Sun Java System Message Queue 4.1 Administration Guide
Sun Java System Message Queue 4.1 Administration Guide
Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without
limitation, these intellectual property rights may include one or more U.S. patents or pending patent applications in the U.S. and in other countries.
U.S. Government Rights – Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions
of the FAR and its supplements.
This distribution may include materials developed by third parties.
Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the U.S. and other
countries, exclusively licensed through X/Open Company, Ltd.
Sun, Sun Microsystems, the Sun logo, the Solaris logo, the Java Coffee Cup logo, docs.sun.com, Java, and Solaris are trademarks or registered trademarks of Sun
Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC
International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.
The OPEN LOOK and SunTM Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering efforts
of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license from Xerox to
the Xerox Graphical User Interface, which license also covers Sun's licensees who implement OPEN LOOK GUIs and otherwise comply with Sun's written license
agreements.
Products covered by and information contained in this publication are controlled by U.S. Export Control laws and may be subject to the export or import laws in
other countries. Nuclear, missile, chemical or biological weapons or nuclear maritime end uses or end users, whether direct or indirect, are strictly prohibited. Export
or reexport to countries subject to U.S. embargo or to entities identified on U.S. export exclusion lists, including, but not limited to, the denied persons and specially
designated nationals lists is strictly prohibited.
DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY
IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO
THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.
Copyright 2007 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, CA 95054 U.S.A. Tous droits réservés.
Sun Microsystems, Inc. détient les droits de propriété intellectuelle relatifs à la technologie incorporée dans le produit qui est décrit dans ce document. En particulier,
et ce sans limitation, ces droits de propriété intellectuelle peuvent inclure un ou plusieurs brevets américains ou des applications de brevet en attente aux Etats-Unis
et dans d'autres pays.
Cette distribution peut comprendre des composants développés par des tierces personnes.
Certaines composants de ce produit peuvent être dérivées du logiciel Berkeley BSD, licenciés par l'Université de Californie. UNIX est une marque déposée aux
Etats-Unis et dans d'autres pays; elle est licenciée exclusivement par X/Open Company, Ltd.
Sun, Sun Microsystems, le logo Sun, le logo Solaris, le logo Java Coffee Cup, docs.sun.com, Java et Solaris sont des marques de fabrique ou des marques déposées de
Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays. Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques
déposées de SPARC International, Inc. aux Etats-Unis et dans d'autres pays. Les produits portant les marques SPARC sont basés sur une architecture développée par
Sun Microsystems, Inc.
L'interface d'utilisation graphique OPEN LOOK et Sun a été développée par Sun Microsystems, Inc. pour ses utilisateurs et licenciés. Sun reconnaît les efforts de
pionniers de Xerox pour la recherche et le développement du concept des interfaces d'utilisation visuelle ou graphique pour l'industrie de l'informatique. Sun détient
une licence non exclusive de Xerox sur l'interface d'utilisation graphique Xerox, cette licence couvrant également les licenciés de Sun qui mettent en place l'interface
d'utilisation graphique OPEN LOOK et qui, en outre, se conforment aux licences écrites de Sun.
Les produits qui font l'objet de cette publication et les informations qu'il contient sont régis par la legislation américaine en matière de contrôle des exportations et
peuvent être soumis au droit d'autres pays dans le domaine des exportations et importations. Les utilisations finales, ou utilisateurs finaux, pour des armes nucléaires,
des missiles, des armes chimiques ou biologiques ou pour le nucléaire maritime, directement ou indirectement, sont strictement interdites. Les exportations ou
réexportations vers des pays sous embargo des Etats-Unis, ou vers des entités figurant sur les listes d'exclusion d'exportation américaines, y compris, mais de manière
non exclusive, la liste de personnes qui font objet d'un ordre de ne pas participer, d'une façon directe ou indirecte, aux exportations des produits ou des services qui
sont régis par la legislation américaine en matière de contrôle des exportations et la liste de ressortissants spécifiquement designés, sont rigoureusement interdites.
LA DOCUMENTATION EST FOURNIE "EN L'ETAT" ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES
SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE
IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L'APTITUDE A UNE UTILISATION PARTICULIERE OU A L'ABSENCE DE CONTREFACON.
070903@18135
Contents
Preface ...................................................................................................................................................21
3
Contents
4 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Contents
5
Contents
6 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Contents
7
Contents
8 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Contents
9
Contents
10 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Contents
11
Contents
12 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Figures
13
14
Tables
15
Tables
TABLE 13–3 Command Utility Subcommands for Broker Management .............................. 268
TABLE 13–4 Command Utility Subcommands for Connection Service Management ........ 270
TABLE 13–5 Command Utility Subcommands for Connection Service Management ........ 271
TABLE 13–6 Command Utility Subcommands for Physical Destination Management ....... 272
TABLE 13–7 Command Utility Subcommands for Durable Subscription Management ..... 273
TABLE 13–8 Command Utility Subcommands for Transaction Management ..................... 274
TABLE 13–9 Command Utility Subcommand for JMX Management .................................... 274
TABLE 13–10 General Command Utility Options ...................................................................... 274
TABLE 13–11 Object Manager Subcommands ............................................................................ 275
TABLE 13–12 Object Manager Options ........................................................................................ 276
TABLE 13–13 Database Manager Subcommands ........................................................................ 277
TABLE 13–14 Database Manager Options .................................................................................... 278
TABLE 13–15 User Manager Subcommands ................................................................................ 279
TABLE 13–16 General User Manager Options ............................................................................. 279
TABLE 13–17 Service Administrator Subcommands .................................................................. 280
TABLE 13–18 Service Administrator Options .............................................................................. 280
TABLE 14–1 Broker Connection Properties ............................................................................... 284
TABLE 14–2 Broker Routing Properties ..................................................................................... 286
TABLE 14–3 Broker Properties for Auto-Created Destinations .............................................. 287
TABLE 14–4 Global Broker Persistence Property ...................................................................... 290
TABLE 14–5 Broker Properties for File-Based Persistence ....................................................... 291
TABLE 14–6 Broker Properties for JDBC-Based Persistence ................................................... 292
TABLE 14–7 General Broker Security Properties ....................................................................... 294
TABLE 14–8 Broker Security Properties for LDAP Authentication ........................................ 296
TABLE 14–9 Broker Monitoring Properties ............................................................................... 298
TABLE 14–10 Broker Properties for Cluster Configuration ....................................................... 302
TABLE 14–11 Broker Properties for JMX Support ....................................................................... 305
TABLE 14–12 Alphabetical List of Broker Properties .................................................................. 307
TABLE 15–1 Physical Destination Properties ............................................................................. 313
TABLE 16–1 Connection Factory Attributes for Connection Handling ................................. 318
TABLE 16–2 Message Broker Addressing Schemes ................................................................... 320
TABLE 16–3 Message Broker Address Examples ....................................................................... 321
TABLE 16–4 Connection Factory Attributes for Client Identification .................................... 321
TABLE 16–5 Connection Factory Attributes for Reliability and Flow Control ...................... 322
TABLE 16–6 Connection Factory Attributes for Queue Browser and Server Sessions .......... 323
TABLE 16–7 Connection Factory Attributes for Standard Message Properties ..................... 324
16 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Tables
TABLE 16–8 Connection Factory Attributes for Message Header Overrides ......................... 325
TABLE 16–9 Destination Attributes ............................................................................................ 325
TABLE 17–1 Resource Adapter Properties ................................................................................. 328
TABLE 17–2 Managed Connection Factory Properties ............................................................. 330
TABLE 17–3 Activation Specification Properties ....................................................................... 331
TABLE 18–1 JVM Metrics ............................................................................................................. 336
TABLE 18–2 Brokerwide Metrics ................................................................................................. 336
TABLE 18–3 Connection Service Metrics ................................................................................... 338
TABLE 18–4 Physical Destination Metrics ................................................................................. 339
TABLE 19–1 JESMF Common Object Attributes ...................................................................... 345
TABLE 19–2 JESMF-Accessible Message Queue Product Attributes ...................................... 346
TABLE 19–3 JESMF-Accessible Message Queue Broker Attributes ........................................ 346
TABLE 19–4 JESMF-Accessible Message Queue Port Mapper Attributes .............................. 347
TABLE 19–5 JESMF-Accessible Message Queue Connection Service Attributes .................. 348
TABLE 19–6 JESMF-Accessible Message Queue Destination Attributes ................................ 349
TABLE 19–7 JESMF-Accessible Message Queue Persistent Store Attributes ......................... 350
TABLE 19–8 JESMF-Accessible Message Queue User Repository Attributes ........................ 350
TABLE A–1 Message Queue Data Locations on Solaris Platform ........................................... 353
TABLE A–2 Message Queue Data Locations on Linux Platform ............................................ 354
TABLE A–3 Message Queue Data Locations on Windows Platform ..................................... 356
TABLE B–1 Interface Stability Classification Scheme .............................................................. 357
TABLE B–2 Stability of Message Queue Interfaces ................................................................... 358
TABLE C–1 Distinguished Name Information Required for a Self-Signed Certificate ........ 364
TABLE C–2 Broker Configuration Properties for the httpjms and httpsjms Connection
Services ..................................................................................................................... 372
TABLE E–1 Broker Configuration Properties ( -o option) ..................................................... 384
TABLE E–2 Destination Configuration Properties (-o option) ............................................. 385
17
18
Examples
19
Examples
20 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Preface
This Sun JavaTM System Message Queue 4.1 Administration Guide provides background and
information needed by system administrators to set up and manage a Sun Java System Message
Queue messaging system.
21
Preface
Chapter/Appendix Description
Part I
Chapter 1, “Administrative Tasks and Introduces Message Queue administrative tasks and tools.
Tools”
Chapter 2, “Quick-Start Tutorial” Provides a hands-on tutorial to acquaint you with the Message Queue
Administration Console.
Part II
Chapter 3, “Starting Brokers and Describes how to start the Message Queue broker and clients.
Clients”
Chapter 4, “Broker Configuration” Describes how configuration properties are set and read, and gives an
introduction to the configurable aspects of the broker. Also describes
how to set up a file or database to perform persistence functions.
Chapter 7, “Administered Objects” Describes the object store and shows how to perform tasks related to
administered objects (connection factories and destinations).
Chapter 8, “Broker Clusters” Describes how to set up and manage a cluster of Message Queue
brokers.
Chapter 10, “Monitoring Broker Describes how to set up and use Message Queue monitoring facilities.
Operations”
Chapter 11, “Analyzing and Tuning a Describes techniques for analyzing and optimizing message service
Message Service” performance.
Chapter 12, “Troubleshooting” Provides suggestions for determining the cause of common Message
Queue problems and the actions you can take to resolve them.
Part III
Chapter 13, “Command Line Provides syntax and descriptions for Message Queue command line
Reference” utilities.
Chapter 14, “Broker Properties Describes the configuration properties of Message Queue message
Reference” brokers.
22 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Preface
Chapter 15, “Physical Destination Describes the configuration properties of physical destinations.
Property Reference”
Chapter 16, “Administered Object Describes the configuration properties of administered objects
Attribute Reference” (connection factories and destinations).
Chapter 17, “JMS Resource Adapter Describes the configuration properties of the Message Queue Resource
Property Reference” Adapter for use with an application server.
Chapter 18, “Metrics Reference” Describes the metric information that a Message Queue message
broker can provide for monitoring, turning, and diagnostic purposes. .
Chapter 19, “JES Monitoring Lists Message Queue attributes that are accessible by means of the Java
Framework Reference” Enterprise System Monitoring Framework (JESMF).
Part IV
Appendix A,“ Platform-Specific Lists the locations of Message Queue files on each supported platform.
Locations of Message Queue Data”
Appendix B,“ Stability of Message Describes the stability of various Message Queue interfaces.
Queue Interfaces”
Appendix C, “HTTP/HTTPS Describes how to set up and use the Hypertext Transfer Protocol
Support” (HTTP) for Message Queue communication.
Appendix D, “JMX Support” Describes Message Queue’s administrative support for client programs
using the Java Management Extensions (JMX) application
programming interface
Appendix E, “Frequently Used Lists some frequently used Message Queue Command utility (imqcmd)
Command Utility Commands” commands.
Documentation Conventions
This section describes various conventions used in Message Queue documentation.
Typographic Conventions
Table P–2 shows the typographic conventions used inMessage Queue documentation.
23
Preface
AaBbCc123 Names of commands, files, and directories, and Edit your .login file.
onscreen computer output
Use ls -a to list all files.
machine_name% you have mail.
AaBbCc123 Placeholder: replace with a real name or value The command to remove a file is
rm fileName.
AaBbCc123 Book titles, new terms, and emphasized words Read Chapter 6 in the User's Guide.
A cache is a copy that is stored
locally.
Do not save the file.
Note – Some emphasized items
appear online in boldface.
Symbol Conventions
Table P–3 shows symbol conventions used inMessage Queue documentation.
{|} Encloses a set of choices -d {y|n} The -d option requires that you use either
for a required command the y argument or the n argument.
option
+ Joins consecutive Ctrl+A+N Press the Control key, release it, and then
multiple keystrokes press the subsequent keys.
24 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Preface
→ Indicates hierarchical File → New → Templates From the File menu, choose New; from
menu selection in a the New submenu, choose Templates.
graphical user interface
Note – In this manual, these directory variables are shown without platform-specific
environment variable notation or syntax (such as $IMQ_HOME on UNIX). Non-platform-specific
pathnames use UNIX directory separator (/) notation.
Variable Description
25
Preface
IMQ_JAVAHOME Location of the Java runtime environment (JRE) used by Message Queue
executables.
Related Documentation
The information resources listed in this section provide further information about Message
Queue in addition to that contained in this manual.
Click “Sun Java Systems,” followed by “Software,” “Application & Integration Services,” and then
“Message Queue.”
Message Queue Installation Guide Developers and Explains how to install Message Queue software
administrators on Solaris, Linux, and Windows platforms
Message Queue Release Notes Developers and Includes descriptions of new features,
administrators limitations, and known bugs, as well as
technical notes
26 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Preface
Message Queue Technical Overview Developers and Introduces basic Message Queue concepts,
administrators features, and components
Message Queue Administration Guide Administrators (also Provides background and information needed
recommended for by system administrators to set up and manage
developers) a Message Queue messaging system
Message Queue Developer’s Guide for Developers Provides information on developing Java client
Java Clients programs using Message Queue's Java
application programming interface
Message Queue Developer’s Guide for Developers Provides information on developing C and C++
C Clients client programs using Message Queue's C
application programming interface (C API)
Message Queue Developer’s Guide for Developers Provides information on developing Java client
JMX Clients programs using the Message Queue
implementation of the Java Management
Extensions (JMX) application programming
interface
JavaDoc
JMS and Message Queue API documentation in JavaDoc format is included in your Message
Queue installation at the locations shown in Table P–6, depending on your platform. This
documentation can be viewed in any HTML browser. It includes standard JMS API
documentation as well as Message Queue–specific APIs.
Platform Location
Solaris /usr/share/javadoc/imq/index.html
Linux /opt/sun/mq/javadoc/index.html
27
Preface
Windows IMQ_HOME\javadoc\index.html
where IMQ_HOME is the Message Queue home directory
Platform Location
Linux /opt/sun/mq/examples
Windows IMQ_HOME\demo
where IMQ_HOME is the Message Queue home directory
Online Help
Online help is available for the Message Queue command line utilities; see Chapter 13,
“Command Line Reference” for details. The Message Queue graphical user interface (GUI)
administration tool, the Administration Console, also includes a context-sensitive help facility;
see “Administration Console Online Help” on page 42.
28 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Preface
Note – Sun is not responsible for the availability of third-party Web sites mentioned in this
manual. Sun does not endorse and is not responsible or liable for any content, advertising,
products, or other materials available on or through such sites or resources. Sun will not be
responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or
in connection with the use of or reliance on any such content, goods, or services available on or
through such sites or resources.
and click Send comments. In the resulting online form, provide the document title and part
number along with your comment. (The part number is a 7-digit or 9-digit number that can be
found on the book’s title page or in the document's URL. For example, the part number of this
book is 819-4467.)
29
30
P A R T I
31
32
1
C H A P T E R 1
This chapter provides an overview of Sun JavaTM System Message Queue administrative tasks
and the tools for performing them, focusing on common features of the command line
administration utilities. It consists of the following sections:
■ “Administrative Tasks” on page 33
■ “Administration Tools” on page 36
Administrative Tasks
The typical administrative tasks to be performed depend on the nature of the environment in
which you are running Message Queue. The demands of a software development environment
in which Message Queue applications are being developed and tested are different from those of
a production environment in which such applications are deployed to accomplish useful work.
The following sections summarize the typical administrative requirements of these two
different types of environment.
33
Administrative Tasks
Setup Operations
Administrative setup operations in a production environment typically include some or all of
the following:
Administrator security
■ Setting the password for the default administrative user (admin) (“Changing a User’s
Password” on page 170)
■ Controlling individual or group access to the administrative connection service
(“Authorization Rules for Connection Services” on page 183) and the dead message queue
(“Authorization Rules for Physical Destinations” on page 184)
■ Regulating administrative group access to a file-based or Lightweight Directory Access
Protocol (LDAP) user repository (“User Groups and Status” on page 166, “Using an LDAP
User Repository” on page 172)
General security
■ Managing the contents of a file-based user repository (“Using the User Manager Utility” on
page 167) or configuring the broker to use an existing LDAP user repository (“Using an
LDAP User Repository” on page 172)
■ Controlling the operations that individual users or groups are authorized to perform (“User
Authorization” on page 180)
■ Setting up encryption services using the Secure Socket Layer (SSL) (“Message Encryption”
on page 185)
Administered objects
■ Setting up and configuring an LDAP object store ( “LDAP Server Object Stores” on
page 127)
■ Creating connection factories and destinations ( “Adding Administered Objects” on
page 138)
Broker clusters
34 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Administrative Tasks
■ Creating a cluster configuration file (“Setting the Cluster Configuration” on page 149)
■ Designating a master broker (“Managing the Configuration Change Record” on page 158)
Persistence
■ Configuring a broker to use a persistent store ( “Configuring a Persistent Data Store” on
page 92).
Memory management
■ Setting a destination’s configuration properties to optimize its memory usage (“Updating
Physical Destination Properties” on page 119, Chapter 15, “Physical Destination Property
Reference”)
Maintenance Operations
Because application performance, reliability, and security are at a premium in production
environments, message service resources must be tightly monitored and controlled through
ongoing administrative maintenance operations, including the following:
Administered objects
■ Adjusting connection factory attributes to ensure the correct behavior of client applications
(“Connection Factory Attributes” on page 130)
■ Monitoring and managing physical destinations ( Chapter 6, “Physical Destinations”)
■ Controlling user access to destinations ( “Authorization Rules for Physical Destinations” on
page 184)
Client management
■ Monitoring and managing durable subscriptions (see “Managing Durable Subscriptions”
on page 111).
■ Monitoring and managing transactions (see “Managing Transactions” on page 112).
Administration Tools
Message Queue administration tools fall into two categories:
■ Command line utilities
■ The graphical Administration Console
See Chapter 13, “Command Line Reference” for detailed information on the use of these
utilities.
Administration Console
The Message Queue Administration Console combines some of the capabilities of the
Command and Object Manager utilities. You can use it to perform the following tasks:
■ Connect to and control a broker remotely
■ Create and manage physical destinations
■ Create and manage administered objects in a JNDI object store
However, you cannot use the Administration Console to perform such tasks as starting up a
broker, creating broker clusters, managing a JDBC database or a user repository, installing a
broker as a Windows service, or generating SSL certificates. For these, you need the other
36 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Administration Tools
command line utilities (Broker, Database Manager, User Manager, Service Administrator, and
Key Tool), which cannot operate remotely and must be run on the same host as the broker they
manage (see Figure 1–1).
Remote
Admin Host
Broker Host
Administration
Console
Broker
imqcmd
imqbrokerd imqkeytool
imqobjmgr
imqusermgr imqdbmgr
imqsvcadmin
(Windows only)
See Chapter 2, “Quick-Start Tutorial” for a brief, hands-on introduction to the Administration
Console. More detailed information on its use is available through its own help facility.
Quick-Start Tutorial
The tutorial sets up the physical destinations and administered objects needed to run a simple
JMS-compliant application, HelloWorldMessageJNDI. The application is available in the
helloworld subdirectory of the example applications directory (demo on the Solaris and
Windows platforms or examples on Linux; see Appendix A, “Platform-Specific Locations of
Message Queue Data”). In the last part of the tutorial, you will run this application.
Note – You must have the Message Queue product installed in order to follow the tutorial. If
necessary, see the Message Queue Installation Guide for instructions.
The tutorial is only a basic introduction; it is not a substitute for reading the documentation. By
following the steps described in the tutorial, you will learn how to
■ Start a message broker
■ Connect to a broker and use the Administration Console to manage it
■ Create physical destinations on the broker
■ Create an object store and use the Administration Console to connect to it
■ Add administered objects to the object store and view their properties
39
Starting the Administration Console
Note – The instructions given in this tutorial are specific to the Windows platform. Where
necessary, supplemental notes are added for users of other platforms.
Some administrative tasks cannot be accomplished using the Administration Console. You
must use command line utilities to perform such tasks as the following:
■ Start up a broker
■ Create a broker cluster
■ Configure certain physical destination properties
■ Manage a JDBC database for persistent storage
■ Manage a user repository
■ Install a broker as a Windows service
■ Generate SSL certificates
/usr/bin/imqadmin
■ On Linux, enter the command
/opt/sun/mq/bin/imqadmin
■ On Windows, choose Start > Programs > Sun Microsystems > Sun Java System Message
Queue 4.1 > Administration.
You may need to wait a few seconds before the Administration Console window is displayed
(see Figure 2–1).
40 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Starting the Administration Console
Take a few seconds to examine the Administration Console window. It has a menu bar at the
top, a tool bar just below it, a navigation pane to the left, a result pane to the right (now
displaying graphics identifying the Sun JavaTM System Message Queue product), and a status
pane at the bottom.
Note – As you work with the Administration Console, you can use the Refresh command on the
View menu to update the visual display of any element or group of elements, such as a list of
brokers or object stores.
The Help window’s navigation pane, on the left, organizes topics into three areas: Message
Queue Administration Console, Message Queue Object Store Management, and Message
Queue Broker Management. Within each area are files and folders. The folders provide help for
dialog boxes containing multiple tabs, the files for simple dialog boxes or individual tabs. When
you select an item in the navigation pane, the result pane to the right shows the contents of that
item. With the Overview item chosen, the result pane displays a skeletal view of the
Administration Console window identifying each of the window’s panes, as shown in the figure.
Your first task with the Administration Console will be to create a reference to a broker. Before
you start, however, check the Help window for information. Click the Add Broker item in the
Help window’s navigation pane; the contents of the result pane will change to show text
explaining what it means to add a broker and describing the use of each field in the Add Broker
dialog box. Read through the help text, then close the Help window.
42 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Brokers
Starting a Broker
You cannot start a broker using the Administration Console. Instead, use one of the following
methods:
■ On Solaris, enter the command
/usr/bin/imqbrokerd
■ On Linux, enter the command
/opt/sun/mq/bin/imqbrokerd
■ On Windows, choose Start > Programs > Sun Microsystems > Sun Java System Message
Queue 4.1 > Message Broker.
If you used the Windows Start menu, the command window will appear, indicating that the
broker is ready by displaying lines like the following:
Reactivate the Administration Console window. You are now ready to add the broker to the
Console and connect to it. You do not have to start the broker before adding a reference to it in
the Administration Console, but you must start it before you can connect to it.
1 Click on the Brokers item in the Administration Console window’s navigation pane and choose
Add Broker from the Actions menu.
Alternatively, you can right-click on Brokers and choose Add Broker from the pop-up context
menu. In either case, the Add Broker dialog box (Figure 2–3) will appear.
44 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Brokers
Once you have added a broker, you can use the Properties command on the Actions menu (or
the pop-up context menu) to display a Broker Properties dialog box, similar to the Add Broker
dialog shown in “Adding a Broker to the Administration Console” on page 43, to view or
modify any of its properties.
Connecting to a Broker
Now that you have added a broker to the Administration Console, you can proceed to connect
to it.
▼ To Connect to a Broker
1 Click on the broker’s name in the Administration Console window’s navigation pane and choose
Connect to Broker from the Actions menu.
Alternatively, you can right-click on the broker’s name and choose Connect to Broker from the
pop-up context menu. In either case, the Connect to Broker dialog box ( Figure 2–5) will
appear.
2 Enter the user name and password with which to connect to the broker.
The dialog box initially displays the default user name, admin . In a real-world environment, you
should establish secure user names and passwords as soon as possible (see “User
Authentication” on page 165); for this exercise, simply use the default value.
The password associated with the default user name is also admin; type it into the Password field
in the dialog box. This will connect you to the broker with administrative privileges.
1 Select Services under the broker’s name in the Administration Console window’s navigation
pane.
A list of the available services will appear in the result pane (see Figure 2–6), showing the name,
port number, and current state of each service.
46 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Brokers
For this exercise, do not change any of the connection service’s properties.
4 Click OK to accept the new property values and dismiss the dialog box.
The Actions menu also contains commands for pausing and resuming a service. If you select the
admin service and pull down the Actions menu, however, you will see that the Pause Service
command is disabled. This is because the admin service is the Administration Console’s link to
the broker: if you paused it, you would no longer be able to access the broker.
