Thanks for your reply. Currently I have connected to artemis (mqtt) but not able to connect with mqtts. I have attached here the current configuration (broker.xml). <acceptors> <!-- MQTT Acceptor --> <acceptor name="mqtt">tcp:// 0.0.0.0:1883?tcpSendBufferSize=1048576;tcpReceiveBufferSize=1048576;protocols=MQTT;useEpoll=true </acceptor> <acceptor name="mqtt-ssl-acceptor">tcp:// 0.0.0.0:8883?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass;protocols=MQTT </acceptor> <acceptor name="netty-ssl-acceptor">tcp://localhost:5500?sslEnabled=true;needClientAuth=true;keyStorePath=server-keystore.jks;keyStorePassword=securepass;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass</acceptor> </acceptors>
I'm using nodejs and here is my nodejs code to connect the mqtt server: this.username = 'myuname'; this.password = 'mypass'; this.endpoint = 'mqtt://my.endpoint.com;'; this.options = { username: this.username, password: this.password, // ca: [fs.readFileSync(['/usr/share/ca-certificates/client.crt'])], rejectUnauthorized: false, protocol: "mqtts", port : 8883, // clientId: "mqttjs_" + new Date().getTime() // ssl: { // key: fs.readFileSync('./ssl/petpooja.pem'), // cert: fs.readFileSync('./ssl/STAR_petpooja_com.pem'), // }, sslEnabled: true, trustStorePath: fs.readFileSync('./keystore.jks'), trustStorePassword: 'mypass', // keyStorePath: fs.readFileSync('./d/client-keystore.jks'), // keyStorePassword: 'securepass', }; Can you please look into this, where I'm doing wrong? Thanks and Regards, On Thu, Jan 5, 2023 at 9:01 AM Justin Bertram <jbert...@apache.org> wrote: > Can you elaborate on what exactly you haven't been able to translate into > Artemis' plugin architecture? As Gary mentioned, there's a fairly rich set > of integration points with the various plugins and the fact that the > security manager is pluggable as well. Examples of most of these are > shipped with the broker to help you get going. You shouldn't need to > implement your own JAAS login module as far as I can tell from your > description. > > That said, right now you'll have to jump through a few hoops to get details > from the SSL certificate into the authorization method as the > RemotingConnection is no longer passed into it [1]. See ARTEMIS-4059 [2] > for additional discussion on that point. > > Ultimately there's no set of classes which will give you a 1 to 1 > translation for migrating plugins since the internal broker architectures > are so different. However, the basic concepts should translate such that > just about anything you could do in "Classic" you should be able to do in > Artemis. If not, we'll implement those abilities where it makes sense. > > > Justin > > [1] > > https://activemq.apache.org/components/artemis/documentation/javadocs/javadoc-latest/org/apache/activemq/artemis/spi/core/security/ActiveMQSecurityManager5.html > [2] https://issues.apache.org/jira/browse/ARTEMIS-4059 > > On Wed, Dec 28, 2022 at 4:45 AM Jędrzej Dudkiewicz < > jedrzej.dudkiew...@gmail.com> wrote: > > > Hello, > > > > I wrote to this group earlier > > (https://www.mail-archive.com/dev@activemq.apache.org/msg67666.html) > > and got a response regarding migrating plugin from AMQ to Artemis. But > > honestly even after reading links provided by Garry Tully I can't > > figure out how I should proceed. My plugin extends BrokerFilter > > (import org.apache.activemq.broker.BrokerFilter) and uses most/all > > available methods: start(), addConnection(), removeConnection(), > > addConsumer(), removeConsumer(), addDestination(), > > addDestinationInfo(), removeDestination(), removeDestinationInfo(), > > addProducer() and send(). > > > > My first problem is that the first thing I want to do is to retrieve > > the certificate from connection (so probably getTransportConnection() > > from RemotingConnection in Artemis should be used?), parse it, read > > few fields and store proper information in SecurityContext associated > > with this connection. Later this info is used to determine whether a > > connected client can create, delete or send messages to specific > > destinations (queues/topics?). Plugin also sends information about > > connecting/disconnecting clients and so on to predefined queue. > > > > I tried to figure out how the JAAS plugin can be used for this, but > > JAAS as a whole seems to be overly complicated and I'd rather > > reimplement everything from scratch than try to figure out how to use > > such umm... well regarded and mature solution. > > > > Is there some set of classes allowing for 1 to 1 translation of > > ActiveMQ to Artemis plugins? > > > > TIA, > > -- > > Jędrzej Dudkiewicz > > > > I really hate this damn machine, I wish that they would sell it. > > It never does just what I want, but only what I tell it. > > > > >