wiki/CachesExplained. I also thought
about using Caffeine, but we already have a dependency on Guava and the
cache implementions look to be negligibly different for this use-case.
 - Add caching for authentication. Both successful and unsuccessful
authentication attempts will be cached to spare the underlying security
repository as much as possible. Authenticated Subjects will be cached
and re-used whenever possible.
 - Authorization will used Subjects cached during authentication. If the
required Subject is not in the cache it will be fetched from the
underlying security repo.
 - Caching can be disabled by setting the security-invalidation-interval
to 0.
 - Cache sizes are configurable.
 - Management operations exist to inspect cache sizes at runtime.
2020-08-26 13:36:24 -05:00
Justin Bertram d86067a65b ARTEMIS-2872 support FQQN syntax for security-settings 2020-08-22 18:24:40 -05:00
Michael Pearce 2c506cc52a [ARTEMIS-2863] Add support to pause dispatch when group rebalance
Add test case
Add implementation
Add docs
2020-08-19 12:04:50 -04:00
Justin Bertram 19475d9d32 NO-JIRA fuller description of 2.14.0 highlights 2020-08-04 14:32:34 -05:00
Justin Bertram 1e8e19c716 NO-JIRA update versions doc 2020-08-04 14:09:21 -05:00
Justin Bertram 87274675d6 NO-JIRA document SOCKS proxy support 2020-08-04 11:42:55 -05:00
Justin Bertram 92c4c65d31 NO-JIRA a few updates to the logging doc 2020-08-04 11:21:52 -05:00
gtully 90273e6818 no jira - give some love to the migration guide 2020-07-23 14:17:33 +01:00
brusdev 427dc4dcb0 NO-JIRA Add updateDivert in management doc 2020-07-07 08:20:48 -04:00
Jan Šmucr 85e07a8afe ARTEMIS-2820 Undeploy diverts by removing them from broker.xml 2020-06-24 22:01:56 +01:00
Jan Šmucr 5070e7a72c ARTEMIS-2797 - Reset queue properties by unsetting them in broker.xml
Now it is possible to reset queue parameters to their defaults by removing them
from broker.xml and redeploying the configuration.

Originally this PR covered the "filter" parameter only.
2020-06-23 11:20:03 +02:00
Justin Bertram 36a2c575e5 NO-JIRA clarify check-for-live-server doc 2020-06-17 13:02:14 -05:00
Justin Bertram 8e8bbc93ac Clarify doc on embedding 2020-06-17 12:36:11 -05:00
Faldrian 0fda791fe0 NO-JIRA fixed typo in code example 2020-06-09 15:19:48 -04:00
Michael Pearce 99f6c7bf20 ARTEMIS-2787 - Add ability to disable and enable a queue
Add feature
Add tests
Add docs
Add missing bits noticed in ring-size
Address comments
2020-06-08 18:02:48 -04:00
Justin Bertram 7096bc187a ARTEMIS-2649 always over-write ORIG message props
ORIG message propertes like _AMQ_ORIG_ADDRESS are added to messages
during various broker operations (e.g. diverting a message, expiring a
message, etc.). However, if multiple operations try to set these
properties on the same message (e.g. administratively moving a message
which eventually gets sent to a dead-letter address) then important
details can be lost. This is particularly problematic when using
auto-created dead-letter or expiry resources which use filters based on
_AMQ_ORIG_ADDRESS and can lead to message loss.

This commit simply over-writes the existing ORIG properties rather than
preserving them so that the most recent information is available.
2020-06-01 15:19:34 -04:00
Justin Bertram 4b7b612eb9 ARTEMIS-2771 support JVM GC & thread metrics 2020-05-20 15:53:15 -04:00
Emmanuel Hugonnet a88815d9b3 [ARTEMIS-2704]: Provide a SPI to manage and cache SSLContext.
* Adding a new SPI to allow for SSLContext reuse accross the broker.
 * Providing a default behaviour similar to the existing one.

[ARTEMIS-2718]: Take advantage of ARTEMIS-2704 to cache SSLContexts.
* Adding a cache for SSLContexts and reusing them accross acceptors and
  connectors.