1 Click on the Destinations item under the broker’s name in the Administration Console window’s
navigation pane and choose Add Broker Destination from the Actions menu.
Alternatively, you can right-click on Destinations and choose Add Broker Destination from the
pop-up context menu. In either case, the Add Broker Destination dialog box (Figure 2–8) will
appear.
48 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Physical Destinations
2 Enter a name for the physical destination in the Destination Name field.
Note the name that you assign to the destination; you will need it later when you create an
administered object corresponding to this physical destination.
For this exercise, type in the name MyQueueDest.
3 Select the Queue or Topic radio button to specify the type of destination to create.
For this exercise, select Queue if it is not already selected.
4 Click OK to add the physical destination and dismiss the dialog box.
The new destination will appear in the result pane.
1 Select Destinations under the broker’s name in the Administration Console window’s
navigation pane.
A list of the available physical destinations will appear in the result pane, showing the name,
type, and current state of each destination.
50 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Physical Destinations
You can use the Durable Subscriptions panel’s Purge and Delete buttons to
■ Purge all pending messages associated with a durable subscription
■ Remove a durable subscription from the topic
The Durable Subscriptions tab is disabled for queue destinations.
4 Click OK to accept the new property values and dismiss the dialog box.
1 Select Destinations under the broker’s name in the Administration Console window’s
navigation pane.
A list of the available physical destinations will appear in the result pane, showing the name,
type, and current state of each destination.
4 Click Yes to confirm the operation and dismiss the confirmation dialog.
52 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Object Stores
1 Select Destinations under the broker’s name in the Administration Console window’s
navigation pane.
A list of the available destinations will appear in the result pane, showing the name, type, and
current state of each destination.
4 Click Yes to confirm the operation and dismiss the confirmation dialog.
For this exercise, do not delete the destination MyQueueDest that you created earlier; instead,
click No to dismiss the confirmation dialog without performing the delete operation.
Although it is possible to instantiate and configure administered objects directly from within a
client application’s code, it is generally preferable to have an administrator create and configure
these objects and store them in an object store, where client applications can access them using
the Java Naming and Directory Interface (JNDI). This allows the client code itself to remain
provider-independent.
Note – The sample application used in this chapter assumes that the object store is held in a
directory named Temp on the C drive. If you do not already have a folder named Temp on your C
drive, create one before proceeding with the following exercise. (On non-Windows platforms,
you can use the /tmp directory, which should already exist.)
1 Click on the Object Stores item in the Administration Console window’s navigation pane and
choose Add Object Store from the Actions menu.
Alternatively, you can right-click on Object Stores and choose Add Object Store from the
pop-up context menu. In either case, the Add Object Store dialog box (Figure 2–11) will appear.
2 Enter a name for the object store in the Object Store Label field.
This provides a label that identifies the object store in the Administration Console.
For this exercise, type in the name MyObjectStore.
3 Enter the JNDI attribute values to be used for looking up administered objects:
a. Select the name of the attribute you wish to specify from the Name pull-down menu.
54 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Object Stores
Repeat steps “Adding an Object Store” on page 53 to “Adding an Object Store” on page 53
for as many attributes as you need to set.
For this exercise, set the java.naming.factory.initial attribute to
com.sun.jndi.fscontext.RefFSContextFactory
and the java.naming.provider.url attribute to
file:///C:/Temp
(or file:///tmp on the Solaris or Linux platforms). These are the only attributes you need
to set for a file-system object store; see “LDAP Server Object Stores” on page 127 for
information on the attribute values needed for an LDAP store.
4 Click OK to add the object store and dismiss the dialog box.
The new object store will appear under Object Stores in the navigation pane, as shown in
Figure 2–12. The red X over the object store’s icon indicates that it is not currently connected to
the Administration Console.
When you click on the object store in the navigation pane, its contents are listed in the result
pane. Since you have not yet added any administered objects to the object store, the Count
column shows 0 for both destinations and connection factories.
Once you have added an object store, you can use the Properties command on the Actions
menu (or the pop-up context menu) to display an Object Store Properties dialog box, similar to
the Add Object Store dialog shown in Figure 2–11, to view or modify any of its properties.
● Click on the object store’s name in the Administration Console window’s navigation pane and
choose Connect to Object Store from the Actions menu.
Alternatively, you can right-click on the object store’s name and choose Connect to Object Store
from the pop-up context menu. In either case, the red X will disappear from the object store’s
icon, indicating that it is now connected to the Administration Console.
Note – The Administration Console displays only Message Queue administered objects. If an
object store contains a non–Message Queue object with the same lookup name as an
administered object that you want to add, you will receive an error when you attempt the add
operation.
1 Make sure the object store is connected to the Administration Console (see “Connecting to an
Object Store”on page 55).
2 Click on the Connection Factories item under the object store’s name in the Administration
Console window’s navigation pane and choose Add Connection Factory Object from the Actions
menu.
Alternatively, you can right-click on Connection Factories and choose Add Connection Factory
Object from the pop-up context menu. In either case, the Add Connection Factory Object
dialog box ( Figure 2–13) will appear.
56 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Administered Objects
3 Enter a name for the connection factory in the Lookup Name field.
This is the name that client applications will use when looking up the connection factory with
JNDI.
For this exercise, type in the name MyQueueConnectionFactory .
4 Choose the type of connection factory you wish to create from the Factory Type pull-down
menu.
For this exercise, choose QueueConnectionFactory.
6 Fill in the Message Server Address List field with the address(es) of the broker(s) to which this
connection factory will create connections.
The address list may consist of a single broker or (in the case of a broker cluster) multiple
brokers. For each broker, it specifies information such as the broker’s connection service, host
name, and port number. The exact nature and syntax of the information to be specified varies,
depending on the connection service to be used; see “Connection Handling” on page 317 for
specifics.
For this exercise, there is no need to type anything into the Message Server Address List field,
since the sample application HelloWorldMessageJNDI expects the connection factory to use the
9 Click OK to create the connection factory, add it to the object store, and dismiss the dialog box.
The new connection factory will appear in the result pane.
Adding a Destination
A destination administered object represents a physical destination on a broker, enabling clients
to send messages to that physical destination independently of provider-specific configurations
and naming syntax. When a client sends a message addressed via the administered object, the
broker will deliver the message to the corresponding physical destination, if it exists. If no such
physical destination exists, the broker will create one automatically if auto-creation is enabled,
as described under “Creating a Physical Destination” on page 48, and deliver the message to it;
otherwise, it will generate an error signaling that the message cannot be delivered.
The following procedure describes how to add a destination administered object to the object
store corresponding to an existing physical destination.
1 Make sure the object store is connected to the Administration Console (see “Connecting to an
Object Store”on page 55).
58 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Working With Administered Objects
2 Click on the Destinations item under the object store’s name in the Administration Console
window’s navigation pane and choose Add Destination Object from the Actions menu.
Alternatively, you can right-click on Destinations and choose Add Destination Object from the
pop-up context menu. In either case, the Add Destination Object dialog box (Figure 2–14) will
appear.
3 Enter a name for the destination administered object in the Lookup Name field.
This is the name that client applications will use when looking up the destination with JNDI.
For this exercise, type in the name MyQueue.
4 Select the Queue or Topic radio button to specify the type of destination object to create.
For this exercise, select Queue if it is not already selected.
5 Enter the name of the corresponding physical destination in the Destination Name field.
This is the name you specified when you added the physical destination to the broker (see
“Working With Physical Destinations” on page 48).
For this exercise, type in the name MyQueueDest.
6 Optionally, enter a brief description of the destination in the Destination Description field.
The contents of this field are intended strictly for human consumption and have no effect on
client operations.
For this exercise, you can either delete the contents of the Destination Description field or type
in some descriptive text such as
Example destination for MQ Admin Guide tutorial
8 Click OK to create the destination object, add it to the object store, and dismiss the dialog box.
The new destination object will appear in the result pane, as shown in Figure 2–15.
1 Select Connection Factories or Destinations under the object store’s name in the Administration
Console window’s navigation pane.
A list of the available connection factory or destination administered objects will appear in the
result pane, showing the lookup name and type of each (as well as the destination name in the
case of destination administered objects).
60 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Running the Sample Application
attributes. Note, however, that you cannot change the object’s lookup name; the only way to do
this is the delete the object and then add a new administered object with the desired lookup
name.
4 Click OK to accept the new attribute values and dismiss the dialog box.
1 Select Connection Factories or Destinations under the object store’s name in the Administration
Console window’s navigation pane.
A list of the available connection factory or destination administered objects will appear in the
result pane, showing the lookup name and type of each (as well as the destination name in the
case of destination administered objects).
4 Click Yes to confirm the operation and dismiss the confirmation dialog.
For this exercise, do not delete the administered objects MyQueue or
MyQueueConnectionFactory that you created earlier; instead, click No to dismiss the
confirmation dialog without performing the delete operation.
Before running the application, open the source file HelloWorldMessageJNDI.java and read
through the code. The program is short and amply documented; you should have little trouble
understanding how it works.
cd /usr/demo/imq/helloworld/helloworldmessagejndi
■ On Linux:
cd /opt/sun/mq/examples/helloworld/helloworldmessagejndi
■ On Windows:
cd IMQ_HOME\\demo\\helloworld\\helloworldmessagejndi
You should find the file HelloWorldMessageJNDI.class present. (If you make changes to the
application, you must recompile it using the procedure for compiling a client application given
in the Message Queue Developer’s Guide for Java Clients.)
2 Set the CLASSPATH variable to include the current directory containing the file
HelloWorldMessageJNDI.class, as well as the following .jar files that are included in the
Message Queue product:
jms.jar
imq.jar
jndi.jar
fscontext.jar
See the Message Queue Developer’s Guide for Java Clients for information on setting the
CLASSPATH variable.
Note – The file jndi.jar is bundled with JDK 1.4. You need not add this file to your CLASSPATH
unless you are using an earlier version of the JDK.
62 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Running the Sample Application
java HelloWorldMessageJNDI
If the application runs successfully, you should see the output shown in Example 2–1.
java HelloWorldMessageJNDI
Using file:///C:/Temp for Context.PROVIDER_URL
Administrative Tasks
■ Chapter 3, “Starting Brokers and Clients”
■ Chapter 4, “Broker Configuration”
■ Chapter 5, “Broker Management”
■ Chapter 6, “Physical Destinations”
■ Chapter 7, “Administered Objects”
■ Chapter 8, “Broker Clusters”
■ Chapter 9, “Security”
■ Chapter 10, “Monitoring Broker Operations”
■ Chapter 11, “Analyzing and Tuning a Message Service”
■ Chapter 12, “Troubleshooting”
65
66
3
C H A P T E R 3
After installing Sun JavaTM System Message Queue and performing some preparatory steps, you
can begin starting brokers and clients. A broker’s configuration is governed by a set of
configuration files, which can be overridden by command line options passed to the Broker
utility (imqbrokerd); see Chapter 4, “Broker Configuration” for more information.
Configure your systems to run a time synchronization protocol, such as Simple Network Time
Protocol (SNTP). Time synchronization is generally supported by the xntpd daemon on Solaris
67
Starting Brokers
and Linux, and by the W32Time service on Windows. (See your operating system documentation
for information about configuring this service.) After the broker is running, avoid setting the
system clock backward.
Starting Brokers
You can start a broker either interactively, using the Message Queue command line utilities or
the Windows Start menu, or by arranging for it to start automatically at system startup. The
following sections describe how.
68 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Starting Brokers
To specify an instance name other than the default, use the-name option to the imqbrokerd
command. The following command starts a broker with the instance name myBroker:
Other options are available on the imqbrokerd command line to control various aspects of the
broker’s operation. The following example uses the-tty option to send errors and warnings to
the command window (standard output):
You can also use the -D option on the command line to override the values of properties
specified in the broker’s instance configuration file (config.properties). The instance
configuration file is described under “Configuration Files” on page 89. The following example
sets a broker’s imq.jms.max_threads property, raising the maximum number of threads
available to the jms connection service to 2000:
See “Broker Utility” on page 262 for complete information on the syntax, subcommands, and
options of the imqbrokerd command. For a quick summary of this information, enter the
command
imqbrokerd -help
A system can have no more than one broker running as a Windows service. The Windows Task
Manager lists such a broker as two executable processes:
■ The native Windows service wrapper, imqbrokersvc.exe
■ The Java runtime that is running the broker
You can install a broker as a service when you install Message Queue on a Windows system.
After installation, you can use the Service Administrator utility (imqsvcadmin) to perform the
following operations:
■ Add a broker as a Windows service
■ Determine the startup options for the broker service
■ Remove a broker that is running as a Windows service
To pass startup options to the broker, use the -args option to the imqsvcadmin command. This
works the same way as the imqbrokerd command’s -D option, as described under “Starting
Brokers” on page 68. Use the Command utility (imqcmd) to control broker operations as usual.
See “Service Administrator Utility” on page 280 for complete information on the syntax,
subcommands, and options of the imqsvcadmin command.
a. From the Settings submenu of the Windows Start menu, choose Control Panel.
c. Run the Services tool by selecting its icon and choosing Open from the File menu or the
pop-up context menu, or simply by double-clicking the icon.
70 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Starting Brokers
d. Under Services (Local), select the Message Queue Broker service and choose Properties from
the Action menu.
Alternatively, you can right-click on Message Queue Broker and choose Properties from the
pop-up context menu, or simply double-click on Message Queue Broker. In either case, the
Message Queue Broker Properties dialog box will appear.
e. Under the General tab in the Properties dialog, click Stop to stop the broker service.
3 Reinstall the service, specifying different broker startup options with the -args option or
different Java version arguments with the -vmargs option.
For example, to change the service’s host name and port number to broker1 and 7878, you
could use the command
imqsvcadmin install -args "-name broker1 -port 7878"
Note – The Start Parameters field treats the backslash character (\) as an escape character, so you
must type it twice when using it as a path delimiter: for example,
-javahome c:\\j2sdk1.4.0
imqsvcadmin query
4 Choose Refresh from the Action menu to display any error events.
Removing Brokers
The procedure for removing a broker again varies from one platform to another, as described in
the following sections.
72 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Starting Clients
For example, if the name of the broker is myBroker, the command would be
The command deletes the entire instance directory for the specified broker.
If the broker is set up to start automatically at system startup, edit the configuration file
/etc/imq/imqbrokerd.conf (Solaris) or /etc/opt/sun/mq/imqbrokerd.conf (Linux) and set
the AUTOSTART property to NO.
See “Broker Utility” on page 262 for complete information on the syntax, subcommands, and
options of the imqbrokerd command. For a quick summary of this information, enter the
command
imqbrokerd -help
imqsvcadmin remove
Alternatively, you can use the Windows Services tool, reached via the Administrative Tools
control panel, to stop and remove the broker service.
Starting Clients
Before starting a client application, obtain information from the application developer about
how to set up the system. If you are starting Java client applications, you must set the CLASSPATH
variable appropriately and make sure you have the correct .jar files installed. The Message
Queue Developer’s Guide for Java Clients contains information about generic steps for setting up
the system, but your developer may have additional information to provide.
To start a Java client application, use the following command line format:
java clientAppName
To start a C client application, use the format supplied by the application developer.
The application’s documentation should provide information on attribute values that the
application sets; you may want to override some of these from the command line. You may also
want to specify attributes on the command line for any Java client that uses a Java Naming and
Directory Interface (JNDI) lookup to find its connection factory. If the lookup returns a
connection factory that is older than the application, the connection factory may lack support
for more recent attributes. In such cases, Message Queue sets those attributes to default values;
if necessary, you can use the command line to override these default values.
To specify attribute values from the command line for a Java application, use the following
syntax:
The value for attribute must be a connection factory administered object attribute, as described
in Chapter 16, “Administered Object Attribute Reference.” If there is a space in the value, put
quotation marks around the
attribute=value
The following example starts a client application named MyMQClient, connecting to a broker
on the host OtherHost at port 7677:
The host name and port specified on the command line override any others set by the
application itself.
In some cases, you cannot use the command line to specify attribute values. An administrator
can set an administered object to allow read access only, or an application developer can code
the client application to do so. Communication with the application developer is necessary to
understand the best way to start the client program.
74 Sun Java System Message Queue 4.1 Administration Guide • September 2007
4
C H A P T E R 4
Broker Configuration
A broker’s configuration is governed by a set of configuration files and by the options passed to
the imqbrokerd command at startup. This chapter describes the available configuration
properties and how to use them to configure a broker.
For full reference information about broker configuration properties, see Chapter 14, “Broker
Properties Reference”
Broker Services
Broker configuration properties can be divided into several categories, depending on the
services or broker components they affect:
■ Connection services manage the physical connections between a broker and its clients that
provide transport for incoming and outgoing messages.
■ Routing services route and deliver JMS payload messages, as well as control messages used by
the message service to support reliable delivery.
■ Persistence services manage the writing and retrieval of data to and from persistent storage.
■ Security services authenticate users connecting to the broker and authorize their actions.
■ Monitoring services generate metric and diagnostic information about the broker’s
performance.
The following sections describe each of these services and the properties you use to customize
them for your particular needs.
75
Broker Services
Connection Services
Message brokers can offer various connection services supporting both application and
administrative clients, using a variety of transport protocols. Broker configuration properties
related to connection services are listed under “Connection Properties” on page 283.
Table 4–1 shows the available connection services, which are distinguished by two
characteristics:
■ The service type specifies whether the service provides JMS message delivery (NORMAL) or
Message Queue administration services ( ADMIN).
■ The protocol type specifies the underlying transport protocol.
By setting a broker’s imq.service.activelist property, you can configure it to run any or all
of these connection services. The value of this property is a list of connection services to be
activated when the broker is started up; if the property is not specified explicitly, the jms and
admin services will be activated by default.
Each connection service also supports specific authentication and authorization features; see
“Security Services” on page 83 for more information.
Note – There is also a special cluster connection service, used internally by the brokers within a
cluster to exchange information about the cluster’s configuration and state. This service is not
intended for use by clients communicating with a broker. See Chapter 8, “Broker Clusters” for
more information about broker clusters.
Port Mapper
Each connection service is available at a particular port, specified by host name (or IP address)
and port number. You can explicitly specify a static port number for a service or have the
broker’s Port Mapper assign one dynamically. The Port Mapper itself resides at the broker’s
76 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
primary port, which is normally located at the standard port number 7676. (If necessary, you
can use the broker configuration property imq.portmapper.port to override this with a
different port number.) By default, each connection service registers itself with the Port Mapper
when it starts up. When a client creates a connection to the broker, the Message Queue client
runtime first contacts the Port Mapper, requesting a port number for the desired connection
service.
Alternatively, you can override the Port Mapper and explicitly assign a static port number to a
connection service, using the imq.serviceName.protocolType. port configuration property
(where serviceName and protocolType identify the specific connection service, as shown in
Table 4–1). (Only the jms, ssljms, admin, and ssladmin connection services can be configured
this way; the httpjms and httpsjms services use different configuration properties, described in
Appendix C, “HTTP/HTTPS Support”) Static ports are generally used only in special situations,
however, such as in making connections through a firewall (see “Connecting Through a
Firewall” on page 195), and are not recommended for general use.
Note – In cases where two or more hosts are available (such as when more than one network
interface card is installed in a computer), you can use broker properties to specify which host
the connection services should bind to. The imq.hostname property designates a single default
host for all connection services; this can then be overridden, if necessary, with imq.serviceName.
protocolType.hostname (for the jms, ssljms, admin, or ssladmin service) or
imq.portmapper.hostname (for the Port Mapper itself).
When multiple Port Mapper requests are received concurrently, they are stored in an operating
system backlog while awaiting action. The imq.portmapper.backlog property specifies the
maximum number of such backlogged requests. When this limit is exceeded, any further
requests will be rejected until the backlog is reduced.
The broker’s imq.serviceName. threadpool_model property specifies which of the two models
to use for a given connection service. This property takes either of two string values: dedicated
or shared. If you don’t set the property explicitly, dedicated is assumed by default.
You can also set the broker properties imq.serviceName. min_threads and imq.serviceName.
max_threads to specify a minimum and maximum number of threads in a service’s thread pool.
When the number of available threads exceeds the specified minimum threshold, Message
Queue will shut down threads as they become free until the minimum is reached again, thereby
saving on memory resources. Under heavy loads, the number of threads might increase until
the pool’s maximum number is reached; at this point, new connections are rejected until a
thread becomes available.
The shared threading model uses distributor threads to assign threads to active connections.
The broker property imq.shared.connectionMonitor_limit specifies the maximum number
of connections that can be monitored by a single distributor thread. The smaller the value of
this property, the faster threads can be assigned to connections. The imq.ping.interval
property specifies the time interval, in seconds, at which the broker will periodically test
(“ping”) a connection to verify that it is still active, allowing connection failures to be detected
preemptively before an attempted message transmission fails.
Routing Services
Once clients are connected to the broker, the routing and delivery of messages can proceed. In
this phase, the broker is responsible for creating and managing different types of physical
destinations, ensuring a smooth flow of messages, and using resources efficiently. You can use
the broker configuration properties described under “Routing Properties” on page 286 to
manage these tasks in a way that suits your application’s needs.
The performance and stability of a broker depend on the system resources (such as memory)
available and how efficiently they are utilized. You can set configuration properties to prevent
the broker from becoming overwhelmed by incoming messages or running out of memory.
These properties function at three different levels to keep the message service operating as
resources become scarce:
■ Systemwide message limits apply collectively to all physical destinations on the system.
These include the maximum number of messages held by a broker
(imq.system.max_count) and the maximum total number of bytes occupied by such
messages (imq.system.max_size). If either of these limits is reached, the broker will reject
any new messages until the pending messages fall below the limit. There is also a limit on the
maximum size of an individual message (imq.message.max_size) and a time interval at
which expired messages are reclaimed (imq.message.expiration.interval).
■ Individual destination limits regulate the flow of messages to a specific physical
destination. The configuration properties controlling these limits are described in
Chapter 15, “Physical Destination Property Reference.” They include limits on the number
78 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
and size of messages the destination will hold, the number of message producers and
consumers that can be created for it, and the number of messages that can be batched
together for delivery to the destination.
The destination can be configured to respond to memory limits by slowing down the
delivery of message by message producers, by rejecting new incoming messages, or by
throwing out the oldest or lowest-priority existing messages. Messages deleted from the
destination in this way may optionally be moved to the dead message queue rather than
discarded outright; the broker property imq.destination.DMQ.truncateBody controls
whether the entire message body is saved in the dead message queue, or only the header and
property data.
As a convenience during application development and testing, you can configure a message
broker to create new physical destinations automatically whenever a message producer or
consumer attempts to access a nonexistent destination. The broker properties summarized
in Table 14–3 parallel the ones just described, but apply to such auto-created destinations
instead of administratively created ones.
■ System memory thresholds define levels of memory usage at which the broker takes
increasingly serious action to prevent memory overload. Four such usage levels are defined:
■ Green: Plenty of memory is available.
■ Yellow: Broker memory is beginning to run low.
■ Orange: The broker is low on memory.
■ Red: The broker is out of memory.
The memory utilization percentages defining these levels are specified by the broker
properties imq.green.threshold, imq.yellow.threshold , imq.orange.threshold,
and imq.red.threshold , respectively; the default values are 0% for green, 80% for
yellow, 90% for orange, and 98% for red.
As memory usage advances from one level to the next, the broker responds
progressively, first by swapping messages out of active memory into persistent storage
and then by throttling back producers of nonpersistent messages, eventually stopping
the flow of messages into the broker. (Both of these measures degrade broker
performance.) The throttling back of message production is done by limiting the size of
each batch delivered to the number of messages specified by the properties
imq.resourceState .count, where resourceState is green , yellow, orange, or red ,
respectively.
The triggering of these system memory thresholds is a sign that systemwide and destination
message limits are set too high. Because the memory thresholds cannot always catch potential
memory overloads in time, you should not rely on them to control memory usage, but rather
reconfigure the systemwide and destination limits to optimize memory resources.
Persistence Services
For a broker to recover in case of failure, it needs to re-create the state of its message delivery
operations. To do this, the broker must save state information to a persistent data store. When
the broker restarts, it uses the saved data to re-create destinations and durable subscriptions,
recover persistent messages, roll back open transactions, and rebuild its routing table for
undelivered messages. It can then resume message delivery.
An important use for persistent data stores is for providing high availability message service. In
this model, two or more brokers are joined together in a broker cluster sharing the same
persistent store. If one of the brokers should fail, another broker within the cluster can then take
over ownership of its messages and see that they are delivered to their destinations without
interruption of service. (See Chapter 8, “Broker Clusters” and the Message Queue Technical
Overviewfor more information on clusters and how they operate.)
Message Queue supports both file-based and JDBC-based persistence modules (see Figure 4–1).
File-based persistence uses individual files to store persistent data; JDBC-based persistence uses
the Java Database Connectivity (JDBC) interface to connect the broker to a JDBC-compliant
data store. While file-based persistence is generally faster than JDBC-based, some users prefer
the redundancy and administrative control provided by a JDBC-compliant store. The broker
configuration property imq.persist.store (see Table 14–4) specifies which of the two forms
of persistence to use.
Broker
File-based
Data Store
Physical
JDBC-compliant
Destinations
Data Store
80 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
Note – Changes in the file formats for both file-based and JDBC-based persistent data stores
were introduced in Message Queue 3.7, with further JDBC changes in version 4.0. As a result of
these changes, the persistent store version numbers were updated to 370 for file-based and 400
for JDBC-based stores. You can use the imqdbmgr query command (see “Displaying
Information About the Persistent Store” on page 94) to determine the version number of your
existing data store.
