Thanks for your reply.

Currently I have connected to artemis (mqtt) but not able to connect with
mqtts. I have attached here the current configuration (broker.xml).
<acceptors>
   <!-- MQTT Acceptor -->
   <acceptor name="mqtt">tcp://
0.0.0.0:1883?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=MQTT;useEpoll=true
</acceptor>
   <acceptor name="mqtt-ssl-acceptor">tcp://
0.0.0.0:8883?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass;protocols=MQTT
</acceptor>
   <acceptor
name="netty-ssl-acceptor">tcp://localhost:5500?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass</acceptor>
</acceptors>

I'm using nodejs and here is my nodejs code to connect the mqtt server:
this.username = 'myuname';
this.password = 'mypass';
this.endpoint = 'mqtt://my.endpoint.com;';
this.options = {
    username: this.username,
    password: this.password,
    // ca: [fs.readFileSync(['/usr/share/ca-certificates/client.crt'])],
    rejectUnauthorized: false,
    protocol: "mqtts",
    port : 8883,
    // clientId: "mqttjs_" + new Date().getTime()
    // ssl: {
    //     key: fs.readFileSync('./ssl/petpooja.pem'),
    //     cert: fs.readFileSync('./ssl/STAR_petpooja_com.pem'),
    // },
    sslEnabled: true,
    trustStorePath: fs.readFileSync('./keystore.jks'),
    trustStorePassword: 'mypass',
    // keyStorePath: fs.readFileSync('./d/client-keystore.jks'),
    // keyStorePassword: 'securepass',
};

Can you please look into this, where I'm doing wrong?

Thanks and Regards,

On Thu, Jan 5, 2023 at 9:01 AM Justin Bertram <jbert...@apache.org> wrote:

> Can you elaborate on what exactly you haven't been able to translate into
> Artemis' plugin architecture? As Gary mentioned, there's a fairly rich set
> of integration points with the various plugins and the fact that the
> security manager is pluggable as well. Examples of most of these are
> shipped with the broker to help you get going. You shouldn't need to
> implement your own JAAS login module as far as I can tell from your
> description.
>
> That said, right now you'll have to jump through a few hoops to get details
> from the SSL certificate into the authorization method as the
> RemotingConnection is no longer passed into it [1]. See ARTEMIS-4059 [2]
> for additional discussion on that point.
>
> Ultimately there's no set of classes which will give you a 1 to 1
> translation for migrating plugins since the internal broker architectures
> are so different. However, the basic concepts should translate such that
> just about anything you could do in "Classic" you should be able to do in
> Artemis. If not, we'll implement those abilities where it makes sense.
>
>
> Justin
>
> [1]
>
> https://activemq.apache.org/components/artemis/documentation/javadocs/javadoc-latest/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager5.html
> [2] https://issues.apache.org/jira/browse/ARTEMIS-4059
>
> On Wed, Dec 28, 2022 at 4:45 AM Jędrzej Dudkiewicz <
> jedrzej.dudkiew...@gmail.com> wrote:
>
> > Hello,
> >
> > I wrote to this group earlier
> > (https://www.mail-archive.com/dev@activemq.apache.org/msg67666.html)
> > and got a response regarding migrating plugin from AMQ to Artemis. But
> > honestly even after reading links provided by Garry Tully I can't
> > figure out how I should proceed. My plugin extends BrokerFilter
> > (import org.apache.activemq.broker.BrokerFilter) and uses most/all
> > available methods: start(), addConnection(), removeConnection(),
> > addConsumer(), removeConsumer(), addDestination(),
> > addDestinationInfo(), removeDestination(), removeDestinationInfo(),
> > addProducer() and send().
> >
> > My first problem is that the first thing I want to do is to retrieve
> > the certificate from connection (so probably getTransportConnection()
> > from RemotingConnection in Artemis should be used?), parse it, read
> > few fields and store proper information in SecurityContext associated
> > with this connection. Later this info is used to determine whether a
> > connected client can create, delete or send messages to specific
> > destinations (queues/topics?). Plugin also sends information about
> > connecting/disconnecting clients and so on to predefined queue.
> >
> > I tried to figure out how the JAAS plugin can be used for this, but
> > JAAS as a whole seems to be overly complicated and I'd rather
> > reimplement everything from scratch than try to figure out how to use
> > such umm...  well regarded and mature solution.
> >
> > Is there some set of classes allowing for 1 to 1 translation of
> > ActiveMQ to Artemis plugins?
> >
> > TIA,
> > --
> > Jędrzej Dudkiewicz
> >
> > I really hate this damn machine, I wish that they would sell it.
> > It never does just what I want, but only what I tell it.
> >
> >
>

Reply via email to