Issue: https://issues.apache.org/jira/browse/ARTEMIS-2704
Issue: https://issues.apache.org/jira/browse/ARTEMIS-2718
2020-05-15 16:19:50 -04:00
Justin Bertram 3bd0d8bf38 ARTEMIS-2758 support disabling metrics per address 2020-05-14 15:16:23 -04:00
Clebert Suconic 4fe4220ff0 ARTEMIS-2372 / ARTEMIS-2740 Improving Message Annotations support in AMQP
- when sending messages to DLQ or Expiry we now use x-opt legal names
- we now support filtering thorugh annotations if using m. as a prefix.
- enabling hyphenated_props: to allow m. as a prefix
2020-05-13 10:55:36 -04:00
Andy Taylor 8a04ee07de ARTEMIS-2648 - audit logging improvements
https://issues.apache.org/jira/browse/ARTEMIS-2648
2020-05-04 15:19:08 +01:00
Havret ee85989995 NO-JIRA Remove repeated words and fix spelling and grammar 2020-05-03 11:59:25 +02:00
Justin Bertram 6709883d0e ARTEMIS-2738 implement per-acceptor security domains 2020-04-28 21:45:38 -04:00
Justin Bertram 4b97e06890 ARTEMIS-2726 implement min/max expiry-delay 2020-04-23 17:56:51 -04:00
Clebert Suconic 5e594cc18f ARTEMIS-2732 Updating hacking guide 2020-04-22 23:08:46 -04:00
gamedev8 65b23e2238 NO-JIRA Doc change. Updating `connectionTtl` to `connectionTTL` 2020-04-13 16:48:07 -04:00
brusdev cd72f4db82 NO-JIRA Document NO-JIRA use cases 2020-04-08 12:54:16 -04:00
Justin Bertram fdfe3ba3fa ARTEMIS-2679 deprecate message-expiry-thread-priority
Due to the changes in 6b5fff40cb the
config parameter message-expiry-thread-priority is no longer needed. The
code now uses a ScheduledExecutorService and a thread pool rather than
dedicating a thread 100% to the expiry scanner. The pool's size can be
controlled via scheduled-thread-pool-max-size.
2020-03-25 16:43:38 -04:00
brusdev af72c008ff ARTEMIS-2663 Add customizer support for the embedded web server 2020-03-18 10:01:41 -05:00
Justin Bertram f9d4438f40 NO-JIRA doc STOMP routing behavior & config options 2020-03-05 20:52:16 -06:00
Justin Bertram a9e6dbb0e3 NO-JIRA reconcile STOMP prop names b/w code & doc 2020-03-05 20:49:25 -06:00
Justin Bertram 8c259116a8 NO-JIRA clarify & verify web socket support for MQTT 2020-03-05 21:34:53 -05:00
avi5kdonrh e90a10b195 NO-JIRA clarify default id-cache-size in the doc
The default id cache size is 20000, not 2000
2020-03-04 10:56:59 -06:00
brusdev 1e9be7ddc9 ARTEMIS-2627 simpleSecureServer failing on IBM Java 8 JVM
Remove excluded cipher suites matching the prefix `SSL` because the names of the
IBM Java 8 JVM cipher suites have the prefix `SSL` while the
`DEFAULT_EXCLUDED_CIPHER_SUITES` of org.eclipse.jetty.util.ssl.SslContextFactory
includes "^SSL_.*$". So all IBM JVM cipher suites are excluded by
SslContextFactory using the `DEFAULT_EXCLUDED_CIPHER_SUITES`.
2020-02-25 12:02:51 -06:00
Clebert Suconic ddd8ed4402 ARTEMIS-1975 Real Large Message support into AMQP
This is a Large commit where I am refactoring largeMessage Body out of CoreMessage
which is now reused with AMQP.