On first startup, the Message Queue Broker utility (imqbrokerd) will check for the presence of
an older persistent store and automatically migrate it to the latest format:
■ File-based store versions 200 and 350 will be migrated to the version 370 format.
■ JDBC-based store versions 350 and 370 will be migrated to the version 400 format. (If you
need to upgrade a version 200 store, you will need to step through an intermediate 3.5 or 3.6
release.)
This upgrade leaves the older copy of the persistent store intact, allowing you to roll back the
upgrade if necessary. To do so, you can uninstall Message Queue 4.0 or 4.1 and reinstall the
earlier version you were previously running. The older version’s message brokers will locate and
use the older copy of the persistent store.
File-Based Persistence
By default, Message Queue uses a file-based persistent data store, in which individual files store
persistent data such as messages, destinations, durable subscriptions, and transactions. Broker
configuration properties related to file-based persistence are listed under “File-Based
Persistence Properties” on page 291.
The file-based store is located in a directory identified by the name of the broker instance
(instanceName) to which the data store belongs:
.../instances/instanceName/fs370
(See Appendix A, “Platform-Specific Locations of Message Queue Data” for the location of the
instances directory.) Each destination on the broker has its own subdirectory holding
messages delivered to that destination.
Note – Because the persistent data store can contain messages of a sensitive or proprietary
nature, you should secure the …/instances/instanceName/fs370 directory against
unauthorized access; see “Securing Persistent Data” on page 94.
All persistent data other than messages is stored in separate files: one file each for destinations,
durable subscriptions, and transaction state information. Most messages are stored in a single
file consisting of variable-size records. You can compact this file to alleviate fragmentation as
messages are added and removed (see “Managing Physical Destination Disk Utilization” on
page 123). In addition, messages above a certain threshold size are stored in their own individual
files rather than in the variable-sized record file. You can configure this threshold size with the
broker property imq.persist.file.message.max_record_size.
The broker maintains a file pool for these individual message files: instead of being deleted
when it is no longer needed, a file is returned to the pool of free files in its destination directory
so that it can later be reused for another message. The broker property
imq.persist.file.destination.message.filepool.limit specifies the maximum number
of files in the pool. When the number of individual message files for a destination exceeds this
limit, files will be deleted when no longer needed instead of being returned to the pool.
When returning a file to the file pool, the broker can save time at the expense of storage space by
simply tagging the file as available for reuse without deleting its previous contents. You can use
the imq.persist.file.message.filepool.cleanratio broker property to specify the
percentage of files in each destination’s file pool that should be maintained in a “clean” (empty)
state rather than simply marked for reuse. The higher you set this value, the less space will be
required for the file pool, but the more overhead will be needed to empty the contents of files
when they are returned to the pool. If the broker’s imq.persist.file.message.cleanup
property is true, all files in the pool will be emptied at broker shutdown, leaving them in a clean
state; this conserves storage space but slows down the shutdown process.
In writing data to the persistent store, the operating system has some leeway in whether to write
the data synchronously or “lazily” (asynchronously). Lazy storage can lead to data loss in the
event of a system crash, if the broker believes the data to have been written to persistent storage
when it has not. To ensure absolute reliability (at the expense of performance), you can require
that all data be written synchronously by setting the broker property
imq.persist.file.sync.enabled to true. In this case, the data is guaranteed to be available
when the system comes back up after a crash, and the broker can reliably resume operation.
Note, however, that although the data is not lost, it is not available to any other broker in a
cluster, since clustered brokers do not currently share data.
JDBC-Based Persistence
Instead of using file-based persistence, you can set up a broker to access any data store
accessible through a JDBC-compliant driver. This involves setting the appropriate
JDBC-related broker configuration properties and using the Database Manager utility
(imqdbmgr) to create the proper database schema. See “Configuring a JDBC-Based Store” on
page 92 for specifics.
The properties for configuring a broker to use a JDBC database are listed in Table 14–6. You can
specify these properties either in the instance configuration file (config.properties) of each
broker instance or by using the -D command line option to the Broker utility (imqbrokerd) or
the Database Manager utility (imqdbmgr).
82 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
The imq.persist.jdbc.dbVendor property identifies the database vendor being used for the
persistent data store; all of the remaining properties are qualified by this vendor name. The
imq.persist.jdbc.vendorName.driver property gives the Java class name of the JDBC driver
to use in connecting to the database. There are also properties specifying the URLs for
connecting to an existing database (imq.persist.jdbc.vendorName.opendburl), creating a
new database (imq.persist.jdbc.vendorName.createdburl), and closing a database
connection (imq.persist.jdbc.vendorName.closedburl).
The imq.persist.jdbc.vendorName.user and imq.persist.jdbc.vendorName.password
properties give the user name and password for accessing the database, if required;
imq.persist.jdbc.vendorName.needpassword is a boolean flag specifying whether a
password is needed. For security reasons, the password should be specified only in a password
file designated with the -passfile command line option; if no such password file is specified,
the imqbrokerd and imqdbmgr commands will prompt for the password interactively. Similarly,
the user name can be supplied from the command line using the -dbuser option to the
imqbrokerd command or the -u option to imqdbmgr. If any additional, vendor-specific
properties are required, you can set them by using broker properties of the form
imq.persist.jdbc.vendorName.property.propName.
In a JDBC database shared by multiple broker instances, the configuration property
imq.brokerid specifies a unique instance identifier for each, to be appended to the names of
database tables. (This is usually unnecessary for an embedded database, which stores data for
only one broker instance.)
Besides setting all of the broker’s needed JDBC configuration properties, you must also install
your JDBC driver’s .jar file in the appropriate directory location, depending on your
operating-system platform (as listed in Appendix A, “Platform-Specific Locations of Message
Queue Data”) and then execute the Database Manager command
imqdbmgr create tbl
to create the database schema for the persistent data store.
Security Services
Message Queue provides security services for user access control (authentication and
authorization) and for encryption:
■ Authentication ensures that only verified users can establish a connection to a broker.
■ Authorization specifies which users or groups have the right to access resources and to
perform specific operations.
■ Encryption protects messages from being tampered with during delivery over a connection.
As a Message Queue administrator, you are responsible for setting up the information the
broker needs to authenticate users and authorize their actions. The broker properties pertaining
to security services are listed under “Security Properties” on page 293. The boolean property
LDAP
Server User
Repository
Broker
Authentication imqusermgr
Flat File User
Repository
As Figure 4–2 shows, you can store user data in a flat-file user repository that is provided with
the Message Queue service or you can plug in a preexisting Lightweight Directory Access
Protocol (LDAP) repository:
■ If you choose a flat-file repository, you must use the Message Queue User Manager utility
(imqusermgr) to manage the repository. This option is built-in and easy to use.
■ If you want to use an existing LDAP server, you use the tools provided by the LDAP vendor
to populate and manage the user repository. You must also set properties in the broker’s
instance configuration file to enable the broker to query the LDAP server for information
about users and groups.
84 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
Authentication
A client requesting a connection to a broker must supply a user name and password, which the
broker compares with those stored in the user repository. Passwords transmitted from client to
broker are encoded using either base-64 encoding (for flat-file repositories) or message digest
(MD5) hashing (for LDAP repositories). The choice is controlled by the
imq.authentication.type property for the broker as a whole, or by imq.serviceName.
authentication.type for a specific connection service. The
imq.authentication.client.response.timeout property sets a timeout interval for
authentication requests.
As described under “Password Files” on page 193, you can choose to put your passwords in a
password file instead of being prompted for them interactively. The boolean broker property
imq.passfile.enabled controls this option. If this property is true, the imq.passfile.dirpath
and imq.passfile.name properties give the directory path and file name for the password file.
The imq.imqcmd.password property (which can be embedded in the password file) specifies the
password for authenticating an administrative user to use the Command utility (imqcmd) for
managing brokers, connection services, connections, physical destinations, durable
subscriptions, and transactions.
If you are using an LDAP-based user repository, there are a whole range of broker properties
available for configuring various aspects of the LDAP lookup. The address (host name and port
number) of the LDAP server itself is specified by imq.user_repository.ldap.server. The
imq.user_repository.ldap.principal property gives the distinguished name for binding to
the LDAP repository, while imq.user_repository.ldap.password supplies the associated
password. Other properties specify the directory bases and optional JNDI filters for individual
user and group searches, the provider-specific attribute identifiers for user and group names,
and so forth; see “Security Properties” on page 293 for details.
Authorization
Once authenticated, a user can be authorized to perform various Message Queue-related
activities. As a Message Queue administrator, you can define user groups and assign individual
users membership in them. The default access control file explicitly refers to only one group,
admin (see “User Groups and Status” on page 166). A user in this group has connection
permission for the admin connection service, which allows the user to perform administrative
functions such as creating destinations and monitoring and controlling a broker. A user in any
other group that you define cannot, by default, get an admin service connection.
When a user attempts to perform an operation, the broker checks the user’s name and group
membership (from the user repository) against those specified for access to that operation (in
the access control file). The access control file specifies permissions to users or groups for the
following operations:
■ Connecting to a broker
■ Accessing destinations: creating a consumer, a producer, or a queue browser for any given
destination or for all destinations
■ Auto-creating destinations
Encryption
To encrypt messages sent between clients and broker, you need to use a connection service
based on the Secure Socket Layer (SSL) standard. SSL provides security at the connection level
by establishing an encrypted connection between an SSL-enabled broker and client.
To use an SSL-based Message Queue connection service, you generate a public/private key pair
using the Message Queue Key Tool utility (imqkeytool). This utility embeds the public key in a
self-signed certificate and places it in a Message Queue key store. The key store is itself
password-protected; to unlock it, you must provide a key store password at startup time,
specified by the imq.keystore.password property. Once the key store is unlocked, a broker can
pass the certificate to any client requesting a connection. The client then uses the certificate to
set up an encrypted connection to the broker.
Monitoring Services
The broker includes components for monitoring and diagnosing application and broker
performance. These include the following:
■ Components that generate data, a Metrics Generator and broker code that logs events
■ A Logger component that writes out information to a number of output channels
■ A Metrics Message Producer that sends JMS messages containing metric information to
topic destinations for consumption by JMS monitoring clients
The general scheme is illustrated in Figure 4–3. Broker properties for configuring the
monitoring services are listed under “Monitoring Properties” on page 298.
86 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Services
Output Channels
Logger
Broker
log file
Code
ERROR
console
WARNING
INFO syslog (Solaris)
Metrics
Generator
Metrics
Message topic destinations
Producer
Metrics Generator
The Metrics Generator provides information about broker activity, such as message flow in and
out of the broker, the number of messages in broker memory and the memory they consume,
the number of open connections, and the number of threads being used. The boolean broker
property imq.metrics.enabled controls whether such information is logged;
imq.metrics.interval specifies how often.
Logger
The Logger takes information generated by broker code and the Metrics Generator and writes
that information to standard output (the console), to a log file, and, on Solaris platforms, to the
syslog daemon process in case of errors. The log file to use is identified by the
imq.log.file.dirpath and imq.log.file.filename broker properties;
imq.log.console.stream specifies whether console output is directed to stdout or stderr.
The imq.log.level property controls the categories of metric information that the Logger
gathers: ERROR, WARNING, or INFO. Each level includes those above it, so if you specify, for
example, WARNING as the logging level, error messages will be logged as well. The
imq.log.console.output and imq.log.file.output properties control which of the specified
categories will be written to the console and the log file, respectively. In this case, however, the
categories do not include those above them; so if you want, for instance, both errors and
warnings written to the log file and informational messages to the console, you must explicitly
set imq.log.file.output to ERROR|WARNING and imq.log.console.output to INFO. On
Solaris platforms another property, imq.log.syslog.output, specifies the categories of metric
information to be written to the syslog daemon. There is also an
imq.destination.logDeadMsgs property that specifies whether to log when dead messages are
discarded or moved to the dead message queue.
In the case of a log file, you can specify the point at which the file is closed and output is rolled
over to a new file. Once the log file reaches a specified size (imq.log.file.rolloverbytes) or
age (imq.log.file.rolloversecs), it is saved and a new log file created.
See “Monitoring Properties” on page 298 for additional broker properties related to logging, and
“Configuring and Using Broker Logging” on page 199 for further details about how to configure
the Logger and how to use it to obtain performance information.
Besides the information contained in the body of a metrics message, the header of each message
includes properties that provide the following additional information:
■ The message type
■ The address (host name and port number) of the broker that sent the message
■ The time the metric sample was taken
These properties are useful to client applications that process metrics messages of different
types or from different brokers.
88 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Setting Broker Properties
The following two sections describe these two methods of configuring a broker.
Configuration Files
Broker configuration files contain property settings for configuring a broker. They are kept in a
directory whose location depends on the operating system platform you are using; see
Appendix A, “Platform-Specific Locations of Message Queue Data” for details. Message Queue
maintains the following broker configuration files:
■ A default configuration file (default.properties) that is loaded on startup. This file is not
editable, but you can read it to determine default settings and find the exact names of
properties you want to change.
■ An installation configuration file (install.properties) containing any properties specified
when Message Queue was installed. This file cannot be edited after installation.
■ A separate instance configuration file (config.properties) for each individual broker
instance.
In addition, if you connect broker instances in a cluster, you may need to use a cluster
configuration file (cluster.properties) to specify configuration information for the cluster;
see “Cluster Configuration Properties” on page 302 for more information.
At startup, the broker merges property values from the various configuration files. As shown in
Figure 4–4, the files form a hierarchy in which values specified in the instance configuration file
override those in the installation configuration file, which in turn override those in the default
configuration file. At the top of the hierarchy, you can manually override any property values
specified in the configuration files by using command line options to the imqbrokerd
command.
imqbrokerd
-name MyBroker Overrides
-metrics 5
Startup
Command
config.properties
Overrides
Instance
Configuration File
install.properties
Overrides
Install
Configuration File
default.properties
Default
Configuration File
The first time you run a broker, an instance configuration file is created containing
configuration properties for that particular broker instance. The instance configuration file is
named config.properties and is located in a directory identified by the name of the broker
instance to which it belongs:
.../instances/instanceName/props/config.properties
(See Appendix A, “Platform-Specific Locations of Message Queue Data” for the location of the
instances directory.) If the file does not yet exist, you must use the -name option when starting
the broker (see “Broker Utility” on page 262) to specify an instance name that Message Queue
can use to create the file.
Note – The instances/instanceName directory and the instance configuration file are owned by
the user who created the corresponding broker instance. The broker instance must always be
restarted by that same user.
90 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Setting Broker Properties
The instance configuration file is maintained by the broker instance and is modified when you
make configuration changes using Message Queue administration utilities. You can also edit an
instance configuration file by hand to customize the broker’s behavior and resource use. To do
so, you must be the owner of the instances/instanceName directory or log in as the root user to
change the directory’s access privileges.
The broker reads its instance configuration file only at startup. To make permanent changes to
the broker’s configuration, you must shut down the broker, edit the file, and then restart the
broker. Property definitions in the file (or any configuration file) use the following syntax:
For example, the following entry specifies that the broker will hold up to 50,000 messages in
memory and persistent storage before rejecting additional messages:
imq.system.max_count=50000
The following entry specifies that a new log file will be created once a day (every 86,400
seconds):
imq.log.file.rolloversecs=86400
See “Broker Services” on page 75 and Chapter 14, “Broker Properties Reference” for
information on the available broker configuration properties and their default values.
At startup time, you use the Broker utility (imqbrokerd) to start a broker instance. Using the
command’s -D option, you can specify any broker configuration property and its value; see
“Starting Brokers” on page 68 and “Broker Utility” on page 262 for more information. If you
start the broker as a Windows service, using the Service Administrator utility (imqsvcadmin),
you use the -args option to specify startup configuration properties; see “Service Administrator
Utility” on page 280.
You can also change certain broker properties while a broker is running. To modify the
configuration of a running broker, you use the Command utility’s imqcmd update bkr
command; see “Updating Broker Properties” on page 103 and “Broker Management” on
page 268.
By default, Message Queue performs asynchronous write operations to disk. The operating
system can buffer these operations for efficient performance. However, if an unexpected system
failure should occur between write operations, messages could be lost. To improve reliability (at
the cost of reduced performance), you can set the broker property imq.persist.file.sync to
write data synchronously instead. For further discussion about this property, see “File-Based
Persistence” on page 81 and Table 14–5.
When you start a broker instance, you can use the imqbrokerd command’s -reset option to
clear the file system store. For more information about this option and its suboptions, see
“Broker Utility” on page 262.
92 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring a Persistent Data Store
Note – Example configurations are available for HADB, Java DB (Apache Derby), Oracle, and
MySQL database products. The location of these files is platform-dependent, and is listed under
“Example applications and configurations” in the relevant tables of Appendix A,
“Platform-Specific Locations of Message Queue Data.” In addition, examples for Oracle are
provided as commented-out values in the instance configuration file, config.properties, and
for MySQL in the default broker configuration file, default.properties.
2 Place a copy of, or a symbolic link to, your JDBC driver’s .jar file in the following location,
depending on your platform:
Solaris: /usr/share/lib/imq/ext/
Linux: /opt/sun/mq/share/lib/
Windows: IMQ_VARHOME\\lib\\ext
For example, if you are using HADB on a Solaris system, the following command copies the
driver’s .jar file to the appropriate location:
cp /opt/SUNWhadb/4/lib/hadbjdbc4.jar /usr/share/lib/imq/ext
The following command creates a symbolic link instead:
ln -s /opt/SUNWhadb/4/lib/hadbjdbc4.jar /usr/share/lib/imq/ext
a. Change to the directory where the Database Manager utility resides, depending on your
platform:
Solaris: cd /usr/bin
Linux: cd /opt/sun/mq/bin
Windows: cd IMQ_HOME\\bin
Note – If you use an embedded database, it is best to create it under the following directory:
.../instances/instanceName/dbstore/databaseName
dbmgr query
.../instances/instanceName/fs370
94 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring a Persistent Data Store
where instanceName is a name identifying the broker instance. This directory is created when
the broker instance is started for the first time. The procedure for securing this directory
depends on the operating system platform on which the broker is running:
■ On Solaris and Linux, the directory’s permissions are determined by the file mode creation
mask (umask) of the user who started the broker instance. Hence, permission to start a
broker instance and to read its persistent files can be restricted by setting the mask
appropriately. Alternatively, an administrator (superuser) can secure persistent data by
setting the permissions on the instances directory to 700.
■ On Windows, the directory’s permissions can be set using the mechanisms provided by the
Windows operating system. This generally involves opening a Properties dialog for the
directory.
The user name and password required to open a database connection by a broker can be
provided as broker configuration properties. However it is more secure to provide them as
command line options when starting up the broker, using the imqbrokerd command’s
-dbuserand -dbpassword options (see “Broker Utility” on page 262).
For an embedded database that is accessed directly by the broker by means of the database’s
JDBC driver, security is usually provided by setting file permissions on the directory where the
persistent data will be stored, as described above under “Securing a File-Based Store” on page 94
To ensure that the database is readable and writable by both the broker and the Database
Manager utility, however, both should be run by the same user.
Broker Management
5
This chapter explains how to use the Message Queue Command utility (imqcmd) to manage a
broker and its services. The chapter has the following sections:
■ “Command Utility Preliminaries” on page 97
■ “Using the Command Utility” on page 98
■ “Managing Brokers” on page 100
■ “Managing Connection Services” on page 106
■ “Managing Connections” on page 109
■ “Managing Durable Subscriptions” on page 111
■ “Managing Transactions” on page 112
This chapter does not cover all topics related to managing a broker. Additional topics are
covered in the following separate chapters:
■ For information on managing physical destinations on the broker, such as how to create,
display, update, and destroy physical destinations and how to use the dead message queue,
see Chapter 6, “Physical Destinations.”
■ For information about setting up security for the broker, such as user authentication, access
control, encryption, and password files, see Chapter 9, “Security.”
97
Using the Command Utility
When you install Message Queue, a default flat-file user repository is installed. The
repository is shipped with two default entries: an administrative user and a guest user. If you
are testing Message Queue, you can use the default user name and password (admin/admin)
to run the Command utility.
If you are setting up a production system, you must set up authentication and authorization
for administrative users. See Chapter 9, “Security” for information on setting up a file-based
user repository or configuring the use of an LDAP directory server. In a production
environment, it is a good security practice to use a nondefault user name and password.
■ Set up and enable the ssladmin service on the target broker instance, if you want to use a
secure connection to the broker. For more information, see “Message Encryption” on
page 185.
Use the -u option to specify an administrative user name. For example, the following command
displays information about the default broker:
If you omit the user name, the command will prompt you for it.
Note – For simplicity, the examples in this chapter use the default user name admin as the
argument to the -u option. In a real-life production environment, you would use a custom user
name.
98 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Command Utility
Note – In previous versions of Message Queue, you could use the -p option to specify a password
on the imqcmd command line. As of Message Queue 4.0, this option is deprecated and is no
longer supported; you must instead use one of the methods listed above.
Displaying Help
To display help on the imqcmd command, use the -h or -H option, and do not use a
subcommand. You cannot get help about specific subcommands.
For example, the following command displays help about imqcmd:
imqcmd -H
If you enter an imqcmd command line containing the -h or -H option in addition to a
subcommand or other options, the Command utility processes only the -h or -H option. All
other items on the command line are ignored.
Examples
The examples in this section illustrate how to use the imqcmd command.
The following example lists the properties of the broker running on host localhost at port
7676, so the -b option is unnecessary:
The command uses the default administrative user name (admin) and omits the password, so
that the command will prompt for it.
The following example lists the properties of the broker running on the host myserver at port
1564. The user name is aladdin:
(For this command to work, the user repository would need to be updated to add the user name
aladdin to the admin group.)
The following example lists the properties of the broker running on localhost at port 7676.
The initial timeout for the command is set to 20 seconds and the number of retries after timeout
is set to 7. The user’s password is in a password file called myPassfile, located in the current
directory at the time the command is invoked.
For a secure connection to the broker, these examples could include the -secure option. This
option causes the Command utility to use the ssladmin service if that service has been
configured and started.
Managing Brokers
This section describes how to use Command utility subcommands to perform the following
broker management tasks:
■ “Shutting Down and Restarting a Broker” on page 100
■ “Quiescing a Broker” on page 101
■ “Pausing and Resuming a Broker” on page 102
■ “Updating Broker Properties” on page 103
■ “Viewing Broker Information” on page 104
100 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Brokers
The broker stops accepting new connections and messages, completes delivery of existing
messages, and terminates the broker process.
The -time option, if present, specifies the interval, in seconds, to wait before shutting down the
broker. For example, the following command delays 90 seconds and then shuts down the
broker running on host wolfgang at port 1756:
The broker will not block, but will return immediately from the delayed shutdown request.
During the shutdown interval, the broker will not accept any new jms connections; admin
connections will be accepted, and existing jms connections will continue to operate. If the
broker belongs to a high-availability cluster, it will not attempt to take over for any other broker
during the shutdown interval.
If the broker is part of a high-availability cluster (see “High-Availability Clusters” on page 148),
another broker in the cluster will ordinarily attempt to take over its persistent data on
shutdown; the -nofailover option to the imqcmd shutdown bkr subcommand suppresses this
behavior. Conversely, you can use the imqcmd takeover bkr subcommand to force such a
takeover manually (for instance, if the takeover broker were to fail before completing the
takeover process); see “Preventing or Forcing Takeover of a Broker” on page 163 for more
information.
Note – The imqcmd takeover bkr subcommand is intended only for use in failed-takeover
situations. You should use it only as a last resort, and not as a general way of forcibly taking over
a running broker.
To shut down and restart a broker, use the subcommand imqcmd restart bkr:
This shuts down the broker and then restarts it using the same options that were specified when
it was first started. To choose different options, shut down the broker with imqcmd shutdown
bkr and then start it again with the Broker utility (imqbrokerd), specifying the options you
want.
Quiescing a Broker
The subcommand imqcmd quiesce bkr quiesces a broker, causing it to refuse any new client
connections while continuing to service old ones:
If the broker is part of a high-availability cluster, this allows its operations to wind down
normally without triggering a takeover by another broker, for instance in preparation for
shutting it down administratively for upgrade or similar purposes. For example, the following
command quiesces the broker running on host hastings at port 1066:
To reverse the process and return the broker to normal operation, use the imqcmd unquiesce
bkr subcommand:
For example, the following command unquiesces the broker that was quiesced in the preceding
example:
For example, the following command pauses the broker running on host myhost at port 1588:
Because its connection service threads are suspended, a paused broker is unable to accept new
connections, receive messages, or dispatch messages. The admin connection service is not
suspended, allowing you to continue performing administrative tasks needed to regulate the
flow of messages to the broker. Pausing a broker also does not suspend the cluster connection
service; however, since message delivery within a cluster depends on the delivery functions
performed by the different brokers in the cluster, pausing a broker in a cluster may result in a
slowing of some message traffic.
You can also pause individual connection services and physical destinations. For more
information, see “Pausing and Resuming a Connection Service” on page 106 and “Pausing and
Resuming a Physical Destination” on page 117.
