Solace JMS Integration with HermesJMSsolace.com/wp-content/uploads/2015/07/Solace-JMS... · HermesJMS is an extensible console that helps you interact with JMS providers making it

Copyright Solace http://solace.com

Solace JMS Integration with HermesJMS

Document Version 1.2

January 2017

This guide will demonstrate how to setup HermesJMS with Solace JMS.

HermesJMS is an extensible console that helps you interact with JMS

providers making it simple to publish and edit messages, browse or search

queues and topics, copy messages around and delete them.

The Solace message router supports persistent and non-persistent JMS

messaging with high throughput and low, consistent latency. Thanks to

very high capacity and built-in virtualization, each Solace message router

can replace dozens of software-based JMS brokers in multi-tenant

deployments. Since JMS is a standard API, client applications connect to

Solace like any other JMS broker so companies whose applications are

struggling with performance or reliability issues can easily overcome them

by upgrading to Solace’s hardware.

http://solace.com/

http://www.hermesjms.com/confluence/display/HJMS/Python


2

Overview

Table of Contents Solace JMS Integration with HermesJMS ...................................................................................... 1 Overview .......................................................................................................................................... 2 Table of Contents .............................................................................................................................. 2 1 Why Solace ............................................................................................................................... 3

Superior Performance .............................................................................................................................................. 3 Robustness .............................................................................................................................................................. 3 Simple Architecture .................................................................................................................................................. 3 Simple Operations .................................................................................................................................................... 3 Cost Savings ............................................................................................................................................................ 3

2 Prerequisites.............................................................................................................................. 4 3 Setup Steps ............................................................................................................................... 5

3.1 Modify HermesJMS startup ............................................................................................................................... 5 3.1.1 Windows or Linux ................................................................................................................................................... 5 3.1.2 OS X ....................................................................................................................................................................... 5

3.2 Start HermesJMS and create a new Hermes JMS session .............................................................................. 7 3.3 Create a new Hermes Queue ......................................................................................................................... 15 3.4 Test the setup ................................................................................................................................................. 17 3.5 Configure Hermes JMS session to connect securely over SSL ...................................................................... 18 3.6 Configure Hermes JMS session to connect using client certificate authentication ......................................... 20


3

1 Why Solace Solace technology efficiently moves information between all kinds of applications, users and devices, anywhere in the

world, over all kinds of networks. Solace makes its state-of-the-art data movement capabilities available via hardware

and software “message routers” that can meet the needs of any application or deployment environment. Solace’s unique

solution offers unmatched capacity, performance, robustness and TCO so our customers can focus on seizing business

opportunities instead of building and maintaining complex data distribution infrastructure.

Superior Performance

Solace’s hardware and software messaging middleware products can cost-effectively meet the

performance needs of any application, with feature parity and interoperability that lets companies

start small and scale to support higher volume or more demanding requirements over time, and

purpose-built appliances that offer 50-100x higher performance than any other technology for

customers or applications that require extremely high capacity or low latency.

Robustness

Solace offers high availability (HA) and disaster recovery (DR) without the need for 3rd party products,

and fast failover times no other solution can match. Distributing data via dedicated TCP connections

ensures an orderly, well-behaved system under load, and patented techniques ensure that the

performance of publishers and high-speed consumers is never impacted by slow consumers.

Simple Architecture

Modern enterprises run applications that demand many kinds of data movement such as persistent

messaging, web streaming, WAN distribution and cloud-based communications. By supporting all

kinds of data movement with a unified platform that can be deployed as a small-footprint software

broker or high-capacity rack-mounted appliance, Solace lets architects design an end-to-end

infrastructure that’s easy to build applications for, integrate with existing technologies, secure and

scale.

Simple Operations

Solace’s solution features a shared administration framework for all kinds of data movement,

deployment models and network environments so it’s easy for IT staff to deploy, monitor, manage

and upgrade their Solace-based messaging environment.

Cost Savings

Solace reduces expenses with high-capacity hardware, flexible software, and the ability to deploy the

right solution for each problem. Solace’s support for many kinds of messaging lets you replace

multiple messaging products with just one, built-in HA, DR, WAN and Web functionality eliminate the

need for third-party products.


4

2 Prerequisites This guide assumes that:

- You have successfully installed HermesJMS on your machine (do not use WebStart HermesJMS)

- You have access to Solace JMS libraries (version 6.2 or above)

- You have access to a Solace Messaging Router

- The necessary configuration on the Solace Message Router is done. Configuration includes the

creation of elements such as the message-VPN and the JMS Connection Factory.

- If SSL connectivity is desired, you will need to ensure that the Solace appliance is correctly

configured with SSL certificate(s), and that you have obtained a copy of the trust store, and

keystore (if necessary) from your administrator.

http://www.hermesjms.com/webstart/hermes/bin/hermes.jnlp


5

3 Setup Steps

3.1 Modify HermesJMS startup

3.1.1 Windows or Linux

a) In the HermesJMS distribution you will find a bin directory with the startup files, hermes.bat and hermes.sh. Edit the file you use to start HermesJMS and add the system property definition “-DSolace_JMS_Browser_Timeout_In_MS=1000” to the Java command.

3.1.2 OS X

a) Open the Applications directory in Finder. Right-click on the HermesJMS icon and select “Show Package Contents”.