I had also to fix Reference Counting to fix how Large Messages are Acked

And I also had to make sure Large Messages are transversing correctly when in cluster.
2020-02-25 15:25:01 +01:00
Justin Bertram 72f5a1f5bc NO-JIRA fix up docs for security-ldap example 2020-02-24 13:32:02 -06:00
Justin Bertram d0758f34f6 ARTEMIS-2624 auto-create expiry resources 2020-02-20 17:44:56 -05:00
Justin Bertram b76f3b3a0d ARTEMIS-2587 auto-create dead-letter resources
This is a reimplementation of the IndividualDeadLetterQueueStrategy
from 5.x in a way that makes sense with the Artemis addressing model.
2020-02-20 17:44:56 -05:00
Christopher L. Shannon (cshannon) 3966e47338 ARTEMIS-2613: Add support for DivertBindings for federated addresses
This will allow federated addresses to create remote consumers based on
the existing of divert bindings and matching queue bindings
2020-02-17 12:15:18 -05:00
brusdev 4b6390f42f NO-JIRA improve role-access match priority doc 2020-02-17 19:49:50 +08:00
Justin Bertram fb60795b59 NO-JIRA fix user command parameter docs 2020-02-05 08:36:34 -06:00
Justin Bertram 2733cd73bd NO-JIRA update version doc for 2.11.0 2020-01-09 08:42:14 -06:00
Justin Bertram 1ad8b3c059 ARTEMIS-2590 support com.sun.jndi.ldap.read.timeout in LDAPLoginModule 2020-01-08 12:38:27 -05:00
Justin Bertram 8d8eaebb65 ARTEMIS-2580 support pluggable SSL TrustManagerFactory 2019-12-19 17:53:52 -05:00
brusdev 217859bd5f ARTEMIS-2579 [DOC] How to use custom logging handlers
Add the documentation to use custom logging handlers.
2019-12-19 13:03:07 -06:00
Justin Bertram c06404406c ARTEMIS-2574 allow security manager config via XML
The test-suite has long used the broker's ability to configure the
security manager. This commit implements this functionality via XML
configuration.
2019-12-12 15:48:43 -05:00
Christopher L. Shannon (cshannon) fb54707e2d ARTEMIS-2549 - Add Downstream support to Federation
This commit introduces the ability to configure a downstream connection
for federation.  This works by sending information to the remote broker
and that broker will parse the message and create a new upstream back
to the original broker.
2019-11-20 08:47:16 -05:00
Justin Bertram c9f5608ef9 NO-JIRA improve transformer docs 2019-11-06 09:57:42 -05:00
brusdev f680d9f712 ARTEMIS-2466 PageSyncTimer::timeSync isn't configurable using ASYNCIO
Add the config parameter `page-sync-timeout` to set a customized value,
because if the broker is configured to use ASYNCIO journal, the timeout
has the same value of NIO default journal buffer timeout ie 3333333.
2019-11-05 22:44:52 +01:00
Joshua Smith d7d11a0c6f ARTEMIS-2535 Add ignorePartialResultException option to LDAPLoginModule
Active Directory servers are unable to handle referrals automatically.
This causes a PartialResultException to be thrown if a referral is
encountered beneath the base search DN, even if the LDAPLoginModule is
set to ignore referrals.

This option may be set to 'true' to ignore these exceptions, allowing
login to proceed with the query results received before the exception
was encountered.

Note: there are no tests for this change as I could not reproduce the
issue with the ApacheDS test server. The issue is specific to directory
servers that don't support the ManageDsaIT control such as Active
Directory.
2019-10-30 13:47:50 -07:00
Justin Bertram 84067d8fef ARTEMIS-2504 implement retroactive addresses
A new feature to preserve messages sent to an address for queues that will be
created on the address in the future. This is essentially equivalent to the
"retroactive consumer" feature from 5.x. However, it's implemented in a way
that fits with the address model of Artemis.
2019-10-28 09:01:42 -04:00
Justin Bertram c0e77e96d1 ARTEMIS-2529 update address-settings mngmnt 2019-10-28 09:01:42 -04:00
brusdev 0ac605740e ARTEMIS-2503 Improve wildcards for the authorisation key attributes
Improve wildcard support for the key attribute in the roles access
match element and whitelist entry element, allowing prefix match for
the mBean properties.
2019-10-23 15:27:53 -04:00
Sascha Dirbach 8043828e84 ARTEMIS-2521 add documentation for role-mapping 2019-10-16 18:18:04 +02:00
Clebert Suconic d55ec37195 Revert "ARTEMIS-2462 Allow store-forward queue to be deleted afte scaledown"
This reverts commit 397cef699a.
2019-09-17 14:05:00 -04:00
Beat Sägesser 00ad31ad50
NO-JIRA Add 2.10.0 entry with upgrade instructions 2019-09-16 11:46:33 +02:00
Howard Gao 397cef699a ARTEMIS-2462 Allow store-forward queue to be deleted afte scaledown
After a node is scaled down to a target node, the sf queue in the
target node is not deleted.