The subcommand imqcmd resume bkr reactivates a broker’s service threads, causing it to resume
listening on the ports:
For example, the following command resumes the default broker (host localhost at port
7676):
102 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Brokers
For example, the following command turns off the auto-creation of queue destinations for the
default broker:
You can use imqcmd update bkr to update any of the following broker properties:
imq.autocreate.queue
imq.autocreate.topic
imq.autocreate.queue.maxNumActiveConsumers
imq.autocreate.queue.maxNumBackupConsumers
imq.cluster.url
imq.destination.DMQ.truncateBody
imq.destination.logDeadMsgs
imq.log.level
imq.log.file.rolloversecs
imq.log.file.rolloverbytes
imq.system.max_count
imq.system.max_size
imq.message.max_size
imq.portmapper.port
See Chapter 14, “Broker Properties Reference” for detailed information about these properties.
This lists the current settings of the broker’s properties, as shown in Example 5–1.
Version 4.1
Instance Name imqbroker
Broker ID mybroker
Primary Port 7676
Cluster ID myClusterID
Cluster Is Highly Available true
Cluster Broker List (active)
Cluster Broker List (configured)
Cluster Master Broker
Cluster URL
104 Successfully
Sun queried
Java System Message the4.1
Queue broker.
Administration Guide • September 2007
Managing Brokers
The imqcmd metrics bkr subcommand displays detailed metric information about a broker’s
operation:
The -int and -msp options specify, respectively, the interval (in seconds) at which to display the
metrics and the number of samples to display in the output. The default values are 5 seconds
and an unlimited number of samples.
For example, the following command displays the rate of message flow into and out of the
default broker (host localhost at port 7676) at 10-second intervals:
--------------------------------------------------------
Msgs/sec Msg Bytes/sec Pkts/sec Pkt Bytes/sec
In Out In Out In Out In Out
--------------------------------------------------------
0 0 27 56 0 0 38 66
10 0 7365 56 10 10 7457 1132
0 0 27 56 0 0 38 73
0 10 27 7402 10 20 1400 8459
0 0 27 56 0 0 38 73
For a more detailed description of the data gathered and reported by the broker, see
“Brokerwide Metrics” on page 336.
For brokers belonging to a broker cluster, the imqcmd list bkr subcommand displays
information about the configuration of the cluster; see “Displaying the Cluster Configuration”
on page 152 for more information.
The admin connection service can never be paused; to pause and resume any other service, use
the subcommands imqcmd pause svc and imqcmd resume svc. The syntax of the imqcmd pause
svc subcommand is as follows:
For example, the following command pauses the httpjms service running on the default broker
(host localhost at port 7676):
The imqcmd resume svc subcommand resumes operation of a connection service following a
pause:
106 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Connection Services
Property Description
port Port assigned to the service to be updated (does not apply to httpjms or
httpsjms)
A value of 0 means the port is dynamically allocated by the Port Mapper.
For example, the following command changes the minimum number of threads assigned to the
jms connection service on the default broker (host localhost at port 7676) to 20:
For example, the following command lists all services on the default broker (host localhost at
port 7676):
------------------------------------------------
Service Name Port Number Service State
------------------------------------------------
admin 41844 (dynamic) RUNNING
httpjms - UNKNOWN
httpsjms - UNKNOWN
jms 41843 (dynamic) RUNNING
ssladmin dynamic UNKNOWN
ssljms dynamic UNKNOWN
The imqcmd query svc subcommand displays information about a single connection service:
For example, the following command displays information about the jms connection service on
the default broker (host localhost at port 7676):
To display metric information about a connection service, use the imqcmd metrics svc
subcommand:
108 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Connections
[-m metricType]
[-int interval]
[-msp numSamples]
The -m option specifies the type of metric information to display:
■ ttl (default): Messages and packets flowing into and out of the broker by way of the
specified connection service
■ rts: Rate of flow of messages and packets into and out of the broker per second by way of the
specified connection service
■ cxn: Connections, virtual memory heap, and threads
The -int and -msp options specify, respectively, the interval (in seconds) at which to display the
metrics and the number of samples to display in the output. The default values are 5 seconds
and an unlimited number of samples.
For example, the following command displays cumulative totals for messages and packets
handled by the default broker (host localhost at port 7676) by way of the jms connection
service:
imqcmd metrics svc -n jms -m ttl -u admin
Example 5–5 shows an example of the resulting output.
-------------------------------------------------
Msgs Msg Bytes Pkts Pkt Bytes
In Out In Out In Out In Out
-------------------------------------------------
164 100 120704 73600 282 383 135967 102127
657 100 483552 73600 775 876 498815 149948
For a more detailed description of the use of the Command utility to report connection service
metrics, see “Connection Service Metrics” on page 338.
Managing Connections
The Command utility’s list cxn and query cxn subcommands display information about
individual connections. The subcommand imqcmd list cxn lists all connections for a specified
connection service:
imqcmd list cxn [-svn serviceName]
[-b hostName:portNumber]
If no service name is specified, all connections are listed. For example, the following command
lists all connections on the default broker (host localhost at port 7676):
---------------------------------------------------------------------------
Connection ID User Service Producers Consumers Host
---------------------------------------------------------------------------
1964412264455443200 guest jms 0 1 127.0.0.1
1964412264493829311 admin admin 1 1 127.0.0.1
To display detailed information about a single connection, obtain the connection identifier
from imqcmd list cxn and pass it to the imqcmd query cxn subcommand:
110 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Durable Subscriptions
Connection ID 421085509902214374
User guest
Service jms
Producers 0
Consumers 1
Host 111.22.333.444
Port 60953
Client ID
Client Platform
The resulting output lists the name of each durable subscription to the topic, the client identifier
to which it belongs, its current state (active or inactive), and the number of messages currently
queued to it. Example 5–8 shows an example.
The imqcmd purge dur subcommand purges all messages for a specified durable subscriber and
client identifier:
For example, the following command purges all messages for the durable subscription listed in
Example 5–8:
The imqcmd destroy dur subcommand destroys a durable subscription, specified by its
subscriber name and client identifier:
For example, the following command destroys the durable subscription listed in Example 5–8:
Managing Transactions
All transactions initiated by client applications are tracked by the broker. These can be simple
Message Queue transactions or distributed transactions managed by a distributed transaction
(XA resource) manager.
112 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Transactions
The imqcmd list txn subcommand lists the transactions being tracked by a broker:
This lists all transactions on the broker, both local and distributed. For each transaction, it
shows the transaction ID, state, user name, number of messages and acknowledgments, and
creation time. Example 5–9 shows an example of the resulting output.
---------------------------------------------------------------
Transaction ID State User name # Msgs/ Creation time
# Acks
---------------------------------------------------------------
To display detailed information about a single transaction, obtain the transaction identifier
from imqcmd list txn and pass it to the imqcmd query txn subcommand:
This displays the same information as imqcmd list txn, along with the client identifier,
connection identification, and distributed transaction identifier (XID). For example, the
command
Client ID
Connection [email protected]:62209->jms:62195
Creation time 1/30/02 10:08:31 AM
Number of acknowledgments 0
Number of messages 4
State PREPARED
Transaction ID 64248349708800
User name guest
XID 6469706F6C7369646577696E6465723130313234313431313030373230
In case of broker failure, it is possible that a distributed transaction could be left in the prepared
state without ever being committed. Until such a transaction is committed, its messages will not
be delivered and its acknowledgments will not be processed. Hence, as an administrator, you
may need to monitor such transactions and commit them or roll them back manually. For
example, if the broker’s imq.transaction.autorollback property (see Table 14–2) is set to
false, you must manually commit or roll back transactions found in the prepared state at broker
startup, using the Command utility’s commit txn or rollback txn subcommand:
For example, the following command commits the transaction listed in Example 5–10:
Note – Only transactions in the prepared state can be committed or rolled back. You should do
so only if you know that the transaction has been left in this state by a failure and is not in the
process of being committed by the distributed transaction manager.
114 Sun Java System Message Queue 4.1 Administration Guide • September 2007
6
C H A P T E R 6
Physical Destinations
A Message Queue message is routed to its consumer clients by way of a physical destination on a
message broker. The broker manages the memory and persistent storage associated with the
physical destination and configures its behavior. The broker also maintains a specialized
physical destination, the dead message queue, whose properties differ somewhat from those of
other destinations. This chapter describes how to use the Message Queue Command utility
(imqcmd) to manage physical destinations.
In a broker cluster, you create a physical destination on one broker and the cluster propagates it
to all the others. Because the brokers cooperate to route messages across the cluster, client
applications can consume messages from destinations on any broker in the cluster. Only the
broker to which a message was originally produced manages persistence and acknowledgment
for that message.
Note – For provider independence and portability, client applications typically use destination
administered objects to interact with physical destinations. Chapter 7, “Administered Objects”
describes how to configure such administered objects for use by client applications. For a
general conceptual introduction to physical destinations, see the Message Queue Technical
Overview.
115
Command Utility Subcommands for Physical Destination Management
Subcommand Description
116 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Pausing and Resuming a Physical Destination
For example, the following command creates a queue destination named XQueue:
The imqcmd create dst command may also optionally include any property values you wish to
set for the destination, specified with the -o option. For example, the following command
creates a topic destination named hotTopic with a maximum message length of 5000 bytes:
See Chapter 15, “Physical Destination Property Reference” for reference information about the
physical destination properties that can be set with this option. (For auto-created destinations,
you set default property values in the broker’s instance configuration file; see Table 14–3 for
information on these properties.)
This purges all messages at the specified destination and removes it from the broker; the
operation is not reversible.
For example, the following command destroys the queue destination named curlyQueue:
To pause the delivery of messages to or from a physical destination, use the imqcmd pause dst
subcommand:
If you omit the destination type and name (-t and -n options), all physical destinations will be
paused. The pause type (-pst) specifies what type of message delivery to pause:
PRODUCERS Pause delivery from message producers to the destination
CONSUMERS Pause delivery from the destination to message consumers
ALL Pause all message delivery (both producers and consumers)
For example, the following command pauses delivery from message producers to the queue
destination curlyQueue:
The following command pauses delivery to message consumers from the topic destination
hotTopic:
This command pauses all message delivery to and from all physical destinations:
Note – In a broker cluster, since each broker in the cluster has its own instance of each physical
destination, you must pause each such instance individually.
For example, the following command resumes message delivery to the queue destination
curlyQueue:
If no destination type and name are specified, all destinations are resumed. This command
resumes delivery to all physical destinations:
118 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Updating Physical Destination Properties
For example, the following command purges all accumulated messages from the topic
destination hotTopic:
Note – In a broker cluster, since each broker in the cluster has its own instance of each physical
destination, you must purge each such instance individually.
Tip – When restarting a broker that has been shut down, you can use the Broker utility’s
-reset messages option to clear out its stale messages: for example,
This saves you the trouble of purging physical destinations after restarting the broker.
The properties to be updated can include any of those listed in Table 15–1 (with the exception
of the isLocalOnly property, which cannot be changed once the destination has been created).
For example, the following command changes the maxBytesPerMsg property of the queue
destination curlyQueue to 1000 and the maxNumMsgs property to 2000:
Note – The type of a physical destination is not an updatable property; you cannot use the
imqcmd update dst subcommand to change a queue to a topic or a topic to a queue.
This lists all physical destinations on the broker identified by hostName and portNumber of the
type (queue or topic) specified by destType. If the -t option is omitted, both queues and topics
are listed. For example, the following command lists all physical destinations on the broker
running on host myHost at port number 4545:
Note – The list of queue destinations always includes the dead message queue (mq.sys.dmq) in
addition to any other queue destinations currently existing on the broker.
If you specify the -tmp option, temporary destinations are listed as well. These are destinations
created by clients, normally for the purpose of receiving replies to messages sent to other clients.
The imqcmd query dst subcommand displays information about a single physical destination:
For example, the following command displays information about the queue destination
curlyQueue:
120 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Viewing Physical Destination Information
Example 6–1shows an example of the resulting output. You can use the imqcmd update dst
subcommand (see “Updating Physical Destination Properties” on page 119) to change the value
of any of the properties listed.
------------------------------------
Destination Name Destination Type
------------------------------------
curlyQueue Queue
-------------------------
Host Primary Port
-------------------------
localhost 7676
To display metric information about a physical destination, use the imqcmd metrics dst
subcommand:
The -int and -msp options specify, respectively, the interval (in seconds) at which to display the
metrics and the number of samples to display in the output. The default values are 5 seconds
and an unlimited number of samples.
For example, the following command displays cumulative totals for messages and packets
handled by the queue destination curlyQueue:
-----------------------------------------------------------------------------------
Msgs Msg Bytes Msg Count Total Msg Bytes (k) Largest
In Out In Out Current Peak Avg Current Peak Avg Msg (k)
-----------------------------------------------------------------------------------
3128 3066 1170102 1122340 128 409 29 46 145 10 < 1
4858 4225 1863159 1635458 144 201 33 53 181 42 < 1
2057 1763 820804 747200 84 377 16 71 122 79 < 1
For a more detailed description of the use of the Command utility to report physical destination
metrics, see “Physical Destination Metrics” on page 339.
122 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Physical Destination Disk Utilization
--------------------------------------
Reserved Used Utilization Ratio
--------------------------------------
804096 675533 84
1793024 1636222 91
2544640 2243808 88
The disk utilization pattern depends on the characteristics of the messaging application using a
particular physical destination. Depending on the flow of messages into and out of the
destination and their relative size, the amount of disk space reserved might grow over time. If
messages are produced at a higher rate than they are consumed, free records should generally be
reused and the utilization ratio should be on the high side. By contrast, if the rate of message
production is comparable to or lower than the consumption rate, the utilization ratio will likely
be low.
As a rule, you want the reserved disk space to stabilize and the utilization ratio to remain high. If
the system reaches a steady state in which the amount of reserved disk space remains more or
less constant with utilization above 75%, there is generally no need to reclaim unused disk
space. If the reserved space stabilizes at a utilization rate below 50%, you can use the imqcmd
compact dst subcommand to reclaim the disk space occupied by free records:
compact dst [-t destType -n destName]
This compacts the file-based data store for the designated physical destination. If no destination
type and name are specified, all physical destinations are compacted.
You must pause a destination (with the imqcmd pause subcommand) before compacting it, and
resume it (with imqcmd resume) afterward (see “Pausing and Resuming a Physical Destination”
on page 117):
Tip – If a destination’s reserved disk space continues to increase over time, try reconfiguring its
maxNumMsgs, maxBytesPerMsg, maxTotalMsgBytes, and limitBehavior properties (see
“Physical Destination Properties” on page 313).
The broker automatically creates a dead message queue when it starts. The broker places
messages on the queue if it cannot process them or if their time-to-live has expired. In addition,
other physical destinations can use the dead message queue to hold discarded messages. This
can provide information that is useful for troubleshooting the system.
You can enable or disable the use of the dead message queue for all auto-created physical
destinations on a broker by setting the broker’s imq.autocreate.destination.useDMQ broker
property:
You can manage the dead message queue with the Message Queue Command utility (imqcmd)
just as you manage other queues, but with some differences. For example, because the dead
124 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Dead Message Queue
message queue is system-created, you cannot create, pause, or destroy it. Also, as shown in
Table 6–2, default values for the dead message queue’s configuration properties sometimes
differ from those of ordinary queues.
maxTotalMsgBytes Default value is 10m (10 megabytes), rather than −1 (unlimited) as for
ordinary queues.
isLocalOnly Permanently set to false in broker clusters; the dead message queue
in a cluster is always a global physical destination.
Tip – By default, the dead message queue stores entire messages. If you do not plan to restore
dead messages, you can reduce the size of the dead message queue by setting the broker’s
imq.destination.DMQ.truncateBody property to true:
This will discard the body of all messages and retain only the headers and property data.
Dead message logging is disabled by default. The following command enables it:
Note – Dead message logging applies to all physical destinations that use the dead message
queue. You cannot enable or disable logging for an individual physical destination.
126 Sun Java System Message Queue 4.1 Administration Guide • September 2007
7
C H A P T E R 7
Administered Objects
This chapter tells how to use the Object Manager utility (imqobjmgr) to create and manage
administered objects. It contains the following sections:
■ “Object Stores” on page 127
■ “Administered Object Attributes” on page 130
■ “Using the Object Manager Utility” on page 137
Object Stores
Administered objects are placed in a readily available object store where they can be accessed by
client applications by means of the Java Naming and Directory Interface (JNDI). There are two
types of object store you can use: a standard Lightweight Directory Access Protocol (LDAP)
directory server or a directory in the local file system.
LDAP implementations are available from a number of vendors. To manage an object store on
an LDAP server with Message Queue administration tools, you may first need to configure the
server to store Java objects and perform JNDI lookups; see the documentation provided with
your LDAP implementation for details.
127
Object Stores
To use an LDAP server as your object store, you must specify the attributes shown in Table 7–1.
These attributes fall into the following categories:
■ Initial context. The java.naming.factory.initial attribute specifies the initial context
for JNDI lookups on the server. The value of this attribute is fixed for a given LDAP object
store.
■ Location. The java.naming.provider.url attribute specifies the URL and directory path
for the LDAP server. You must verify that the specified directory path exists.
■ Security. The java.naming.security.principal, java.naming.security.credentials,
and java.naming.security.authentication attributes govern the authentication of
callers attempting to access the object store. The exact format and values of these attributes
depend on the LDAP service provider; see the documentation provided with your LDAP
implementation for details and to determine whether security information is required on all
operations or only on those that change the stored data.
Attribute Description
128 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Object Stores
To use a file-system directory as your object store, you must specify the attributes shown in
Table 7–2. These attributes have the same general meanings described above for LDAP object
stores; in particular, the java.naming.provider.url attribute specifies the directory path of
the directory holding the object store. This directory must exist and have the proper access
permissions for the user of Message Queue administration tools as well as the users of the client
applications that will access the store.
Attribute Description
Each type of administered object has certain attributes that determine the object’s properties
and behavior. This section describes how to use the Object Manager command line utility
(imqobjmgr) to set these attributes; you can also set them with the GUI Administration
Console, as described in “Working With Administered Objects” on page 56.
Both classes share the same configuration attributes, which you can use to optimize resources,
performance, and message throughput. These attributes are listed and described in detail in
Chapter 16, “Administered Object Attribute Reference” and are discussed in the following
sections below:
■ “Connection Handling” on page 130
■ “Client Identification” on page 133
■ “Reliability And Flow Control” on page 135
■ “Queue Browser and Server Sessions” on page 136
■ “Standard Message Properties” on page 136
■ “Message Header Overrides” on page 136
Connection Handling
Connection handling attributes specify the broker address to which to connect and, if required,
how to detect connection failure and attempt reconnection. They are summarized in
Table 16–1.
130 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Administered Object Attributes
Automatic Reconnection
By setting certain connection factory attributes, you can configure a client to reconnect
automatically to a broker in the event of a failed connection. For standalone brokers or those
belonging to a conventional broker cluster (see “Conventional Clusters” on page 147), you
enable this behavior by setting the connection factory’s imqReconnectEnabled attribute to
true. The imqReconnectAttempts attribute controls the number of reconnection attempts to a
given broker address; imqReconnectInterval specifies the interval, in milliseconds, to wait
between attempts.
If the broker is part of a conventional cluster, the failed connection can be restored not only on
the original broker, but also on a different one in the cluster. If reconnection to the original
broker fails, the client runtime will try the other addresses in the connection factory’s broker
address list (imqAddressList). The imqAddressListBehavior and
imqAddressListIterations attributes control the order in which addresses are tried and the
number of iterations through the list, as described in the preceding section. Each address is tried
repeatedly at intervals of imqReconnectInterval milliseconds, up to the maximum number of
attempts specified by imqReconnectAttempts.
Note, however, that in a conventional cluster, such automatic reconnection only provides
connection failover and not data failover: persistent messages and other state information held
by a failed or disconnected broker can be lost when the client is reconnected to a different
broker instance. While attempting to reestablish a connection, Message Queue does maintain
objects (such as sessions, message consumers, and message producers) provided by the client
runtime. Temporary destinations are also maintained for a time when a connection fails,
because clients might reconnect and access them again; after giving clients time to reconnect
and use these destinations, the broker will delete them. In circumstances where the client-side
state cannot be fully restored on the broker on reconnection (for instance, when using
transacted sessions, which exist only for the duration of a connection), automatic reconnection
will not take place and the connection’s exception handler will be called instead. It is then up to
the client application to catch the exception, reconnect, and restore state.
132 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Administered Object Attributes
that, as described in the preceding section, the address list is kept updated dynamically so that it
always reflects the current membership of the cluster.) The effect is equivalent to an
imqReconnectEnabled value of true and an imqAddressListIterations value of −1,
overriding any other explicit or default settings of these attributes. The only way for a client
application to avoid such indefinite reconnection attempts is to close the connection explicitly
on broker failure.
Automatic reconnection supports all client acknowledgment modes for message consumption.
Once a connection has been reestablished, the broker will redeliver all unacknowledged
messages it had previously delivered, marking them with a Redeliver flag. Client applications
can use this flag to determine whether a message has already been consumed but not yet
acknowledged. (In the case of nondurable subscribers, however, the broker does not hold
messages once their connections have been closed. Thus any messages produced for such
subscribers while the connection is down cannot be delivered after reconnection and will be
lost.) Message production is blocked while automatic reconnection is in progress; message
producers cannot send messages to the broker until after the connection has been reestablished.
Client Identification
The connection factory attributes listed in Table 16–4 support client authentication and the
setting of client identifiers for durable subscribers.
Client Authentication
All attempts to connect to a broker must be authenticated by user name and password against a
user repository maintained by the message service. The connection factory attributes
imqDefaultUsername and imqDefaultPassword specify a default user name and password to be
used if the client does not supply them explicitly when creating a connection.
As a convenience for developers who do not wish to bother populating a user repository during
application development and testing, Message Queue provides a guest user account with user
name and password both equal to guest. This is also the default value for the
imqDefaultUsername and imqDefaultPassword attributes, so that if they are not specified
explicitly, clients can always obtain a connection under the guest account. In a production
environment, access to broker connections should be restricted to users who are explicitly
registered in the user repository.
Client Identifier
The Java Message Service Specification requires that a connection provide a unique client
identifier whenever the broker must maintain a persistent state on behalf of a client. Message
Queue uses such client identifiers to keep track of durable subscribers to a topic destination.
When a durable subscriber becomes inactive, the broker retains all incoming messages for the
topic and delivers them when the subscriber becomes active again. The broker identifies the
subscriber by means of its client identifier.
While it is possible for a client application to set its own client identifier programmatically using
the connection object’s setClientID method, this makes it difficult to coordinate client
identifiers to ensure that each is unique. It is generally better to have Message Queue
automatically assign a unique identifier when creating a connection on behalf of a client. This
can be done by setting the connection factory’s imqConfiguredClientID attribute to a value of
the form
${u}factoryID
The characters ${u} must be the first four characters of the attribute value. (Any character other
than u between the braces will cause an exception to be thrown on connection creation; in any
other position, these characters have no special meaning and will be treated as plain text.) The
value for factoryID is a character string uniquely associated with this connection factory object.
When creating a connection for a particular client, Message Queue will construct a client
identifier by replacing the characters ${u} with u:userName, where userName is the user name
authenticated for the connection. This ensures that connections created by a given connection
factory, although identical in all other respects, will each have their own unique client identifier.
For example, if the user name is Calvin and the string specified for the connection factory’s
imqConfiguredClientID attribute is ${u}Hobbes, the client identifier assigned will be
u:CalvinHobbes.
134 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Administered Object Attributes
Note – This scheme will not work if two clients both attempt to obtain connections using the
default user name guest, since each would have a client identifier with the same ${u}
component. In this case, only the first client to request a connection will get one; the second
client’s connection attempt will fail, because Message Queue cannot create two connections
with the same client identifier.
Even if you specify a client identifier with imqConfiguredClientID, client applications can
override this setting with the connection method setClientID. You can prevent this by setting
the connection factory’s imqDisableSetClientID attribute to true. Note that for an application
that uses durable subscribers, the client identifier must be set one way or the other: either
administratively with imqConfiguredClientID or programmatically with setClientID.
The use of any of these flow control techniques entails a tradeoff between reliability and
throughput; see “Client Runtime Message Flow Adjustments” on page 231 for further
discussion.
136 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Object Manager Utility
There are two attributes for each of these fields: one boolean, to control whether the field can be
overridden, and another to specify its value. For instance, the attributes for setting the priority
level are imqOverrideJMSPriority and imqJMSPriority. There is also an additional attribute,
imqOverrideJMSHeadersToTemporaryDestinations, that controls whether override values
apply to temporary destinations.
Note – Because overriding message headers may interfere with the needs of specific applications,
these attributes should only be used in consultation with an application’s designers or users.
Destination Attributes
The destination administered object that identifies a physical queue or topic destination has
only two attributes, listed in Table 16–9. The important one is imqDestinationName, which
gives the name of the physical destination that this administered object represents; this is the
name that was specified with the -n option to the imqcmd create dst command that created the
physical destination. (Note that there is not necessarily a one-to-one relationship between
destination administered objects and the physical destinations they represent: a single physical
destination can be referenced by more than one administered object, or by none at all.) There is
also an optional descriptive string, imqDestinationDescription, which you can use to help
identify the destination object and distinguish it from others you may have created.
See “Object Manager Utility” on page 275 for reference information about the syntax,
subcommands, and options of the imqobjmgr command.
Most Object Manager operations require you to specify the following information as options to
the imqobjmgr command:
■ The JNDI lookup name (-l) of the administered object
This is the logical name by which client applications can look up the administered object in
the object store, using the Java Naming and Directory Interface.
■ The attributes of the JNDI object store (-j)
See “Object Stores” on page 127 for information on the possible attributes and their values.