6

b) Go into the Contents subdirectory.

c) Double-click to edit the Info.plist file with the (optionally installed) Apple Xcode editor. Add the string “-

DSolace_JMS_Browser_Timeout_In_MS=1000” to the Java->VMOptions with a space between the existing options

and the new String. Save the change.


7

3.2 Start HermesJMS and create a new Hermes JMS session a) Right-click on jms/sessions tree node in the “Sessions” area and select New…/New session… Call it

“SolaceSession”. Make sure to uncheck Use Consumer and Transacted.


8

a) You will be presented with a Preferences dialog which contains 4 tabs. Select the Providers tab.


9

b) Add a new Classpath group, by right clicking on “Classpath Groups” and selecting Add Group from the

popup menu. Type “SolaceJMS” in the Classpath group name text field and hit OK.


10

c) Now, add all of the jars in the lib directory of the Solace JMS distribution package, and hit “OK”. A

confirmation dialog will be presented (see below). Hit “Don’t scan” to proceed.


11

d) Hit “Apply” to save the configuration.


12

e) Switch to the Sessions tab to start configuring the ConnectionFactory.


13

f) Select the following settings in the drop-down menu for the Connection Factory.

a. For Class, select hermes.JNDIConnectionFactory

b. For Loader, select SolaceJMS which was previously configured. Sometimes the drop-down

menu has not been updated with the SolaceJMS option. If this happens, close the dialog

with “OK” and reopen by right clicking the “SolaceJMS” and selecting “edit”.


14

g) Add the following properties for the Connection Factory:

Property Value

binding <JNDI name of the connection factory you want to use>

initialContextFactory com.solacesystems.jndi.SolJNDIInitialContextFactory

providerURL smf://<appliance message backbone IP>[:<port>]

securityPrincipal <client-user name>@<vpn name>

securityCredentials <password>

h) Hit “OK” to finish creating the new Hermes JMS session.


15

3.3 Create a new Hermes Queue

a) Right-click on jms/sessions/SolaceSession tree node in the “Sessions” area and select New…/Add

queue…


16

b) Input the following properties:

Property Value

Name <JNDI name of the queue that you wish to connect to>

ShortName Any desired display name. For simplicity, this example will keep it as the

same as the JNDI name.

c) Hit “OK” to finish creating the new Hermes JMS queue.


17

3.4 Test the setup

a) To browse the message in the queue added in the previous setup, simply double click on it in the tree

on the left hand side. If the queue contains messages they will be displayed in a queue tab as shown

below


18

3.5 Configure Hermes JMS session to connect securely over SSL

a) Using your preferred text editor, create a new file to pass additional user properties to HermesJMS. For

this example, the name of the properties file will be “solace.jms.properties”.

b) Insert the following two lines of text into your file. Note that the text should be modified to point to

the location of your trust store, and must also contain the password of your trust store.

Solace_JMS_SSL_TrustStore=C:\\JMS\\HermesJMS\\truststore.jks

Solace_JMS_SSL_TrustStorePassword=myTrustStorePassword

c) Edit the Hermes JMS session in step 3.2 to have the session connect securely over SSL. Right-click on

jms/sessions/SolaceSession tree node in the “Sessions” area and select Edit…


19

d) Edit the providerURL property to connect to smfs://<appliance message backbone IP>:[<appliance SSL

port>].

e) Add “userPropertiesFile” property to the connection factory. This value of this property must be the

full file name of the solace.jms.properties file that was created earlier in step (a).


20

3.6 Configure Hermes JMS session to connect using client certificate authentication

a) Section 3.5 – “Configure Hermes JMS session to connect securely over SSL” must be done prior to

enabling client certificate authentication.

b) Edit the solace.jms.properties custom user property file to specify additional properties, modifying

them to point to your actual files, and passwords as necessary.

Solace_JMS_SSL_TrustStore=C:\\JMS\\HermesJMS\\truststore.jks

Solace_JMS_SSL_TrustStorePassword=myTrustStorePassword

Solace_JMS_Authentication_Scheme=AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE

Solace_JMS_SSL_KeyStore=C:\\JMS\\HermesJMS\\keystore.jks

Solace_JMS_SSL_KeyStorePassword=myKeyStorePassword

Solace_JMS_SSL_PrivateKeyAlias=myPrivateKeyAlias

Solace_JMS_SSL_PrivateKeyPassword=myPrivateKeyPassword

Here is a brief summary of the properties used, but you should refer to the Solace JMS API guide for full details.

Property Description

Solace_JMS_SSL_TrustStore The trust store to use.

Solace_JMS_SSL_TrustStorePassword The trust store password for the trust store provided for the SSL Trust

Store property.

Solace_JMS_Authentication_Scheme This property specifies the authentication scheme to be used.

Solace_JMS_SSL_KeyStore This property specifies the keystore to use in the URL or path format. The

keystore holds the client’s private key and certificate required to

authenticate a client during the TLS/SSL handshake.

Solace_JMS_SSL_KeyStorePassword This property specifies keystore password to use. This password allows

JMS to verify the integrity of the keystore.

Solace_JMS_SSL_PrivateKeyAlias This property specifies which private key in the keystore to use for

authentication. This property is necessary when a keystore with multiple

private key entries is used.

Solace_JMS_SSL_PrivateKeyPassword This property specifies the password for the private key in the keystore.

Documents

Solace JMS Integration with HermesJMSsolace.com/wp-content/uploads/2015/07/Solace-JMS... · HermesJMS is an extensible console that helps you interact with JMS providers making it