Normally this is fine because may be reused when the scaled down
node is back up.

However in cloud environment many drainer pods can be created and
then shutdown in order to drain the messages to a live node (pod).
Each drainer pod will have a different node-id. Over time the sf
queues in the target broker node grows and those sf queues are
no longer reused.

Although use can use management API/console to manually delete
them, it would be nice to have an option to automatically delete
those sf queue/address resources after scale down.

In this PR it added a boolean configuration parameter called
cleanup-sf-queue to scale down policy so that if the parameter
is "true" the broker will send a message to the
target broker signalling that the SF queue is no longer
needed and should be deleted.

If the parameter is not defined (default) or is "false"
the scale down won't remove the sf queue.
2019-08-28 21:16:38 +08:00
Justin Bertram b7906399f5 ARTEMIS-2423 doc auto-create/delete for core API 2019-08-27 11:33:52 -04:00
gtully b20c2593e9 ARTEMIS-2433 add ExternalCertificateLoginModule to surface a SASL EXTERNAL identity (subjectDN) to JAAS. 2019-08-25 23:57:20 -04:00
Justin Bertram 449f0323ec ARTEMIS-2364 collision avoidance for redelivery
This is a feature from 5.x implemented via
https://issues.apache.org/jira/browse/AMQ-747.
2019-08-25 23:36:09 -04:00
Justin Bertram 51c2022f38 ARTEMIS-2457 implement ring queue 2019-08-25 23:29:44 -04:00
yang wei 76d420590f ARTEMIS-2399 Improve performance when there are a lot of subscribers 2019-08-19 16:43:44 +01:00
Beat Sägesser 8206112363 NO-JIRA Add artemis-service.xml 2019-08-08 13:24:02 -04:00
Justin Bertram d379cda374 ARTEMIS-2447 allow mapping admin to manage in LDAP plugin 2019-08-06 15:27:18 -05:00
Beat Sägesser 20b9b8e310 NO-JIRA Remove wrong parenthesis in upgrading step 2019-08-05 15:58:50 -04:00
Emmanuel Hugonnet 3aa3fa777f ARTEMIS-2401 Implement the Pause method for an Address
Adding support to pause an Address and all its bound queues.

Jira: https://issues.apache.org/jira/browse/ARTEMIS-2401
2019-07-18 16:29:52 -04:00
Beat Sägesser d4b6d65c91 NO-JIRA Fixing typo on Stomp Documentation
Replace heartBeatConnectionTtlModifer with heartBeatToConnectionTtlModifier to represent the code
2019-07-16 11:05:30 -04:00
Justin Bertram d125a78841 ARTEMIS-2396 improve password masking doc 2019-06-26 18:05:00 -04:00
Joseph Wilwayco eccf1d6720 Update port number for MQTT + AMQP example
From 1883 to 5672
2019-06-26 14:57:38 -05:00
Justin Bertram c8a6d0da95 NO-JIRA fix HA doc port typo 2019-06-24 09:01:31 -05:00
Justin Bertram a2b0e24eee NO-JIRA add docs on redistribution w/filters 2019-06-19 12:48:05 -05:00
Justin Bertram 6d749dac0c ARTEMIS-2348 update version doc 2019-05-31 15:24:18 -04:00
Justin Bertram 5768f6e2f3 ARTEMIS-2308 Support exporting metrics 2019-05-29 15:07:45 -04:00
Andy 3fe2194139 ARTEMIS-2358 - Add user and pass to database store to allow encryption
https://issues.apache.org/jira/browse/ARTEMIS-2358
2019-05-29 11:30:35 -05:00
Sebastian Lövdahl 8fe61d27fb NO-JIRA Fix references to failover-on-shutdown in documentation 2019-04-24 14:42:31 -04:00
Michael André Pearce 18bcd21c3e ARTEMIS-2306 Make group first off by default, unless configured 2019-04-17 16:25:42 -04:00