■ The type (-t) of the administered object
Possible types include the following:
q Queue destination
t Topic destination
cf Connection factory
qf Queue connection factory
tf Topic connection factory
xcf Connection factory for distributed transactions
xqf Queue connection factory for distributed transactions
xtf Topic connection factory for distributed transactions
■ The attributes (-o) of the administered object
See “Administered Object Attributes” on page 130 for information on the possible attributes
and their values.
Note – The Object Manager lists and displays only Message Queue administered objects. If an
object store contains a non–Message Queue object with the same lookup name as an
administered object that you wish to add, you will receive an error when you attempt the add
operation.
138 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Object Manager Utility
imqobjmgr add
-l "cn=myQCF"
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
-t qf
-o "imqAddressList=mq://myHost:7272/jms"
Adding a Destination
When creating an administered object representing a destination, it is good practice to create
the physical destination first, before adding the administered object to the object store. Use the
Command utility (imqcmd) to create the physical destination, as described in “Creating and
Destroying Physical Destinations” on page 116.
The command shown in Example 7–2 adds an administered object to an LDAP object store
representing a topic destination with lookup name myTopic and physical destination name
physTopic. The command for adding a queue destination would be similar, except that the
administered object type (-t option) would be q (for “queue destination”) instead of t (for
“topic destination”).
imqobjmgr add
-l "cn=myTopic"
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
-t t
-o "imqDestinationName=physTopic"
Example 7–3 shows the same command, but with the administered object stored in a Solaris file
system instead of an LDAP server.
imqobjmgr add
-l "cn=myTopic"
-j "java.naming.factory.initial=com.sun.jndi.fscontext.RefFSContextFactory"
-j "java.naming.provider.url=file:///home/foo/imq_admin_objects"
-t t
-o "imqDestinationName=physTopic"
140 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Object Manager Utility
imqobjmgr delete
-l "cn=myTopic"
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
-t t
imqobjmgr list
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
imqobjmgr list
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
-t q
imqobjmgr query
-l "cn=myTopic"
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
142 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Object Manager Utility
Example 7–8 changes the value of the imqReconnectAttempts attribute for the queue
connection factory that was added to the object store in Example 7–1.
imqobjmgr update
-l "cn=myQCF"
-j "java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory"
-j "java.naming.provider.url=ldap://mydomain.com:389/o=imq"
-j "java.naming.security.principal=uid=homerSimpson,ou=People,o=imq"
-j "java.naming.security.credentials=doh"
-j "java.naming.security.authentication=simple"
-t qf
-o "imqReconnectAttempts=3"
Example 7–9 shows the general syntax for an Object Manager command file. Note that the
version property is not a command line option: it refers to the version of the command file
itself (not that of the Message Queue product) and must be set to the value 2.0.
version=2.0
cmdtype=[ add | delete | list | query | update ]
obj.lookupName=lookup name
objstore.attrs.objStoreAttrName1=value1
objstore.attrs.objStoreAttrName2=value2
. . .
objstore.attrs.objStoreAttrNameN=valueN
obj.type=[ q | t | cf | qf | tf | xcf | xqf | xtf | e ]
obj.attrs.objAttrName1=value1
obj.attrs.objAttrName2=value2
. . .
obj.attrs.objAttrNameN=valueN
As an example, consider the Object Manager command shown earlier in Example 7–1, which
adds a queue connection factory to an LDAP object store. This command can be encapsulated
in a command file as shown in Example 7–10. If the command file is named MyCmdFile, you can
then execute the command with the command line
imqobjmgr -i MyCmdFile
version=2.0
cmdtype=add
obj.lookupName=cn=myQCF
objstore.attrs.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
objstore.attrs.java.naming.provider.url=ldap://mydomain.com:389/o=imq
objstore.attrs.java.naming.security.principal=uid=homerSimpson,ou=People,o=imq
objstore.attrs.java.naming.security.credentials=doh
objstore.attrs.java.naming.security.authentication=simple
obj.type=qf
obj.attrs.imqAddressList=mq://myHost:7272/jms
A command file can also be used to specify only part of the imqobjmgr subcommand clause,
with the remainder supplied directly on the command line. For example, the command file
shown in Example 7–11 specifies only the attribute values for an LDAP object store.
version=2.0
objstore.attrs.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
objstore.attrs.java.naming.provider.url=ldap://mydomain.com:389/o=imq
objstore.attrs.java.naming.security.principal=uid=homerSimpson,ou=People,o=imq
objstore.attrs.java.naming.security.credentials=doh
objstore.attrs.java.naming.security.authentication=simple
144 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the Object Manager Utility
You could then use this command file to specify the object store in an imqobjmgr command
while supplying the remaining options explicitly, as shown in Example 7–12.
imqobjmgr add
-l "cn=myQCF"
-i MyCmdFile
-t qf
-o "imqAddressList=mq://myHost:7272/jms"
Additional examples of command files can be found at the following locations, depending on
your platform:
Solaris /usr/demo/imq/imqobjmgr
Linux /opt/sun/mq/examples/imqobjmgr
Windows IMQ_HOME\demo\imqobjmgr
Broker Clusters
8
Message Queue supports the use of broker clusters: groups of brokers working together to
provide message delivery services to clients. Clusters enable a message service to scale its
operations with the volume of message traffic by distributing client connections among
multiple brokers. In addition, clusters help to maintain service availability: in the event of
broker failure, clients can fail over to another broker in the cluster and continue receiving
messages. High availability clusters provide an even greater degree of service availability: if one
of the brokers within the cluster should fail, another can take over ownership of its pending
messages and see that they are delivered to their destinations without interruption of service.
See the Message Queue Technical Overview for a general discussion of clusters and how they
operate.
This chapter describes how to manage broker clusters, connect brokers to them, and configure
them. It contains the following sections:
■ “Types of Cluster” on page 147
■ “Configuring Clusters” on page 149
■ “Managing Clusters” on page 154
Types of Cluster
Two types of cluster can be created: conventional and high availability (HA). The distinction
between the two depends on the value of the imq.cluster.ha property of the brokers belonging
to the cluster. All of the brokers in a given cluster must have the same value for this property: if
the value is false, the cluster is a conventional one; if true, it is a high-availability cluster.
Conventional Clusters
In a conventional cluster, each of the constituent brokers maintains its own separate persistent
data store (see “Persistence Services” on page 80). Brokers within the cluster share information
about one another’s persistent destinations, message consumers, and durable subscriptions.
147
Types of Cluster
However, if one of the brokers should fail, none of the other brokers in the cluster can take over
its operations, since none of them have access to the failed broker’s persistent messages, open
transactions, and other aspects of its internal state.
Changes to a cluster’s destinations, consumers, or durable subscriptions are automatically
propagated to all of the other brokers in the cluster. However, a broker that is offline at the time
of the change (through failure, for instance) will not immediately receive this information. To
keep such state information synchronized throughout the cluster, one of its brokers can
optionally be designated as the master broker to track changes in the cluster’s persistent state.
The master broker maintains a configuration change record containing information about
changes in the persistent entities associated with the cluster, such as durable subscriptions and
administrator-created physical destinations. All brokers in the cluster consult the master broker
during startup to update their information about these persistent entities; thus a broker
returning to operation after having been temporarily offline can update its information about
changes that may have occurred during its absence.
Note – While it is possible to mix brokers with different versions in the same cluster, all brokers
must have a version at least as great as that of the master broker. If there is no master broker, all
brokers in the cluster must have the same version.
Because all brokers in a conventional cluster need the master broker in order to perform
persistent operations, the following imqcmd subcommands for any broker in the cluster will
return an error when a master broker has been configured but is unavailable:
create dst
destroy dst
update dst
destroy dur
Auto-created physical destinations and temporary destinations are unaffected.
In the absence of a master broker, any client application attempting to create a durable
subscriber or unsubscribe from a durable subscription will get an error. However, a client can
successfully specify and interact with an existing durable subscription.
High-Availability Clusters
In a high-availability cluster, all of the brokers share a common JDBC-based persistent data
store holding dynamic state information (destinations, persistent messages, durable
subscriptions, open transactions, and so forth) for each broker. In the event of broker failure,
this enables another broker to assume ownership of the failed broker’s persistent state and
provide uninterrupted service to its clients. Because they share a common JDBC-based data
store, all brokers belonging to an HA cluster must have their imq.persist.store property (see
Table 14–4) set to jdbc.
148 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring Clusters
Brokers within an HA cluster inform each other at regular intervals that they are still in
operation by exchanging heartbeat packets, (using a special internal connection service, the
cluster connection service), and updating their state information in the cluster’s shared
persistent store. When no heartbeat packet is detected from a broker for a specified number of
heartbeat intervals, the broker is considered suspect of failure. The other brokers in the cluster
then begin to monitor the suspect broker’s state information in the persistent store to confirm
whether the broker has indeed failed. If the suspect broker fails to update its state information
within a certain threshold interval, it is considered to have failed. (The duration of these
heartbeat and failure-detection intervals can be adjusted by means of broker configuration
properties to balance the tradeoff between speed and accuracy of failure detection: shorter
intervals result in quicker reaction to broker failure, but increase the likelihood of false
suspicions and erroneous failure detection.)
When a broker in an HA cluster detects that another broker has failed, it will attempt to take
over the failed broker’s persistent state (pending messages, destination definitions, durable
subscriptions, pending acknowledgments, and open transactions), in order to provide
uninterrupted service to the failed broker’s clients. If two or more brokers attempt such a
takeover, only the first will succeed; that broker acquires a lock on the failed broker’s data in the
persistent store, preventing subsequent takeover attempts by other brokers from succeeding.
After an initial waiting period, the takeover broker will then clean up any transient resources
(such as transactions and temporary destinations) belonging to the failed broker; these
resources will be unavailable if the client later reconnects.
Configuring Clusters
You define a cluster by specifying cluster configuration properties for each of its member
brokers. These properties are discussed below under “Cluster Configuration Properties” on
page 150 and are described in detail in Table 14–10.
imq.cluster.brokerlist=host1:9876,host2:5000,ctrlhost
Notice, however, that if you need to change the cluster configuration, this method requires you
to update the instance configuration file for every broker in the cluster. For consistency and ease
of maintenance, it is generally more convenient to collect all of the shared cluster configuration
properties into a central cluster configuration file that all of the individual brokers reference.
This prevents the settings from getting out of agreement and ensures that all brokers in a cluster
share the same, consistent configuration information. In this approach, each broker’s instance
configuration file must set the imq.cluster.url property to point to the location of the cluster
configuration file: for example,
imq.cluster.url=file:/home/cluster.properties
The cluster configuration file then defines the shared configuration properties for all of the
brokers in the cluster, such as the list of brokers to be connected (imq.cluster.brokerlist),
the transport protocol to use for the cluster connection service (imq.cluster.transport),
and optionally, for conventional clusters, the address of the master broker
(imq.cluster.masterbroker). The following code defines the same conventional cluster as in
the previous example, with the broker running on ctrlhost serving as the master broker:
imq.cluster.brokerlist=host1:9876,host2:5000,ctrlhost
imq.cluster.masterbroker=ctrlhost
150 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring Clusters
■ imq.cluster.clusterid (HA clusters only) gives the cluster identifier, which will be
appended to the names of all database tables in the cluster’s shared persistent store. The
value of this property must be the same for all brokers in a given cluster, but must be unique
for each cluster: no two running clusters may have the same cluster identifier.
Caution – While the hostname and port properties can be set independently for each individual
broker, all of the other properties listed above must have the same values for all brokers in the
cluster. In addition, in an HA cluster, you must specify a unique broker identifier for each broker
by setting the broker’s imq.brokerid property (see Table 14–1); this value must be different for
each broker in the cluster.
The database server may be Sun’s own High Availability Database (HADB) server, or it may be
an open-source or third-party product such as Apache Software Foundation’s Derby (Java DB)
or Oracle Corporation’s Real Application Clusters (RAC). As described in “JDBC-Based
Persistence” on page 82, the imq.persist.jdbc.dbVendor broker property specifies the name
of the database vendor, and all of the remaining JDBC-related properties are qualified with this
vendor name: for instance, when using Sun’s HADB for the HA server, the Java class name of
the JDBC driver is specified by a property named imq.persist.jdbc.hadb.driver.
Note – If the integration between Message Queue and Application Server is local (that is, there is
a one-to-one relationship between Application Server instances and Message Queue message
brokers), the Application Server will automatically propagate these properties to each broker in
the HA cluster. However, if the integration is remote (a single Application Server instance using
an externally configured broker cluster), then it is your responsibility to configure the needed
properties explicitly for each broker.
After setting all of the needed JDBC configuration properties for the brokers in an HA cluster,
you must also install your JDBC driver’s .jar file in the appropriate directory location,
depending on your operating-system platform (as listed in Appendix A, “Platform-Specific
Locations of Message Queue Data”) and then execute the Database Manager command
Smaller values for these heartbeat and monitoring intervals will result in quicker reaction to
broker failure, but at the cost of reduced performance and increased likelihood of false
suspicions and erroneous failure detection.
152 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring Clusters
This lists the current status of all brokers included in the cluster to which a given broker
belongs, as shown in Example 8–1 (for a conventional cluster) or Example 8–2 (for an HA
cluster).
Listing all the brokers in the cluster that the following broker is a member of:
-------------------------
Host Primary Port
-------------------------
localHost 7676
-------------------------
Address State
---------------------
whippet:7676 OPERATING
greyhound:7676 OPERATING
Listing all the brokers in the cluster that the following broker is a member of:
----------------------------------------------
Host Primary Port Cluster Broker ID
----------------------------------------------
localHost 7676 brokerA
Cluster ID myClusterID
Cluster Is Highly Available True
--------------------------------------------------------------------------------------------------------------
ID of broker Time since last
Broker ID Address State Msgs in store performing takeover status timestamp
--------------------------------------------------------------------------------------------------------------
brokerA localhost:7676 OPERATING 121 30 sec
brokerB greyhound:7676 TAKEOVER_STARTED 52 brokerA 3 hrs
brokerC jpgserv:7676 SHUTDOWN_STARTED 12346 10 sec
brokerD icdev:7676 TAKEOVER_COMPLETE 0 brokerA 2 min
brokerE mrperf:7676 *unknown 12 0 sec
brokerG iclab1:7676 QUIESCING 4 2 sec
brokerH iclab2:7676 QUIESCE_COMPLETE 8 5 sec
Managing Clusters
The following sections describe how to perform various administrative management tasks for
conventional and high-availability clusters, respectively.
Note – Whichever clustering method you use, you must make sure that no broker in the cluster
is given an address that resolves to the network loopback IP address (127.0.0.1). Any broker
configured with this address will be unable to connect to other brokers in the cluster.
In particular, some Linux installers automatically set the localhost entry to the network
loopback address. On such systems, you must modify the system IP address so that all brokers
in the cluster can be addressed properly: For each Linux system participating in the cluster,
check the /etc/hosts file as part of cluster setup. If the system uses a static IP address, edit the
/etc/hosts file to specify the correct address for localhost. If the address is registered with
Domain Name Service (DNS), edit the file /etc/nsswitch.conf to change the order of the
entries so that DNS lookup is performed before consulting the local hosts file. The line in
/etc/nsswitch.conf should read as follows:
154 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Clusters
Note – If you are clustering a Message Queue 4.1 broker together with those from earlier versions
of Message Queue, you must set the value of the 4.1 broker’s
imq.autocreate.queue.maxNumActiveConsumers property to 1. Otherwise the brokers will
not be able to establish a cluster connection.
1 If you are using a master broker, start it with the imqbrokerd command, using the -cluster
option to specify the complete list of brokers to be included in the cluster.
For example, the following command starts the broker as part of a cluster consisting of the
brokers running at the default port (7676) on host1, at port 5000 on host2, and at port 9876 on
the default host (localhost):
imqbrokerd -cluster host1,host2:5000,:9876
2 Once the master broker (if any) is running, start each of the other brokers in the cluster with the
imqbrokerd command, using the same list of brokers with the -cluster option that you used
for the master broker.
The value specified for the -cluster option must be the same for all brokers in the cluster.
1 Create a cluster configuration file that uses the imq.cluster.brokerlist property to specify
the list of brokers to be connected.
If you are using a master broker, identify it with the imq.cluster.masterbroker property in
the configuration file.
2 For each broker in the cluster, set the imq.cluster.url property in the broker’s instance
configuration file to point to the cluster configuration file.
1 For each broker in the cluster, set up SSL-based connection services, as described in “Message
Encryption”on page 185.
2 Set each broker’s imq.cluster.transport property to ssl, either in the cluster configuration
file or individually for each broker.
3 (Optional) Set the value of the imq.cluster.url property in the new broker’s instance
configuration file (config.properties) to point to the cluster configuration file.
156 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Clusters
2 Restart the brokers that will remain in the cluster, using the imqbrokerd command’s -cluster
option to specify only those remaining brokers.
For example, suppose you originally created a cluster consisting of brokers A, B, and C by
starting each of the three with the command
imqbrokerd -cluster A,B,C
To remove broker A from the cluster, restart brokers B and C with the command
1 Edit the cluster configuration file to remove the excluded broker from the list specified for the
imq.cluster.brokerlist property.
Because of the important information that the configuration change record contains, it is
important to back it up regularly so that it can be restored in case of failure. Although restoring
from a backup will lose any changes in the cluster’s persistent state that have occurred since the
backup was made, frequent backups can minimize this potential loss of information. The
backup and restore operations also have the positive effect of compressing and optimizing the
change history contained in the configuration change record, which can grow significantly over
time.
● Use the -backup option of the imqbrokerd command, specifying the name of the backup file.
For example:
imqbrokerd -backup mybackuplog
2 Restore the master broker’s configuration change record from the backup file.
The command is
imqbrokerd -restore mybackuplog
3 If you assign a new name or port number to the master broker, update the
imq.cluster.brokerlist and imq.cluster.masterbroker properties accordingly in the
cluster configuration file.
158 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Clusters
Property Description
Property Description
The property values can be set separately in each broker’s instance configuration file, or they can
be specified in a cluster configuration file that all the brokers share. The procedures are as
follows:
160 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Clusters
c. Edit the instance configuration file to specify the broker’s HA-related configuration
properties.
Table 8–1 shows the required property values.
2 Place a copy of, or a symbolic link to, your JDBC driver’s .jar file in the appropriate location,
depending on your platform:
Solaris: /usr/share/lib/imq/ext/
Linux: /opt/sun/mq/share/lib/
Windows: IMQ_VARHOME\lib\ext
1 Create a cluster configuration file specifying the cluster’s HA-related configuration properties.
Table 8–1 shows the required property values. However, do not include the imq.brokerid
property in the cluster configuration file; this must be specified separately for each individual
broker in the cluster.
c. Edit the instance configuration file to specify the location of the cluster configuration file.
In the broker’s instance configuration file, set the imq.cluster.url property to point to the
location of the cluster configuration file you created in step 1.
4 Place a copy of, or a symbolic link to, your JDBC driver’s .jar file in the appropriate location,
depending on your platform:
Solaris: /usr/share/lib/imq/ext/
Linux: /opt/sun/mq/share/lib/
Windows: IMQ_VARHOME\lib\ext
1 Set the new broker’s HA-related properties, as described in the preceding section.
You can do this either by specifying the individual properties in the broker’s instance
configuration file (config.properties) or, if there is a cluster configuration file, by setting the
broker’s imq.cluster.url property to point to it.
162 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Managing Clusters
where hostName and portNumber are the host name and port number of the broker to be shut
down.
Conversely, you may sometimes need to force a broker takeover to occur manually. (This might
be necessary, for instance, if an automatic takeover broker were to fail before completing the
takeover process.) In such cases, you can initiate a takeover manually from the command line:
first shut down the broker to be taken over with the -nofailover option, as shown above, then
issue the command
where brokerID is the broker identifier of the broker to be taken over. If the specified broker
appears to be running, the Command utility will display a confirmation message:
The broker associated with brokerID last accessed the database # seconds ago.
Do you want to take over for this broker?
You can suppress this message, and force the takeover to occur unconditionally, by using the -f
option to the imqcmd takeover bkr command:
Note – The imqcmd takeover bkr subcommand is intended only for use in failed-takeover
situations. You should use it only as a last resort, and not as a general way of forcibly taking over
a running broker.
You may also find it useful to quiesce a broker before shutting it down, causing it to refuse any
new client connections while continuing to service old ones. This allows the broker’s operations
to wind down gradually without triggering a takeover by another broker, for instance in
preparation for shutting it down administratively for upgrade or similar purposes; see
“Quiescing a Broker” on page 101 for more information.
to convert an existing standalone HADB persistent data store to a shared HADB store. You can
use this command in the following cases:
■ Moving from a Message Queue 4.0 standalone HADB store to a Message Queue 4.1 shared
HADB store. In this case, the broker will automatically upgrade the store. You can then run
the imqdbmgr upgrade hastore command to convert the upgraded data store for shared use.
■ Moving from a standalone Message Queue 4.1 HADB store to a shared HADB store. In this
case, you just need to run the imqdbmgr upgrade hastore command to convert the data
store for shared use.
Because this command only supports conversion of HADB stores, it cannot be used to convert
file-based stores or other JDBC-based stores to a shared HADB store. If you were previously
running a 3.x version of Message Queue, you must create an HADB store and then manually
migrate your data to that store in order to use the high availability feature.
For durability and reliability, it is a good idea to back up a high-availability cluster’s shared
persistent data store periodically to backup files. This creates a snapshot of the data store that
you can then use to restore the data in case of catastrophic failure. The command for backing up
the data store is
where backupDir is the path to the directory in which to place the backup files. To restore the
data store from these files, use the command
164 Sun Java System Message Queue 4.1 Administration Guide • September 2007
9
C H A P T E R
Security
9
This chapter describes Message Queue’s facilities for security-related tasks such as
authenticating users, defining access control, configuring a Secure Socket Layer (SSL)
connection service to encrypt client-broker communication, and setting up a password file for
use in broker startup. In addition to Message Queue’s own built-in authentication mechanisms,
you can also plug in a preferred external authentication service based on the Java
Authentication and Authorization Service (JAAS) API.
User Authentication
Users attempting to connect to a Message Queue message broker must provide a user name and
password for authentication. The broker will grant the connection only if the name and
password match those in a broker-specific user repository listing the authorized users and their
passwords. Each broker instance can have its own user repository, which you as an
administrator are responsible for maintaining. This section tells how to create, populate, and
manage the user repository.
165
User Authentication
■ A Lightweight Directory Access Protocol (LDAP) server. This could be a new or existing
LDAP directory server using the LDAP v2 or v3 protocol. You use the tools provided by the
LDAP vendor to populate and manage the user repository. This type of repository is not as
easy to use as the flat-file repository, but it is more scalable and therefore better for
production environments.
■ An external authentication mechanism plugged into Message Queue by means of the Java
Authentication and Authorization Service (JAAS) API.
See “Using a Flat-File User Repository” on page 166, “Using an LDAP User Repository” on
page 172, and “Using JAAS-Based Authentication” on page 174 for information on these three
types of authentication mechanism.
.../instances/instanceName/etc/passwd
(See Appendix A, “Platform-Specific Locations of Message Queue Data” for the exact location
of the instances directory, depending on your operating system platform.)
166 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
anonymous For Message Queue clients that do not wish to use a user name known to the
broker (for instance, because they do not know of a real user name to use). This
group is analogous to the anonymous account provided by most FTPservers. No
more than one user at a time can be assigned to this group. You should restrict
the access privileges of this group in comparison to the user group, or remove
users from the group at deployment time.
You cannot rename or delete these predefined groups or create new ones.
In addition to its group, each user entry in the repository has a user status: either active or
inactive. New user entries added to the repository are marked active by default. Changing a
user’s status to inactive rescinds all of that user’s access privileges, making the user unable to
open new broker connections. Such inactive entries are retained in the user repository,
however, and can be reactivated at a later time. If you attempt to add a new user with the same
name as an inactive user already in the repository, the operation will fail; you must either delete
the inactive user entry or give the new user a different name.
To allow the broker to be used immediately after installation without further intervention by
the administrator, the flat-file user repository is created with two initial entries, summarized in
Table 9–1:
■ The admin entry (user name and password admin/admin) enables you to administer the
broker with Command utility (imqcmd) commands. Immediately on installation, you should
update this initial entry to change its password (see “Changing a User’s Password” on
page 170).
■ The guest entry allows clients to connect to the broker using a default user name and
password (guest/guest).
You can then proceed to add any additional user entries you need for individual users of your
message service.
Subcommand Description
The general options listed in Table 9–3 apply to all subcommands of the imqusermgr command.
Option Description
imqusermgr -v
168 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
Displaying Help
To display help on the imqusermgr command, use the -h option, and do not use a
subcommand. You cannot get help about specific subcommands.
imqusermgr -h
The -u and -p options specify the user name and password, respectively, for the new entry.
These must conform to the following conventions:
■ All user names and passwords must be at least one character long. Their maximum length is
limited only by command shell restrictions on the maximum number of characters that can
be entered on a command line.
■ A user name cannot contain an asterisk (*), a comma (,), a colon (:), or a new-line or
carriage-return character.
■ If a user name or password contains a space, the entire name or password must be enclosed
in quotation marks (" ").
The optional -g option specifies the group (admin, user, or anonymous) to which the new user
belongs; if no group is specified, the user is assigned to the user group by default. If the broker
name (-i option) is omitted, the default broker imqbroker is assumed.
For example, the following command creates a user entry on broker imqbroker for a user
named AliBaba, with password Sesame, in the admin group:
Note – For the sake of security, you should change the password of the admin user from its initial
default value (admin) to one that is known only to you. The following command changes the
default administrator password for broker mybroker to veeblefetzer:
imqusermgr update -i mybroker -u admin -p veeblefetzer
You can quickly confirm that this change is in effect by running any of the command line tools
when the broker is running. For example, the following command will prompt you for a
password:
imqcmd list svc mybroker -u admin
Entering the new password (veeblefetzer) should work; the old password should fail.
After changing the password, you should supply the new password whenever you use any of the
Message Queue administration tools, including the Administration Console.
170 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
The -u identifies the user; -a is a boolean value specifying the user’s new status as active (true)
or inactive (false). If the broker name (-i option) is omitted, the default broker imqbroker is
assumed.
For example, the following command sets user AliBaba’s status to inactive on broker
imqbroker:
You can combine the -p (password) and -a (active status) options in the same imqusermgr
update command. The options may appear in either order: for example, both of the following
commands activate the user entry for AliBaba and set the password to plugh:
The command
imqusermgr list
the command lists information about all users in the repository, as in Example 9–2.
imq.authentication.basic.user_repository=ldap
■ The imq.authentication.type property controls the type of encoding used when passing a
password between client and broker. By default, this property is set to digest, denoting
MD5 encoding, the form used by flat-file user repositories. For LDAP authentication, set it
to basic instead:
imq.authentication.type=basic
This denotes base-64 encoding, the form used by LDAP user repositories.
■ The following properties control various aspects of LDAP access. See Table 14–8 for more
detailed information:
imq.user_repository.ldap.server
imq.user_repository.ldap.principal
172 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
imq.user_repository.ldap.password
imq.user_repository.ldap.propertyName
imq.user_repository.ldap.base
imq.user_repository.ldap.uidattr
imq.user_repository.ldap.usrfilter
imq.user_repository.ldap.grpsearch
imq.user_repository.ldap.grpbase
imq.user_repository.ldap.gidattr
imq.user_repository.ldap.memattr
imq.user_repository.ldap.grpfilter
imq.user_repository.ldap.timeout
imq.user_repository.ldap.ssl.enabled
■ If you want the broker to use a secure, encrypted SSL (Secure Socket Layer) connection for
communicating with the LDAP server, set the broker’s
imq.user_repository.ldap.ssl.enabled property to true
imq.user_repository.ldap.ssl.enabled=true
and the imq.user_repository.ldap.server property to the port used by the LDAP server
for SSL communication: for example,
imq.user_repository.ldap.server=myhost:7878
You will also need to activate SSL communication in the LDAP server.
In addition, you may need to edit the user and group names in the broker’s access control file to
match those defined in the LDAP user repository; see “User Authorization” on page 180 for
more information.
To create administrative users, you use the access control file to specify users and groups that
can create ADMIN connections. These users and groups must be predefined in the LDAP
directory.
Any user or group who can create an ADMIN connection can issue administrative commands.
1 Enable the use of the access control file by setting the broker property
imq.accesscontrol.enabled to true, which is the default value.
The imq.accesscontrol.enabled property enables use of the access control file.
2 Open the access control file, accesscontrol.properties. The location for the file is listed in
Appendix A,“Platform-Specific Locations of Message Queue Data”
The file contains an entry such as the following:
3 To grant Message Queue administrator privileges to users, enter the user names as follows:
connection.ADMIN.allow.user= userName[[,userName2] …]
4 To grant Message Queue administrator privileges to groups, enter the group names as follows:
connection.ADMIN.allow.group= groupName[[,groupName2] …]
JAAS is a core API in Java 2 Standard Edition (J2SE), and is therefore an integral part of
Message Queue’s runtime environment. It defines an abstraction layer between an application
and an authentication mechanism, allowing the desired mechanism to be plugged in with no
change to application code. In the case of the Message Queue service, the abstraction layer lies
between the broker (application) and an authentication provider. By setting a few broker
properties, it is possible to plug in any JAAS-compliant authentication service and to upgrade
this service with no disruption or change to broker code.
174 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
Note – You can use Java Management Extensions (JMX) clients to manage the broker if you are
using JAAS-based authentication, but you must manually set up JAAS support (by setting
JAAS-related broker properties) before starting the broker. You cannot use the JMX API to
change those properties.
Elements of JAAS
Figure 9–1 shows the basic elements of JAAS: a JAAS client, a JAAS-compliant authentication
service, and a JAAS configuration file.
■ The JAAS client is an application wishing to perform authentication using a
JAAS-compliant authentication service. It communicates with this service using one or
more login modules and is responsible for providing a callback handler that the login
module can call to obtain the user name, password, and other relevant information.
■ The JAAS-compliant authentication service consists of one or more login modules along
with logic to perform the needed authentication. The login module (LoginModule) may
include the authentication logic itself, or it may use a private protocol or API to
communicate with another module that provides the logic.
■ The JAAS configuration file is a text file that the JAAS client uses to locate the login
module(s) for communicating with the authentication service.
LoginModule
Authentication
Service
Authentication
Logic
User
Repository
Message Queue
Broker
Message (JAAS Client)
Queue VM
Client
Login Context
Call Back Handler
LoginModule2 LoginModule3
LoginModule1 (Authentication (Authentication
Logic) Logic)
Authentication
Logic
As in the simpler case, the authentication service layer is separate from the broker. The
authentication service consists of one or more login modules, along with additional
authentication modules if needed. The login modules run in the same Java virtual machine as
the broker. The Message Queue broker is represented to the login module as a login context, and
communicates with the login module by means of a callback handler that is part of the broker
runtime code.
The authentication service also supplies a JAAS configuration file containing entries to the login
modules. The configuration file specifies the order in which the modules are to be used and
some conditions for their use. When the broker starts up, JAAS locates the configuration file by
consulting either the Java system property java.security.auth.login.config or the Java
security properties file. It then selects an entry in the JAAS configuration file according to the
value of the broker property imq.user_repository.jaas.name. That entry specifies which
login modules will be used for authentication. As the figure shows, it is possible for the broker to
use more than one login module. (The relation between the configuration file, the login module,
and the broker is shown in Figure 9–3.)
The fact that the broker uses a JAAS plug-in authentication service remains completely
transparent to the Message Queue client. The client continues to connect to the broker as it did
before, passing a user name and password. In turn, the broker uses a callback handler to pass
this information to the authentication service, and the service uses the information to
176 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
authenticate the user and return the results. If authentication succeeds, the broker grants the
connection; if it fails, the client runtime returns a JMS security exception that the client must
handle.
After the Message Queue client is authenticated, if there is further authorization to be done, the
broker proceeds as it normally would, consulting the access control file to determine whether
the authenticated client is authorized to perform the actions it undertakes: accessing a
destination, consuming a message, browsing a queue, and so on.
This section illustrates how the JAAS client, the login modules, and the JAAS configuration file
are related and then describes the process required to set up JAAS-compliant authentication.
The next figure shows the relation between the configuration file, the login module, and the
broker.
MyJAASCFile.config
MyEntry1{ Location of the configuration
com.some.module.MyLoginModule1 required file is specified with the Java
debug=true system property
com.some.module.MyLoginModule2 optional java.security.auth.login.config
debug=true }
In lib/ext directory,
LoginModule classes
LoginModule1.java
are dynamically loaded
by the broker
Broker
As shown in the figure, the JAAS configuration file, MyJAASCFile.config contains references to
several login modules, grouped in an entry point. The JAAS locates the configuration file by
consulting the Java system property java.security.auth.login.config or the Java security
properties file. The broker then determines which login modules to use by consulting the
broker property imq.user_repository.jaas.name, which specifies the desired entry in the
configuration file. The classes for those modules are found in the lib/ext directory.
To set up JAAS support for Message Queue, you must complete the following steps. (In a
development environment all these steps might be done by the developer. In a production
environment, the administrator would take over some of these tasks.)
1. Create one or more login module classes that implement the authentication service. The
JAAS callback types that the broker supports are listed below.
javax.security.auth.callback.LanguageCallback
The broker uses this callback to pass the authentication service the locale in which the
broker is running This value can be used for localization.
javax.security.auth.callback.NameCallback
The broker uses this callback to pass to the authentication service the user name specified
by the Message Queue client when the connection was requested.
javax.security.auth.callback.TextInputCallback
The broker uses this callback to pass the value of imq.authentication.type to the
authentication service when the TextInputCallback.getPrompt() is
imq.authentication.type. Right now, the only possible value for this field is basic. This
indicates Base-64 password encoding.
javax.security.auth.callback.PasswordCallback
The broker uses this callback to pass to the authentication service the password specified
by the Message Queue client when the connection was requested.
javax.security.auth.callback.TextOutputCallback
The broker handles this callback to provide logging service to the authentication service
by logging the text output to the broker's log file. The callback's MessageType ERROR,
INFORMATION, WARNING are mapped to the broker logging levels ERROR, INFO, WARNING
respectively.
2. Create a JAAS configuration file with entries that reference the login module classes and
specify the location of this file to the Message Queue administrator. (The file can be located
remotely, and its location can be specified with a URL.)
3. Note the name of the entry (that references the login implementation classes) in the JAAS
configuration file.
4. Archive the classes that implement the login modules to a jar file, and place the jar file in the
Message Queue lib/ext directory.
5. Configure the broker properties that relate to JAAS support. These are described in
Table 9–4.
6. Set the following system property (to specify the location of the JAAS configuration file)
when starting the broker.
java.security.auth.login.config=JAAS_Config_File_Location
178 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authentication
For example, you can specify the configuration file when you start the broker.
imqbrokerd -Djava.security.auth.login.config=JAAS_Config_File_Location
There are other ways to specify the location of the JAAS configuration file. For additional
information, please see
http://java.sun.com/
j2se.1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html
The following table lists the broker properties that need to be set to set up JAAS support.
Property Description
imq.user_repository.jaas.name Set to the name of the desired entry (in the JAAS
configuration file) that references the login modules
you want to use as the authentication mechanism.
This is the name you noted in Step 3.
User Authorization
An access control file contains rules that specify which users (or groups of users) are authorized
to perform certain operations on a message broker. These operations include the following:
■ Creating a connection
■ Creating a message producer for a physical destination
■ Creating a message consumer for a physical destination
■ Browsing a queue destination
■ Auto-creating a physical destination
.../instances/brokerInstanceName/etc/accesscontrol.properties
(See Appendix A, “Platform-Specific Locations of Message Queue Data” for the exact location,
depending on your platform.)
The file is formatted as a Java properties file. It starts with a version property defining the
version of the file:
version=JMQFileAccessControlModel/100
This is followed by three sections specifying the access control for three categories of
operations:
■ Creating connections
■ Creating message producers or consumers, or browsing a queue destination
■ Auto-creating physical destinations
Each of these sections consists of a sequence of authorization rules specifying which users or
groups are authorized to perform which specific operations. These rules have the following
syntax:
resourceType.resourceVariant.operation.access.principalType=principals
180 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authorization
Element Description
resourceVariant Specific resource (connection service type or destination) to which rule applies
An asterisk (*) may be used as a wild-card character to denote all resources of a
given type: for example, a rule beginning with queue.* applies to all queue
destinations.
operation Operation to which rule applies; see pertinent sections below for possible values
principals List of principals (users or groups) to whom rule applies, separated by commas
An asterisk (*) may be used as a wild-card character to denote all users or all
groups: for example, a rule ending with user=* applies to all users.
queue.q1.consume.allow.user=*
allows all users to consume messages from the queue destination q1. The rule
queue.*.consume.allow.user=Snoopy
allows user Snoopy to consume messages from all queue destinations. The rule
topic.t1.produce.deny.user=Snoopy
Note – You can use Unicode escape (\\uXXXX) notation to specify non-ASCII user, group, or
destination names. If you have edited and saved the access control file with these names in a
non-ASCII encoding, you can use the Java native2ascii tool to convert the file to ASCII. See
the Java Internationalization FAQ at
http://java.sun.com/j2se/1.4/docs/guide/intl/faq.html
queue.q1.produce.allow.user=*
queue.q1.produce.deny.user=Snoopy
authorize all users except Snoopy to send messages to queue destination q1.
■ Authorization rules for a specific user override those for any group to which the user
belongs. For example, if user Snoopy is a member of group user, the rules
queue.q1.consume.allow.group=user
queue.q1.consume.deny.user=Snoopy
authorize all members of user except Snoopy to receive messages from queue destination
q1.
■ Authorization rules applying generically to all users override those applying to all groups.
For example, the rules
topic.t1.produce.deny.group=*
topic.t1.produce.allow.user=*
authorize all users to publish messages to topic destination t1, overriding the rule denying
such access to all groups.
■ Authorization rules for specific resources override those applying generically to all resources
of a given type. For example, the rules
topic.*.consume.allow.user=Snoopy
topic.t1.consume.deny.user=Snoopy
182 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Authorization
If you are using an LDAP user repository, you must define your own user groups in the LDAP
directory, using the tools provided by your LDAP vendor. You can either define a group named
admin, which will then be governed by the default authorization rule shown above, or edit the
access control file to refer to one or more other groups that you have defined in the LDAP
directory. You must also explicitly enable access control by setting the broker’s
imq.accesscontrol.enabled property to true.
By default, all users and groups are authorized to perform all of these operations on any physical
destination. You can change this by editing the default authorization rules in the access control
properties file or overriding them with more specific rules of your own. For example, the rule
topic.Admissions.consume.deny.group=user
denies all members of the user group the ability to subscribe to the topic Admissions.
The final section of the access control file, includes authorization rules that specify for which
users and groups the broker will auto-create a physical destination.
When a client creates a message producer or consumer for a physical destination that does not
already exist, the broker will auto-create the destination (provided that the broker’s
imq.autocreate.queue or imq.autocreate.topic property is set to true). A separate section
of the access control file controls the ability of users and groups to perform such auto-creation.
This is governed by authorization rules with a resource type of queue or topic and an operation
element of create. the resourceVariant element is omitted, since these rules apply to all queues
or all topics, rather than any specific destination. The default access control file contains the
rules
queue.create.allow.user=*
topic.create.allow.user=*
authorizing all users to have physical destinations auto-created for them by the broker. You can
edit the file to restrict such authorization for specific users. For example, the rule
topic.create.deny.user=Snoopy
184 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Message Encryption
Note – Note that the effect of such auto-creation rules must be congruent with that of other
physical destination access rules. For example, if you change the destination authorization rule
to prohibit any user from sending a message to a queue, but enable the auto-creation of queue
destinations, the broker will create the physical destination if it does not exist, but will not
deliver a message to it.
Message Encryption
This section explains how to set up a connection service based on the Secure Socket Layer (SSL)
standard, which sends encrypted messages between clients and broker. Message Queue
supports the following SSL-based connection services:
■ The ssljms service delivers secure, encrypted messages between a client and a broker, using
the TCP/IP transport protocol.
■ The httpsjms service delivers secure, encrypted messages between a client and a broker,
using an HTTPS tunnel servlet with the HTTP transport protocol.
■ The ssladmin service creates a secure, encrypted connection between the Message Queue
Command utility (imqcmd) and a broker, using the TCP/IP transport protocol. Encrypted
connections are not supported for the Administration Console (imqadmin).
■ The cluster service is used internally to provide secure, encrypted communication
between brokers in a cluster, using the TCP/IP transport protocol.
The remainder of this section describes how to set up secure connections over TCP/IP, using the
ssljms, ssladmin, and cluster connection services. For information on setting up secure
connections over HTTP with the httpsjms service, see Appendix C, “HTTP/HTTPS Support.”
For a stronger level of authentication, you can use signed certificates verified by a certification
authority. The use of signed certificates involves some additional steps beyond those needed for
self-signed certificates: you must first perform the steps described in this section and then
follow them with the additional ones in “Using Signed Certificates” on page 191.
Message Queue's support for SSL with self-signed certificates is oriented toward securing
on-the-wire data, on the assumption that the client is communicating with a known and trusted
server. The following procedure shows the steps needed to set up an SSL-based connection
service to use self-signed certificates. The subsections that follow describe each of these steps in
greater detail.
imqkeytool -broker
The Key Tool utility prompts you for a key store password:
Next, the utility prompts you for identifying information from which to construct an X.500
distinguished name. Table 9–6 shows the prompts and the values to be provided for each.
Values are case-insensitive and can include spaces.
What is your first and last commonName (CN) Fully qualified name of server running mqserver.sun.com
name? the broker
186 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Message Encryption
TABLE 9–6 Distinguished Name Information Required for a Self-Signed Certificate (Continued)
Prompt X.500 Attribute Description Example
What is the name of your organizationalUnit (OU) Name of department or division purchasing
organizational unit?
What is the name of your organizationName (ON) Name of larger organization, such as a Acme Widgets, Inc.
organization? company or government entity
What is the name of your city localityName (L) Name of city or locality San Francisco
or locality?
What is the name of your state stateName (ST) Full (unabbreviated) name of state or California
or province? province
When you have entered the information, the Key Tool utility displays it for confirmation: for
example,
To accept the current values and proceed, enter yes; to reenter values, accept the default or
enter no. After you confirm, the utility pauses while it generates a key pair.
Next, the utility asks for a password to lock the key pair (key password). Press Return in
response to this prompt to use the same password for both the key password and the key store
password.
Caution – Be sure to remember the password you specify. You must provide this password when
you start the broker, to allow the broker to open the key store. You can store the key store
password in a password file (see “Password Files” on page 193).
The Key Tool utility generates a self-signed certificate and places it in Message Queue’s key
store. The key store is located in a directory whose location depends upon the operating system
platform, as shown in Appendix A, “Platform-Specific Locations of Message Queue Data.”
The following are the configurable properties for the Message Queue key store for SSL-based
connection services:
imq.keystore.file.dirpath Path to directory containing key store file (see Appendix A,
“Platform-Specific Locations of Message Queue Data” for
default value)
imq.keystore.file.name Name of key store file
imq.keystore.password Key store password
In some circumstances, you may need to regenerate a key pair in order to solve certain
problems: for example, if you forget the key store password or if the SSL-based service fails to
initialize when you start a broker and you get the exception
(This exception may result if you provided a key password different from the key store
password when you generated the self-signed certificate.)
1 Remove the broker’s key store, located as shown in Appendix A,“Platform-Specific Locations of
Message Queue Data.”
2 Add an entry (if one does not already exist) for the imq.service.activelist property and
include the desired SSL-based service(s) in the list.
By default, the property includes the jms and admin connection services. Add the SSL-based
service or services you wish to activate (ssljms, ssladmin, or both):
imq.service.activelist=jms,admin,ssljms,ssladmin
Note – The SSL-based cluster connection service is enabled using the imq.cluster.transport
property rather than the imq.service.activelist property; see “Clustering Conventional
Brokers” on page 154.
188 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Message Encryption
imq.passfile.dirpath=/passfileDirectory
imq.passfile.name=passfileName
■ Allow the broker to prompt you for the password when it starts up:
imqbrokerd
Please enter Keystore password:
Note – When you start a broker or client with SSL, you may notice a sharp increase in CPU usage
for a few seconds. This is because the JSSE (Java Secure Socket Extension) method
java.security.SecureRandom, which Message Queue uses to generate random numbers, takes
a significant amount of time to create the initial random number seed. Once the seed is created,
the CPU usage level will drop to normal.
Application Clients
For application clients, you must make sure the client has the following .jar files specified in its
CLASSPATH variable:
imq.jar
jms.jar
If you are using a version of the Java 2 Software Development Kit (J2SDK) earlier than 1.4, you
must also include the following Java Secure Socket Extension (JSSE) and Java Naming and
Directory Interface (JNDI) .jar files:
jsse.jar
jnet.jar
jcert.jar
jndi.jar
(It is not necessary to include these files if you are using J2SDK 1.4 or later, which has JSSE and
JNDI support built in.)
Once the CLASSPATH files are properly specified, one way to start the client and connect to the
broker’s ssljms connection service is by entering a command like the following:
Administrative Clients
For administrative clients, you can establish a secure connection by including the -secure
option when you invoke the imqcmd command: for example,
where adminName is a valid entry in the Message Queue user repository. The command will
prompt you for the password. (If you are using a flat-file repository, see “Changing a User’s
Password” on page 170.)
Listing the connection services is a way to verify that the ssladmin service is running and that
you can successfully make a secure administrative connection, as shown in Example 9–3.
190 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Message Encryption
2 Configure the Message Queue client to require signed certificates when establishing an
SSL-based connection to the broker.
1 Use the J2SE keytool command to generate a certificate signing request (CSR) for the
self-signed certificate you generated in the preceding section.
Information about the keytool command can be found at
http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html
Here is an example:
2 If your certification authority is not supported in J2SE, import the CA’s root certificate into the
Message Queue key store.
Here is an example:
keytool -import -alias ca -file ca.cer -noprompt -trustcacerts
-keystore /etc/imq/keystore -storepass myStorePassword
where ca.cer is the file containing the root certificate obtained from the CA.
If you are using a CA test certificate, you probably need to import the test CA root certificate.
Your CA should have instructions on how to obtain a copy.
3 Import the signed certificate into the key store to replace the original self-signed certificate.
Here is an example:
keytool -import -alias imq -file broker.cer -noprompt -trustcacerts
-keystore /etc/imq/keystore -storepass myStorePassword
where broker.cer is the file containing the signed certificate that you received from the CA.
The Message Queue key store now contains a signed certificate to use for SSL connections.
192 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Password Files
2 Verify whether the signing authority is registered in the client's trust store.
To test whether the client will accept certificates signed by your certification authority, try to
establish an SSL connection, as described above under “Configuring and Running an SSL-Based
Client” on page 189. If the CA is in the client's trust store, the connection will succeed and you
can skip the next step. If the connection fails with a certificate validation error, go on to the next
step.
3 Install the signing CA’s root certificate in the client’s trust store.
The client searches the key store files cacerts and jssecacerts by default, so no further
configuration is necessary if you install the certificate in either of those files. The following
example installs a test root certificate from the Verisign certification authority from a file named
testrootca.cer into the default system certificate file, cacerts. The example assumes that
J2SE is installed in the directory $JAVA_HOME/usr/j2se:
keytool -import -keystore /usr/j2se/jre/lib/security/cacerts
-alias VerisignTestCA -file testrootca.cer -noprompt
-trustcacerts -storepass myStorePassword
An alternative (and recommended) option is to install the root certificate into the alternative
system certificate file, jssecacerts:
javax.net.ssl.trustStore=/home/smith/.keystore
Password Files
Several types of command require passwords. In Table 9–7, the first column lists the commands
that require passwords and the second column lists the reason that passwords are needed.
You can specify these passwords in a password file and use the -passfile option to specify the
name of the file. This is the format for the -passfile option:
Note – In previous versions of Message Queue, you could use the -p, -password, -dbpassword,
and -ldappassword options to specify passwords on the command line. As of Message Queue
4.0, these options are deprecated and are no longer supported; you must use a password file
instead.
Security Concerns
Typing a password interactively, in response to a prompt, is the most secure method of
specifying a password (provided that your monitor is not visible to other people). You can also
specify a password file on the command line. For non-interactive use of commands, however,
you must use a password file.
A password file is unencrypted, so you must set its permissions to protect it from unauthorized
access. Set the permissions so that they limit the users who can view the file, but provide read
access to the user who starts the broker.
194 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connecting Through a Firewall
A sample password file is provided as part of your Message Queue installation; see Appendix A,
“Platform-Specific Locations of Message Queue Data” for the location of this file, depending on
your platform.
jms imq.jms.tcp.port
ssljms imq.ssljms.tls.port
admin imq.admin.tcp.port
ssladmin imq.ssladmin.tls.port
2 Configure the firewall to allow connections to the port number you assigned to the connection
service.
You must also allow connections through the firewall to Message Queue's Port Mapper port
(normally 7676, unless you have reassigned it to some other port). In the example above, for
instance, you would need to open the firewall for ports 10234 and 7676.
196 Sun Java System Message Queue 4.1 Administration Guide • September 2007
10
C H A P T E R 1 0
This chapter describes the tools you can use to monitor a broker and how you can get metrics
data. The chapter has the following sections:
■ “Introduction to Monitoring Tools” on page 197
■ “Configuring and Using Broker Logging” on page 199
■ “Displaying Metrics Interactively” on page 204
■ “Using the JES Monitoring Framework” on page 209
■ “Writing an Application to Monitor Brokers” on page 210
197
Introduction to Monitoring Tools
198 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring and Using Broker Logging
In addition to the differences shown in the table, each tool gathers a somewhat different subset
of the metrics information generated by the broker. For information on which metrics data is
gathered by each monitoring tool, see Chapter 18, “Metrics Reference.”
This section describes the default logging configuration for the broker and explains how to
change that configuration to redirect log information to alternative output channels, change log
file rollover criteria, or send metrics data to a log file.
WARNING Conditions that should be heeded but will not cause system failure
The default logging level is INFO, so messages at all three levels are logged by default. The
following is an example of an INFO message:
[13/Sep/2000:16:13:36 PDT] [B1004]: Starting the broker service
using tcp [25374,100] with min threads 50 and max threads of 500
You can change the time zone used in the time stamp by setting the broker configuration
property imq.log.timezone (see Table 14–9).
Note – For a broker whose life cycle is controlled by the Application Server, the log files are
located in a subdirectory of the domain directory for the domain for which the broker was
started:
.../appServerDomainDir/imq/instances/imqbroker/log
The log files are simple text files. The system maintains nine backup files named as follows, from
earliest to latest:
log.txt
log_1.txt
log_2.txt
...
log_9.txt
By default, the log files are rolled over once a week. You can change this rollover interval, or the
location or names of the log files, by setting appropriate configuration properties:
■ To change the directory in which the log files are kept, set the property
imq.log.file.dirpath to the desired path.
■ To change the root name of the log files from log to something else, set the
imq.log.file.filename property.
200 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring and Using Broker Logging
■ To change the frequency with which the log files are rolled over, set the property
imq.log.file.rolloversecs.
2 Set the output channel (file, console, or both) for one or more logging categories.
3 If you log output to a file, configure the rollover criteria for the file.
You complete these steps by setting Logger properties. You can do this in one of two ways:
■ Change or add Logger properties in the config.properties file for a broker before you
start the broker.
■ Specify Logger command line options in the imqbrokerd command that starts the broker.
You can also use the broker option -D to change Logger properties (or any broker property).
Options passed on the command line override properties specified in the broker instance
configuration files. The following imqbrokerd options affect logging:
-metrics interval Logging interval for broker metrics, in seconds
-loglevel level Logging level (ERROR, WARNING, INFO, or NONE)
-silent Silent mode (no logging to console)
-tty Log all messages to console
The following sections describe how you can change the default configuration in order to do the
following:
■ Change the output channel (the destination of log messages)
■ Change rollover criteria
You can change the output channel for log messages in the following ways:
■ To have all log categories (for a given level) output displayed on the screen, use the -tty
option to the imqbrokerd command.
■ To prevent log output from being displayed on the screen, use the -silent option to the
imqbrokerd command.
■ Use the imq.log.file.output property to specify which categories of logging information
should be written to the log file. For example,
imq.log.file.output=ERROR
■ Use the imq.log.console.output property to specify which categories of logging
information should be written to the console. For example,
imq.log.console.output=INFO
■ On Solaris, use the imq.log.syslog.output property to specify which categories of logging
information should be written to Solaris syslog. For example,
imq.log.syslog.output=NONE
Note – Before changing Logger output channels, you must make sure that logging is set at a level
that supports the information you are mapping to the output channel. For example, if you set
the logging level to ERROR and then set the imq.log.console.output property to WARNING, no
messages will be logged because you have not enabled the logging of WARNING messages.
imq.log.file.rolloversecs=864000
■ To change the rollover criteria to depend on file size, you need to set the
imq.log.file.rolloverbytes property. For example, the following definition directs the
broker to rollover files after they reach a limit of 500,000 bytes
imq.log.file.rolloverbytes=500000
If you set both the time-related and the size-related rollover properties, the first limit reached
will trigger the rollover. As noted before, the broker maintains up to nine rollover files.
You can set or change the log file rollover properties when a broker is running. To set these
properties, use the imqcmd update bkr command.
202 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Configuring and Using Broker Logging
a. Confirm imq.metrics.enabled=true
Generation of metrics for logging is turned on by default.
3 Confirm that the Logger is set to write metrics information to the log file:
imq.log.file.output=INFO
This is the default value. It can be set in the config.properties file.
If you enable dead message logging, the broker logs the following types of events:
■ A physical destination exceeded its maximum size.
■ The broker removed a message from a physical destination, for a reason such as the
following:
■ The destination size limit has been reached.
■ The message time to live expired.
■ The message is too large.
■ An error occurred when the broker attempted to process the message.
If a dead message queue is in use, logging also includes the following types of events:
■ The broker moved a message to the dead message queue.
■ The broker removed a message from the dead message queue and discarded it.
Dead message logging is disabled by default. To enable it, set the broker attribute
imq.destination.logDeadMsgs.
The imqcmd command can obtain metrics information for the broker as a whole, for individual
connection services, and for individual physical destinations. To obtain metrics data, you
generally use the metrics subcommand of imqcmd. Metrics data is written at an interval you
specify, or the number of times you specify, to the console screen.
204 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Displaying Metrics Interactively
You can also use the query subcommand to view similar data that also includes configuration
information. See “imqcmd query” on page 208 for more information.
imqcmd metrics
The syntax and options of imqcmd metrics are shown in Table 10–3 and Table 10–4,
respectively.
metrics bkr Displays broker metrics for the default broker or a broker at
[-b hostName:portNumber] the specified host and port.
[-m metricType]
[-int interval]
[-msp numSamples]
metrics svc -n serviceName Displays metrics for the specified service on the default broker
[-b hostName:portNumber] or on a broker at the specified host and port.
[-m metricType]
[-int interval]
[-msp numSamples]
metrics dst -t destType Displays metrics information for the physical destination of
-n destName the specified type and name.
[-b hostName:portNumber]
[-m metricType]
[-int interval]
[-msp numSamples]
-b hostName: portNumber Specifies the hostname and port of the broker for which
metrics data is reported. The default is localhost:7676.
-int interval Specifies the interval (in seconds) at which to display the
metrics. The default is 5 seconds.
-msp numSamples Specifies the number of samples displayed in the output. The
default is an unlimited number (infinite).
-n destName Specifies the name of the physical destination (if any) for
which metrics data is reported. There is no default.
-n serviceName Specifies the connection service (if any) for which metrics data
is reported. There is no default.
2 Issue the appropriate imqcmd metrics subcommand and options as shown in Table 10–3 and
Table 10–4.
206 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Displaying Metrics Interactively
Brokerwide Metrics
To get the rate of message and packet flow into and out of the broker at 10 second intervals, use
the metrics bkr subcommand:
This command produces output similar to the following (see data descriptions in Table 18–2):
--------------------------------------------------------
Msgs/sec Msg Bytes/sec Pkts/sec Pkt Bytes/sec
In Out In Out In Out In Out
--------------------------------------------------------
0 0 27 56 0 0 38 66
10 0 7365 56 10 10 7457 1132
0 0 27 56 0 0 38 73
0 10 27 7402 10 20 1400 8459
0 0 27 56 0 0 38 73
This command produces output similar to the following (see data descriptions in Table 18–3):
-------------------------------------------------
Msgs Msg Bytes Pkts Pkt Bytes
In Out In Out In Out In Out
-------------------------------------------------
164 100 120704 73600 282 383 135967 102127
657 100 483552 73600 775 876 498815 149948
This command produces output similar to the following (see data descriptions in Table 18–4):
-----------------------------------------------------------------------------
Msgs Msg Bytes Msg Count Total Msg Bytes (k) Largest
In Out In Out Current Peak Avg Current Peak Avg Msg (k)
-----------------------------------------------------------------------------
200 200 147200 147200 0 200 0 0 143 71 0
300 200 220800 147200 100 200 10 71 143 64 0
300 300 220800 220800 0 200 0 0 143 59 0
To get information about a physical destination’s consumers, use the following metrics dst
subcommand:
This command produces output similar to the following (see data descriptions in Table 18–4):
------------------------------------------------------------------
Active Consumers Backup Consumers Msg Count
Current Peak Avg Current Peak Avg Current Peak Avg
------------------------------------------------------------------
1 1 0 0 0 0 944 1000 525
imqcmd query
The syntax and options of imqcmd query are shown in Table 10–5 along with a description of
the metrics data provided by the command.
or
query svc -n serviceName Information on the current number of allocated threads and
[-b hostName:portNumber] number of connections for a specified connection service (see
“Viewing Connection Service Information” on page 107).
or
query dst -t destType Information on the current number of producers, active and
-n destName backup consumers, and messages and message bytes stored in
[-b hostName:portNumber] memory and persistent store for a specified destination (see
“Viewing Physical Destination Information” on page 120).
208 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Using the JES Monitoring Framework
Note – Because of the limited metrics data provided by imqcmd query , this tool is not
represented in the tables presented in Chapter 18, “Metrics Reference.”
The JES Monitoring Framework defines a common data model, the Common Monitoring
Model (CMM), to be used by all JES component products. This model enables a centralized and
uniform view of all JES components. Message Queue exposes the following objects through the
Common Monitoring Model:
■ The installed product
■ The broker instance name
■ The broker Port Mapper
■ Each connection service
■ Each physical destination
■ The persistent data store
■ The user repository
Each of these objects is mapped to a CMM object whose attributes can be monitored using the
JES Monitoring Console. The reference tables in Chapter 19, “JES Monitoring Framework
Reference” identify those attributes that are available for JESMF monitoring. For detailed
information about the mapping of Message Queue objects to CMM objects, see the Sun Java
Enterprise System Monitoring Guide.
Using the JES Monitoring Framework will not affect broker performance, because all the work
of gathering metrics is done by the Monitoring Framework, which pulls data from the broker’s
existing data monitoring infrastructure.
You can access this metrics information by writing a client application that subscribes to the
metrics topic destinations, consumes the messages in these destinations, and processes the
metrics information contained in the messages.
There are five metrics topic destinations, whose names are shown in Table 10–6, along with the
type of metrics messages delivered to each destination.
210 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Writing an Application to Monitor Brokers
2 Configure the broker’s Metrics Message Producer by setting broker property values in the
config.properties file:
b. Set the interval (in seconds) at which metrics messages are generated.
Set imq.metrics.topic.interval=interval .
The default is 60 seconds.
c. Specify whether you want metrics messages to be persistent (that is, whether they will
survive a broker failure).
Set imq.metrics.topic.persist .
The default is false.
d. Specify how long you want metrics messages to remain in their respective destinations
before being deleted.
Set imq.metrics.topic.timetolive .
The default value is 300 seconds.
Monitoring clients are subject to the same authentication and authorization control as any
other client. Only users maintained in the Message Queue user repository are allowed to
connect to the broker.
You can provide additional protections by restricting access to specific metrics topic
destinations through an access control file, as described in “User Authorization” on page 180.
For example, the following entries in an accesscontrol.properties file will deny access to the
mq.metrics.broker metrics topic to everyone except user1 and user 2.
topic.mq.metrics.broker.consume.deny.user=*
topic.mq.metrics.broker.consume.allow.user=user1,user2
The following entries will only allow users user3 to monitor topic t1.
topic.mq.metrics.destination.topic.t1.consume.deny.user=*
topic.mq.metrics.destination.topic.t1.consume.allow.user=user3
Depending on the sensitivity of metrics data, you can also connect your metrics monitoring
client to a broker using an encrypted connection. For information on using encrypted
connections, see “Message Encryption” on page 185.
212 Sun Java System Message Queue 4.1 Administration Guide • September 2007
11
C H A P T E R 1 1
This chapter covers a number of topics about how to analyze and tune a Message Queue service
to optimize the performance of your messaging applications. It includes the following topics:
■ “About Performance” on page 213
■ “Factors Affecting Performance” on page 216
■ “Adjusting Configuration To Improve Performance” on page 226
About Performance
This section provides some background information on performance tuning.
213
About Performance
administrator can tune the system as described in this chapter. However, if benchmark testing
does not meet performance requirements, a redesign of the application might be necessary or
the deployment architecture might need to be modified.
Aspects of Performance
In general, performance is a measure of the speed and efficiency with which a message service
delivers messages from producer to consumer. However, there are several different aspects of
performance that might be important to you, depending on your needs.
Connection Load The number of message producers, or message consumers, or the
number of concurrent connections a system can support.
Message throughput The number of messages or message bytes that can be pumped
through a messaging system per second.
Latency The time it takes a particular message to be delivered from message
producer to message consumer.
Stability The overall availability of the message service or how gracefully it
degrades in cases of heavy load or failure.
Efficiency The efficiency of message delivery; a measure of message throughput
in relation to the computing resources employed.
These different aspects of performance are generally interrelated. If message throughput is high,
that means messages are less likely to be backlogged in the broker, and as a result, latency
should be low (a single message can be delivered very quickly). However, latency can depend on
many factors: the speed of communication links, broker processing speed, and client processing
speed, to name a few.
In any case, there are several different aspects of performance. Which of them are most
important to you generally depends on the requirements of a particular application.
Benchmarks
Benchmarking is the process of creating a test suite for your messaging application and of
measuring message throughput or other aspects of performance for this test suite.
For example, you could create a test suite by which some number of producing clients, using
some number of connections, sessions, and message producers, send persistent or
nonpersistent messages of a standard size to some number of queues or topics (all depending on
your messaging application design) at some specified rate. Similarly, the test suite includes
some number of consuming clients, using some number of connections, sessions, and message
214 Sun Java System Message Queue 4.1 Administration Guide • September 2007
About Performance
consumers (of a particular type) that consume the messages in the test suite’s physical
destinations using a particular acknowledgment mode.
Using your standard test suite you can measure the time it takes between production and
consumption of messages or the average message throughput rate, and you can monitor the
system to observe connection thread usage, message storage data, message flow data, and other
relevant metrics. You can then ramp up the rate of message production, or the number of
message producers, or other variables, until performance is negatively affected. The maximum
throughput you can achieve is a benchmark for your message service configuration.
Using this benchmark, you can modify some of the characteristics of your test suite. By carefully
controlling all the factors that might have an effect on performance (see “Application Design
Factors Affecting Performance” on page 218), you can note how changing some of these factors
affects the benchmark. For example, you can increase the number of connections or the size of
messages five-fold or ten-fold, and note the effect on performance.
Conversely, you can keep application-based factors constant and change your broker
configuration in some controlled way (for example, change connection properties, thread pool
properties, JVM memory limits, limit behaviors, file-based versus JDBC-based persistence, and
so forth) and note how these changes affect performance.
This benchmarking of your application provides information that can be valuable when you
want to increase the performance of a deployed application by tuning your message service. A
benchmark allows the effect of a change or a set of changes to be more accurately predicted.
As a general rule, benchmarks should be run in a controlled test environment and for a long
enough period of time for your message service to stabilize. (Performance is negatively affected
at startup by the just-in-time compilation that turns Java code into machine code.)
To establish baseline use patterns you need to monitor your message service over an extended
period of time, looking at data such as the following:
■ Number of connections
■ Number of messages stored in the broker (or in particular physical destinations)
■ Message flows into and out of a broker (or particular physical destinations)
■ Numbers of active consumers
You can also use average and peak values provided in metrics data.
It is important to check these baseline metrics against design expectations. By doing so, you are
checking that client code is behaving properly: for example, that connections are not being left
open or that consumed messages are not being left unacknowledged. These coding errors
consume broker resources and could significantly affect performance.
The base-line use patterns help you determine how to tune your system for optimal
performance. For example:
■ If one physical destination is used significantly more than others, you might want to set
higher message memory limits on that physical destination than on others, or to adjust limit
behaviors accordingly.
■ If the number of connections needed is significantly greater than allowed by the maximum
thread pool size, you might want to increase the thread pool size or adopt a shared thread
model.
■ If peak message flows are substantially greater than average flows, that might influence the
limit behaviors you employ when memory runs low.
In general, the more you know about use patterns, the better you are able to tune your system to
those patterns and to plan for future needs.
216 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Factors Affecting Performance
Broker
2
Producing
Client
3 Data
Store
Client
Runtime 4
5
MyQDest
8 6 Consuming
Client
9 7
Client
10
Runtime
Payload messages
Control messages
The most important factors affecting performance are those that affect the reliability of message
delivery. Among these are the following:
■ “Delivery Mode (Persistent/Nonpersistent Messages)” on page 219
■ “Use of Transactions” on page 219
■ “Acknowledgment Mode” on page 220
■ “Durable and Nondurable Subscriptions” on page 221
The sections that follow describe the effect of each of these factors on messaging performance.
As a general rule, there is a tradeoff between performance and reliability: factors that increase
reliability tend to decrease performance.
Table 11–1 shows how the various application design factors generally affect messaging
performance. The table shows two scenarios—one high-reliability, low-performance, and one
high-performance, low-reliability—and the choices of application design factors that
characterize each. Between these extremes, there are many choices and tradeoffs that affect both
reliability and performance.
218 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Factors Affecting Performance
Message size Large number of small messages Small number of large messages
Broker processing of persistent messages is slower than for nonpersistent messages for the
following reasons:
■ A broker must reliably store a persistent message so that it will not be lost should the broker
fail.
■ The broker must confirm receipt of each persistent message it receives. Delivery to the
broker is guaranteed once the method producing the message returns without an exception.
■ Depending on the client acknowledgment mode, the broker might need to confirm a
consuming client’s acknowledgment of a persistent message.
For both queues and topics with durable subscribers, performance was approximately 40%
faster for nonpersistent messages. We obtained these results using 10k-sized messages and
AUTO_ACKNOWLEDGE mode
Use of Transactions
A transaction is a guarantee that all messages produced in a transacted session and all messages
consumed in a transacted session will be either processed or not processed (rolled back) as a
unit.
Note – To improve performance, Message Queue message brokers are configured by default to
use a memory-mapped file to store transaction data. On file systems that do not support
memory-mapped files, you can disable this behavior by setting the broker property
imq.persist.file.transaction.memorymappedfile.enabled to false.
Acknowledgment Mode
One mechanism for ensuring the reliability of JMS message delivery is for a client to
acknowledge consumption of messages delivered to it by the Message Queue broker.
If a session is closed without the client acknowledging the message or if the broker fails before
the acknowledgment is processed, the broker redelivers that message, setting a JMSRedelivered
flag.
For a nontransacted session, the client can choose one of three acknowledgment modes, each of
which has its own performance characteristics:
■ AUTO_ACKNOWLEDGE. The system automatically acknowledges a message once the consumer
has processed it. This mode guarantees at most one redelivered message after a provider
failure.
■ CLIENT_ACKNOWLEDGE. The application controls the point at which messages are
acknowledged. All messages processed in that session since the previous acknowledgment
are acknowledged. If the broker fails while processing a set of acknowledgments, one or
more messages in that group might be redelivered.
■ DUPS_OK_ACKNOWLEDGE. This mode instructs the system to acknowledge messages in a lazy
manner. Multiple messages can be redelivered after a provider failure.
220 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Factors Affecting Performance
■ In AUTO_ACKNOWLEDGE and CLIENT_ACKNOWLEDGE modes, the client must wait until the
broker confirms that it has processed the client’s acknowledgment before the client can
consume additional messages. (This broker confirmation guarantees that the broker will not
inadvertently redeliver these messages.)
■ The Message Queue persistent store must be updated with the acknowledgment
information for all persistent messages received by consumers, thereby decreasing
performance.
Durable subscriptions provide increased reliability but slower throughput, for the following
reasons:
■ The Message Queue message service must persistently store the list of messages assigned to
each durable subscription so that should a broker fail, the list is available after recovery.
■ Persistent messages for durable subscriptions are stored persistently, so that should a broker
fail, the messages can still be delivered after recovery, when the corresponding consumer
becomes active. By contrast, persistent messages for nondurable subscriptions are not
stored persistently (should a broker fail, the corresponding consumer connection is lost and
the message would never be delivered).
We compared performance for durable and nondurable subscribers in two cases: persistent and
nonpersistent 10k-sized messages. Both cases use AUTO_ACKNOWLEDGE acknowledgment mode.
We found an effect on performance only in the case of persistent messages which slowed
durables by about 30%
A selector is a string requesting that only messages with property values that match the string
are delivered to a particular consumer. For example, the selector NumberOfOrders >1 delivers
only the messages with a NumberOfOrders property value of 2 or more.
Creating consumers with selectors lowers performance (as compared to using multiple physical
destinations) because additional processing is required to handle each message. When a
selector is used, it must be parsed so that it can be matched against future messages.
Additionally, the message properties of each message must be retrieved and compared against
the selector as each message is routed. However, using selectors provides more flexibility in a
messaging application.
Message Size
Message size affects performance because more data must be passed from producing client to
broker and from broker to consuming client, and because for persistent messages a larger
message must be stored.
However, by batching smaller messages into a single message, the routing and processing of
individual messages can be minimized, providing an overall performance gain. In this case,
information about the state of individual messages is lost.
In our tests, which compared throughput in kilobytes per second for 1k, 10k, and 100k-sized
messages to a queue destination and AUTO_ACKNOWLEDGE acknowledgment mode, we found that
nonpersistent messaging was about 50% faster for 1k messages, about 20% faster for 10k
messages, and about 5% faster for 100k messages. The size of the message affected performance
significantly for both persistent and nonpersistent messages. 100k messages are about 10 times
faster than 10k, and 10k are about 5 times faster than 1k.
While, in general, the message type is dictated by the needs of an application, the more
complicated types (MapMessage and ObjectMessage) carry a performance cost: the expense of
serializing and deserializing the data. The performance cost depends on how simple or how
complicated the data is.
The following sections discuss various message service factors that can affect performance.
Understanding the effect of these factors is key to sizing a message service and diagnosing and
resolving performance bottlenecks that might arise in a deployed application.
The most important factors affecting performance in a Message Queue service are the
following:
■ “Hardware” on page 223
■ “Operating System” on page 223
222 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Factors Affecting Performance
The sections below describe the effect of each of these factors on messaging performance.
Hardware
For both the Message Queue broker and client applications, CPU processing speed and
available memory are primary determinants of message service performance. Many software
limitations can be eliminated by increasing processing power, while adding memory can
increase both processing speed and capacity. However, it is generally expensive to overcome
bottlenecks simply by upgrading your hardware.
Operating System
Because of the efficiencies of different operating systems, performance can vary, even assuming
the same hardware platform. For example, the thread model employed by the operating system
can have an important effect on the number of concurrent connections a broker can support. In
general, all hardware being equal, Solaris is generally faster than Linux, which is generally faster
than Windows.
In particular, the JVM’s management of memory resources can be critical. Sufficient memory
has to be allocated to the JVM to accommodate increasing memory loads. In addition, the JVM
periodically reclaims unused memory, and this memory reclamation can delay message
processing. The larger the JVM memory heap, the longer the potential delay that might be
experienced during memory reclamation.
Connections
The number and speed of connections between client and broker can affect the number of
messages that a message service can handle as well as the speed of message delivery.
The number of connections to a broker is generally limited by the number of threads available.
Message Queue can be configured to support either a dedicated thread model or a shared thread
model (see “Thread Pool Management” on page 77).
The dedicated thread model is very fast because each connection has dedicated threads,
however the number of connections is limited by the number of threads available (one input
thread and one output thread for each connection). The shared thread model places no limit on
the number of connections, however there is significant overhead and throughput delays in
sharing threads among a number of connections, especially when those connections are busy.
Transport Protocols
Message Queue software allows clients to communicate with the broker using various low-level
transport protocols. Message Queue supports the connection services (and corresponding
protocols) described in “Connection Services” on page 76.
SLOW FAST
Our tests compared throughput for TCP and SSL for two cases: a high-reliability scenario (1k
persistent messages sent to topic destinations with durable subscriptions and using
AUTO_ACKNOWLEDGE acknowledgment mode) and a high-performance scenario (1k
nonpersistent messages sent to topic destinations without durable subscriptions and using
DUPS_OK_ACKNOWLEDGE acknowledgment mode).
In general we found that protocol has less effect in the high-reliability case. This is probably
because the persistence overhead required in the high-reliability case is a more important factor
in limiting throughput than the protocol speed. Additionally:
■ TCP provides the fastest method to communicate with the broker.
■ SSL is 50 to 70 percent slower than TCP when it comes to sending and receiving messages
(50 percent for persistent messages, closer to 70 percent for nonpersistent messages).
Additionally, establishing the initial connection is slower with SSL (it might take several
seconds) because the client and broker (or Web Server in the case of HTTPS) need to
establish a private key to be used when encrypting the data for transmission. The
performance drop is caused by the additional processing required to encrypt and decrypt
each low-level TCP packet.
224 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Factors Affecting Performance
■ HTTP is slower than either the TCP or SSL. It uses a servlet that runs on a Web server as a
proxy between the client and the broker. Performance overhead is involved in encapsulating
packets in HTTP requests and in the requirement that messages go through two
hops--client to servlet, servlet to broker--to reach the broker.
■ HTTPS is slower than HTTP because of the additional overhead required to encrypt the
packet between client and servlet and between servlet and broker.
As the number of clients connected to a broker increases, and as the number of messages being
delivered increases, a broker will eventually exceed resource limitations such as file descriptor,
thread, and memory limits. One way to accommodate increasing loads is to add more broker
instances to a Message Queue message service, distributing client connections and message
routing and delivery across multiple brokers.
In general, this scaling works best if clients are evenly distributed across the cluster, especially
message producing clients. Because of the overhead involved in delivering messages between
the brokers in a cluster, clusters with limited numbers of connections or limited message
delivery rates, might exhibit lower performance than a single broker.
You might also use a broker cluster to optimize network bandwidth. For example, you might
want to use slower, long distance network links between a set of remote brokers within a cluster,
while using higher speed links for connecting clients to their respective broker instances.
The Message Queue message broker has mechanisms built in for managing memory resources
and preventing the broker from running out of memory. These mechanisms include
configurable limits on the number of messages or message bytes that can be held by a broker or
its individual physical destinations, and a set of behaviors that can be instituted when physical
destination limits are reached.
With careful monitoring and tuning, these configurable mechanisms can be used to balance the
inflow and outflow of messages so that system overload cannot occur. While these mechanisms
consume overhead and can limit message throughput, they nevertheless maintain operational
integrity.
System Adjustments
The following sections describe adjustments you can make to the operating system, JVM, and
communication protocols.
226 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Adjusting Configuration To Improve Performance
However, if the maximum Java heap space is set too high, in relation to system physical
memory, the broker can continue to grow the Java heap space until the entire system runs out of
memory. This can result in diminished performance, unpredictable broker crashes, and/or
affect the behavior of other applications and services running on the system. In general, you
need to allow enough physical memory for the operating system and other applications to run
on the machine.
In general it is a good idea to evaluate the normal and peak system memory footprints, and
configure the Java heap size so that it is large enough to provide good performance, but not so
large as to risk system memory problems.
To change the minimum and maximum heap size for the broker, use the -vmargs command
line option when starting the broker. For example:
This command will set the starting Java heap size to 256MB and the maximum Java heap size to
1GB.
■ On Solaris or Linux, if starting the broker via /etc/rc* (that is, /etc/init.d/imq), specify
broker command line arguments in the file /etc/imq/imqbrokerd.conf (Solaris) or
/etc/opt/sun/mq/imqbrokerd.conf (Linux). See the comments in that file for more
information.
■ On Windows, if starting the broker as a Window’s service, specify JVM arguments using the
-vmargs option to the imqsvcadmin install command. See “Service Administrator Utility”
on page 280 in Chapter 13, “Command Line Reference”
In any case, verify settings by checking the broker’s log file or using the imqcmd metrics bkr -m
cxn command.
nodelay
The nodelay property affects Nagle’s algorithm (the value of the TCP_NODELAY socket-level
option on TCP/IP) for the given protocol. Nagle’s algorithm is used to improve TCP
performance on systems using slow connections such as wide-area networks (WANs).
When the algorithm is used, TCP tries to prevent several small chunks of data from being sent
to the remote system (by bundling the data in larger packets). If the data written to the socket
does not fill the required buffer size, the protocol delays sending the packet until either the
buffer is filled or a specific delay time has elapsed. Once the buffer is full or the timeout has
occurred, the packet is sent.
For most messaging applications, performance is best if there is no delay in the sending of
packets (Nagle’s algorithm is not enabled). This is because most interactions between client and
broker are request/response interactions: the client sends a packet of data to the broker and
waits for a response. For example, typical interactions include:
■ Creating a connection
■ Creating a producer or consumer
■ Sending a persistent message (the broker confirms receipt of the message)
■ Sending a client acknowledgment in an AUTO_ACKNOWLEDGE or CLIENT_ACKNOWLEDGE session
(the broker confirms processing of the acknowledgment)
For these interactions, most packets are smaller than the buffer size. This means that if Nagle’s
algorithm is used, the broker delays several milliseconds before sending a response to the
consumer.
However, Nagle’s algorithm may improve performance in situations where connections are
slow and broker responses are not required. This would be the case where a client sends a
nonpersistent message or where a client acknowledgment is not confirmed by the broker
(DUPS_OK_ACKNOWLEDGE session).
inbufsz/outbufsz
The inbufsz property sets the size of the buffer on the input stream reading data coming in
from a socket. Similarly, outbufsz sets the buffer size of the output stream used by the broker to
write data to the socket.
In general, both parameters should be set to values that are slightly larger than the average
packet being received or sent. A good rule of thumb is to set these property values to the size of
the average packet plus 1 kilobyte (rounded to the nearest kilobyte). For example, if the broker
is receiving packets with a body size of 1 kilobyte, the overall size of the packet (message body
plus header plus properties) is about 1200 bytes; an inbufsz of 2 kilobytes (2048 bytes) gives
reasonable performance. Increasing inbufsz or outbufsz greater than that size may improve
performance slightly, but increases the memory needed for each connection.
228 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Adjusting Configuration To Improve Performance
HTTP/HTTPS Tuning
In addition to the general properties discussed in the previous two sections, HTTP/HTTPS
performance is limited by how fast a client can make HTTP requests to the Web server hosting
the Message Queue tunnel servlet.
A Web server might need to be optimized to handle multiple requests on a single socket. With
JDK version 1.4 and later, HTTP connections to a Web server are kept alive (the socket to the
Web server remains open) to minimize resources used by the Web server when it processes
multiple HTTP requests. If the performance of a client application using JDK version 1.4 is
slower than the same application running with an earlier JDK release, you might need to tune
the Web server keep-alive configuration parameters to improve performance.
In addition to such Web server tuning, you can also adjust how often a client polls the Web
server. HTTP is a request-based protocol. This means that clients using an HTTP-based
protocol periodically need to check the Web server to see if messages are waiting. The
imq.httpjms.http.pullPeriod broker property (and the corresponding
imq.httpsjms.https.pullPeriod property) specifies how often the Message Queue client
runtime polls the Web server.
If the pullPeriod value is −1 (the default value), the client runtime polls the server as soon as
the previous request returns, maximizing the performance of the individual client. As a result,
each client connection monopolizes a request thread in the Web server, possibly straining Web
server resources.
If the pullPeriod value is a positive number, the client runtime periodically sends requests to
the Web server to see if there is pending data. In this case, the client does not monopolize a
request thread in the Web server. Hence, if large numbers of clients are using the Web server,
you might conserve Web server resources by setting the pullPeriod to a positive value.
Broker Adjustments
The following sections describe adjustments you can make to broker properties to improve
performance.
For example:
imq.system.max_count=5000
The defined value above means that the broker will only hold up to 5000
undelivered/unacknowledged messages. If additional messages are sent, they are rejected by the
broker. If a message is persistent then the producer will get an exception when it tries to send
the message. If the message is nonpersistent, the broker silently drops the message.
When an exception is returned in sending a message, the client should pause for a moment and
retry the send again. (Note that the exception will never be due to the broker’s failure to receive a
message; the only exceptions raised are those detected by the client on the sending side.)
To achieve optimal message throughput there must be a sufficient number of active consumers
to keep up with the rate of message production for the queue, and the messages in the queue
must be routed and then delivered to the active consumers in such a way as to maximize their
rate of consumption. The general mechanism for balancing message delivery among multiple
consumers is described in the Message Queue Technical Overview.
If messages are accumulating in the queue, it is possible that there is an insufficient number of
active consumers to handle the message load. It is also possible that messages are being
delivered to consumers in batch sizes that cause messages to be backing up on the consumers.
For example, if the batch size (consumerFlowLimit) is too large, one consumer might receive all
the messages in a queue while other active consumers receive none. If consumers are very fast,
this might not be a problem. However, if consumers are relatively slow, you want messages to be
distributed to them evenly, and therefore you want the batch size to be small. Although smaller
batch sizes require more overhead to deliver messages to consumers, for slow consumers there
is generally a net performance gain in using small batch sizes. In the extreme case, setting
230 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Adjusting Configuration To Improve Performance
Payload messages are batched (as specified with the connection factory attribute
imqConnectionFlowCount) so that only a set number are delivered. After the batch has been
delivered, delivery of payload messages is suspended and only pending control messages are
delivered. This cycle repeats, as additional batches of payload messages are delivered followed
by pending control messages.
The value of imqConnectionFlowCount should be kept low if the client is doing operations that
require many responses from the broker: for example, if the client is using
CLIENT_ACKNOWLEDGE or AUTO_ACKNOWLEDGE mode, persistent messages, transactions, or queue
browsers, or is adding or removing consumers. If, on the other hand, the client has only simple
consumers on a connection using DUPS_OK_ACKNOWLEDGE mode, you can increase
imqConnectionFlowCount without compromising performance.
The following example illustrates the use of these limits: consider the default settings for topic
consumers:
imqConsumerFlowLimit=1000
imqConsumerFlowThreshold=50
When the consumer is created, the broker delivers an initial batch of 1000 messages (providing
they exist) to this consumer without pausing. After sending 1000 messages, the broker stops
delivery until the client runtime asks for more messages. The client runtime holds these
messages until the application processes them. The client runtime then allows the application to
consume at least 50% (imqConsumerFlowThreshold ) of the message buffer capacity (i.e. 500
messages) before asking the broker to send the next batch.
In the same situation, if the threshold were 10%, the client runtime would wait for the
application to consume at least 900 messages before asking for the next batch.
So if imqConsumerFlowThreshold is 50%, the next batch size can fluctuate between 500 and
1000, depending on how fast the application can process the messages.
If the imqConsumerFlowThreshold is set too high (close to 100%), the broker will tend to send
smaller batches, which can lower message throughput. If the value is set too low (close to 0%),
the client may be able to finish processing the remaining buffered messages before the broker
delivers the next set, again degrading message throughput. Generally speaking, unless you have
specific performance or reliability concerns, you will not need to change the default value of
imqConsumerFlowThreshold attribute.
The consumer-based flow controls (in particular, imqConsumerFlowLimit ) are the best way to
manage memory in the client runtime. Generally, depending on the client application, you
know the number of consumers you need to support on any connection, the size of the
messages, and the total amount of memory that is available to the client runtime.
Connection-level flow controls limit the total number of messages buffered for all consumers
on a connection. If this number exceeds the value of imqConnectionFlowLimit, delivery of
messages through the connection stops until that total drops below the connection limit. (The
imqConnectionFlowLimit attribute is enabled only if you set
imqConnectionFlowLimitEnabled to true.)
232 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Adjusting Configuration To Improve Performance
Troubleshooting
1 2
This chapter explains how to understand and resolve the following problems:
■ “A Client Cannot Establish a Connection” on page 235
■ “Connection Throughput Is Too Slow” on page 239
■ “A Client Cannot Create a Message Producer” on page 241
■ “Message Production Is Delayed or Slowed” on page 242
■ “Messages Are Backlogged” on page 244
■ “Broker Throughput Is Sporadic” on page 248
■ “Messages Are Not Reaching Consumers” on page 249
■ “Dead Message Queue Contains Messages” on page 252
When problems occur, it is useful to check the version number of the installed Message Queue
software. Use the version number to ensure that you are using documentation whose version
matches the software version. You also need the version number to report a problem to Sun. To
check the version number, issue the following command:
imqcmd -v
Possible causes:
■ Client applications are not closing connections, causing the number of connections to
exceed resource limitations.
■ Broker is not running or there is a network connectivity problem.
■ Connection service is inactive or paused.
235
A Client Cannot Establish a Connection
Possible cause: Client applications are not closing connections, causing the number of connections to
exceed resource limitations.
To confirm this cause of the problem: List all connections to a broker:
imqcmd list cxn
The output will list all connections and the host from which each connection has been made,
revealing an unusual number of open connections for specific clients.
To resolve the problem: Rewrite the offending clients to close unused connections.
236 Sun Java System Message Queue 4.1 Administration Guide • September 2007
A Client Cannot Establish a Connection
■ If the status of a connection service is shown as paused, resume the service (see “Pausing and
Resuming a Connection Service” on page 106).
Possible cause: Too few threads available for the number of connections required.
To confirm this cause of the problem: Check for the following entry in the broker log:
WARNING [B3004]: No threads are available to process a new connection on service
...
Closing the new connection.
Also check the number of connections on the connection service and the number of threads
currently in use, using one of the following formats:
imqcmd query svc -n serviceName
imqcmd metrics svc -n serviceName -m cxn
Each connection requires two threads: one for incoming messages and one for outgoing
messages (see “Thread Pool Management” on page 77).
To resolve the problem:
■ If you are using a dedicated thread pool model (imq.serviceName.threadpool_model=
dedicated), the maximum number of connections is half the maximum number of threads
in the thread pool. Therefore, to increase the number of connections, increase the size of the
thread pool (imq.serviceName.max_threads) or switch to the shared thread pool model.
■ If you are using a shared thread pool model
(imq.serviceName.threadpool_model=shared), the maximum number of connections is
half the product of the connection monitor limit
(imq.serviceName.connectionMonitor_limit) and the maximum number of threads
(imq.serviceName.max_threads). Therefore, to increase the number of connections,
increase the size of the thread pool or increase the connection monitor limit.
■ Ultimately, the number of supportable connections (or the throughput on connections) will
reach input/output limits. In such cases, use a multiple-broker cluster to distribute
connections among the broker instances within the cluster.
Possible cause: Too few file descriptors for the number of connections required on the Solaris or Linux
platform.
For more information about this issue, see “Setting the File Descriptor Limit” on page 68.
To confirm this cause of the problem: Check for an entry in the broker log similar to the
following:
Too many open files
To resolve the problem: Increase the file descriptor limit, as described in the man page for the
ulimit command.
Possible cause: TCP backlog limits the number of simultaneous new connection requests that can be
established.
The TCP backlog places a limit on the number of simultaneous connection requests that can be
stored in the system backlog (imq.portmapper.backlog) before the Port Mapper rejects
additional requests. (On the Windows platform there is a hard-coded backlog limit of 5 for
Windows desktops and 200 for Windows servers.)
The rejection of requests because of backlog limits is usually a transient phenomenon, due to an
unusually high number of simultaneous connection requests.
To confirm this cause of the problem: Examine the broker log. First, check to see whether the
broker is accepting some connections during the same time period that it is rejecting others.
Next, check for messages that explain rejected connections. If you find such messages, the TCP
backlog is probably not the problem, because the broker does not log connection rejections due
to the TCP backlog. If some successful connections are logged, and no connection rejections are
logged, the TCP backlog is probably the problem.
To resolve the problem:
■ Program the client to retry the attempted connection after a short interval of time (this
normally works because of the transient nature of this problem).
■ Increase the value of imq.portmapper.backlog.
■ Check that clients are not closing and then opening connections too often.
238 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Throughput Is Too Slow
■ If you are using a file-based user repository, enter the following command:
imqusermgr list -i instanceName -u userName
If the output shows a user, the wrong password was probably submitted. If the output shows
the following error, there is no entry for the user in the user repository:
Error [B3048]: User does not exist in the password file
■ If you are using an LDAP server user repository, use the appropriate tools to check whether
there is an entry for the user.
■ Check the access control file to see whether there are restrictions on access to the connection
service.
To resolve the problem:
■ If the wrong password was used, provide the correct password.
■ If there is no entry for the user in the user repository, add one (see “Adding a User to the
Repository” on page 169).
■ If the user does not have access permission for the connection service, edit the access control
file to grant such permission (see “Authorization Rules for Connection Services” on
page 183).
Possible causes:
■ Network connection or WAN is too slow.
■ Connection service protocol is inherently slow compared to TCP.
■ Connection service protocol is not optimally tuned.
■ Messages are so large that they consume too much bandwidth.
■ What appears to be slow connection throughput is actually a bottleneck in some other step
of the message delivery process.
■ Send and receive messages using local clients and compare the delivery time with that of
remote clients (which use a network link).
To resolve the problem: Upgrade the network link.
Possible cause: Messages are so large that they consume too much bandwidth.
To confirm this cause of the problem: Try running your benchmark with smaller-sized messages.
To resolve the problem:
■ Have application developers modify the application to use the message compression feature,
which is described in the Message Queue Developer’s Guide for Java Clients.
■ Use messages as notifications of data to be sent, but move the data using another protocol.
Possible cause: What appears to be slow connection throughput is actually a bottleneck in some other step
of the message delivery process.
To confirm this cause of the problem: If what appears to be slow connection throughput cannot be
explained by any of the causes above, see “Factors Affecting Performance” on page 216 for other
possible bottlenecks and check for symptoms associated with the following problems:
■ “Message Production Is Delayed or Slowed” on page 242
■ “Messages Are Backlogged” on page 244
■ “Broker Throughput Is Sporadic” on page 248
To resolve the problem: Follow the problem resolution guidelines provided in the
troubleshooting sections listed above.
240 Sun Java System Message Queue 4.1 Administration Guide • September 2007
A Client Cannot Create a Message Producer
Possible causes:
■ A physical destination has been configured to allow only a limited number of producers.
■ The user is not authorized to create a message producer due to settings in the access control
file.
Possible cause: A physical destination has been configured to allow only a limited number of producers.
One of the ways of avoiding the accumulation of messages on a physical destination is to limit
the number of producers (maxNumProducers) that it supports.
To confirm this cause of the problem: Check the physical destination:
imqcmd query dst
(see “Viewing Physical Destination Information” on page 120). The output will show the
current number of producers and the value of maxNumProducers. If the two values are the same,
the number of producers has reached its configured limit. When a new producer is rejected by
the broker, the broker returns the exception
ResourceAllocationException [C4088]: A JMS destination limit was reached
and makes the following entry in the broker log:
[B4183]: Producer can not be added to destination
To resolve the problem: Increase the value of the maxNumProducers property (see “Updating
Physical Destination Properties” on page 119).
Possible cause: The user is not authorized to create a message producer due to settings in the access
control file.
To confirm this cause of the problem: When a new producer is rejected by the broker, the broker
returns the exception
JMSSecurityException [C4076]: Client does not have permission to create producer
on destination
and makes the following entries in the broker log:
[B2041]: Producer on destination denied
[B4051]: Forbidden guest.
To resolve the problem: Change the access control properties to allow the user to produce
messages (see “Authorization Rules for Physical Destinations” on page 184).
Possible causes:
■ The broker is backlogged and has responded by slowing message producers.
■ The broker cannot save a persistent message to the data store.
■ Broker acknowledgment timeout is too short.
■ A producing client is encountering JVM limitations.
Possible cause: The broker is backlogged and has responded by slowing message producers.
A backlogged broker accumulates messages in broker memory. When the number of messages
or message bytes in physical destination memory reaches configured limits, the broker attempts
to conserve memory resources in accordance with the specified limit behavior. The following
limit behaviors slow down message producers:
■ FLOW_CONTROL: The broker does not immediately acknowledge receipt of persistent
messages (thereby blocking a producing client).
■ REJECT_NEWEST: The broker rejects new persistent messages.
Similarly, when the number of messages or message bytes in brokerwide memory (for all
physical destinations) reaches configured limits, the broker will attempt to conserve memory
resources by rejecting the newest messages. Also, when system memory limits are reached
because physical destination or brokerwide limits have not been set properly, the broker takes
increasingly serious action to prevent memory overload. These actions include throttling back
message producers.
To confirm this cause of the problem: When a message is rejected by the broker because of
configured message limits, the broker returns the exception
JMSException [C4036]: A server error occurred
and makes the following entry in the broker log:
[B2011]: Storing of JMS message from IMQconn failed
This message is followed by another indicating the limit that has been reached:
[B4120]: Cannot store message on destination destName because capacity of
maxNumMsgs would be exceeded.
if the exceeded message limit is on a physical destination, or
[B4024]: The maximum number of messages currrently in the system has been
exceeded, rejecting message.
if the limit is brokerwide.
242 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Message Production Is Delayed or Slowed
More generally, you can check for message limit conditions before the rejections occur as
follows:
■ Query physical destinations and the broker and inspect their configured message limit
settings.
■ Monitor the number of messages or message bytes currently in a physical destination or in
the broker as a whole, using the appropriate imqcmd commands. See Chapter 18, “Metrics
Reference” for information about metrics you can monitor and the commands you use to
obtain them.
To resolve the problem:
■ Modify the message limits on a physical destination (or brokerwide), being careful not to
exceed memory resources.
In general, you should manage memory at the individual destination level, so that
brokerwide message limits are never reached. For more information, see “Broker
Adjustments” on page 229.
■ Change the limit behaviors on a destination so as not to slow message production when
message limits are reached, but rather to discard messages in memory.
For example, you can specify the REMOVE_OLDEST and REMOVE_LOW_PRIORITY limit
behaviors, which delete messages that accumulate in memory (see Table 15–1).
Possible cause: The broker cannot save a persistent message to the data store.
If the broker cannot access a data store or write a persistent message to it, the producing client is
blocked. This condition can also occur if destination or brokerwide message limits are reached,
as described above.
To confirm this cause of the problem: If the broker is unable to write to the data store, it makes
one of the following entries in the broker log:
[B2011]: Storing of JMS message from connectionID failed
[B4004]: Failed to persist message messageID
To resolve the problem:
■ In the case of file-based persistence, try increasing the disk space of the file-based data store.
■ In the case of a JDBC-compliant data store, check that JDBC-based persistence is properly
configured (see “Configuring a Persistent Data Store” on page 92). If so, consult your
database administrator to troubleshoot other database problems.
To see whether messages are accumulating, check how the number of messages or message
bytes in the broker changes over time and compare to configured limits. First check the
configured limits:
Note – The imqcmd metrics bkr subcommand does not display this information.
To see whether messages have exceeded configured destination or brokerwide limits, check the
broker log for the entry
This entry will be followed by another identifying the limit that has been exceeded.
Possible causes:
■ There are inactive durable subscriptions on a topic destination.
244 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Messages Are Backlogged
Possible cause: Too few consumers are available to consume messages in a queue.
If there are too few active consumers to which messages can be delivered, a queue destination
can become backlogged as messages accumulate. This condition can occur for any of the
following reasons:
■ Too few active consumers exist for the destination.
■ Consuming clients have failed to establish connections.
■ No active consumers use a selector that matches messages in the queue.
To confirm this cause of the problem: To help determine the reason for unavailable
consumers, check the number of active consumers on a destination:
imqcmd metrics dst -n destName -t q -m con
To resolve the problem: Depending on the reason for unavailable consumers,
■ Create more active consumers for the queue by starting up additional consuming clients.
■ Adjust the imq.consumerFlowLimit broker property to optimize queue delivery to multiple
consumers (see “Multiple Consumer Queue Performance” on page 230).
■ Specify message limit and limit behavior attributes for the queue (see Table 15–1). For
example, you can specify the REMOVE_OLDEST and REMOVE_LOW_PRIOROTY limit behaviors,
which delete messages that accumulate in memory.
■ Purge all messages from the corresponding destinations (see “Purging a Physical
Destination” on page 119).
■ Limit the time messages can remain in memory by rewriting the producing client to set a
time-to-live value on each message. You can override any such setting for all producers
sharing a connection by setting the imqOverrideJMSExpiration and imqJMSExpiration
connection factory attributes (see “Message Header Overrides” on page 324).
Possible cause: Message consumers are processing too slowly to keep up with message producers.
In this case, topic subscribers or queue receivers are consuming messages more slowly than the
producers are sending messages. One or more destinations are getting backlogged with
messages because of this imbalance.
To confirm this cause of the problem: Check for the rate of flow of messages into and out of
the broker:
imqcmd metrics bkr -m rts
Then check flow rates for each of the individual destinations:
imqcmd metrics bkr -t destType -n destName -m rts
To resolve the problem:
■ Optimize consuming client code.
■ For queue destinations, increase the number of active consumers (see “Multiple Consumer
Queue Performance” on page 230).
246 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Messages Are Backlogged
Possible cause: Client code defects; consumers are not acknowledging messages.
Messages are held in a destination until they have been acknowledged by all consumers to
which they have been sent. If a client is not acknowledging consumed messages, the messages
accumulate in the destination without being deleted.
For example, client code might have the following defects:
■ Consumers using the CLIENT_ACKNOWLEDGE acknowledgment mode or transacted session
may not be calling Session.acknowledge or Session.commit regularly.
■ Consumers using the AUTO_ACKNOWLEDGE acknowledgment mode may be hanging for some
reason.
To confirm this cause of the problem: First check all other possible causes listed in this section.
Next, list the destination with the following command:
imqcmd list dst
Notice whether the number of messages listed under the UnAcked header is the same as the
number of messages in the destination. Messages under this header were sent to consumers but
not acknowledged. If this number is the same as the total number of messages, then the broker
has sent all the messages and is waiting for acknowledgment.
To resolve the problem: Request the help of application developers in debugging this problem.
Possible causes:
■ The broker is very low on memory resources.
■ JVM memory reclamation (garbage collection) is taking place.
■ The JVM is using the just-in-time compiler to speed up performance.
248 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Messages Are Not Reaching Consumers
Possible cause: The JVM is using the just-in-time compiler to speed up performance.
To confirm this cause of the problem: Check that none of the other possible causes of this problem
are responsible.
To resolve the problem: Let the system run for awhile; performance should improve.
Possible causes:
■ Limit behaviors are causing messages to be deleted on the broker.
■ Message timeout value is expiring.
■ Clocks are not synchronized.
■ Consuming client failed to start message delivery on a connection.
Possible cause: Limit behaviors are causing messages to be deleted on the broker.
When the number of messages or message bytes in destination memory reach configured limits,
the broker attempts to conserve memory resources. Three of the configurable behaviors
adopted by the broker when these limits are reached will cause messages to be lost:
■ REMOVE_OLDEST: Delete the oldest messages.
■ REMOVE_LOW_PRIORITY: Delete the lowest-priority messages according to age.
■ REJECT_NEWEST: Reject new persistent messages.
To confirm this cause of the problem: Check the dead message queue, as described under
“Dead Message Queue Contains Messages” on page 252. Specifically, use the instructions under
“The number of messages, or their sizes, exceed destination limits.” Look for the
REMOVE_OLDEST or REMOVE_LOW_PRIORITY reason.
To resolve the problem: Increase the destination limits. For example:
imqcmd update dst -n MyDest -o maxNumMsgs=1000
When the QBrowser main window appears, select the queue name mq.sys.dmq and then click
Browse. A list like the following appears:
250 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Messages Are Not Reaching Consumers
Note whether the JMS_SUN_DMQ_UNDELIVERED_REASON property for messages has the value
EXPIRED.
To resolve the problem: Contact the application developers and have them increase the
time-to-live value.
Possible causes:
■ The number of messages, or their sizes, exceed destination limits.
■ The broker clock and producer clock are not synchronized.
■ Consumers are not receiving messages before they time out.
■ There are too many producers for the number of consumers.
■ Producers are faster than consumers.
■ A consumer is too slow.
■ Clients are not committing messages.
■ Consumers are failing to acknowledge messages.
■ Durable consumers are inactive.
■ An unexpected broker error has occurred.
Possible cause: The number of messages, or their sizes, exceed destination limits.
To confirm this cause of the problem: Use the QBrowser demo application to look at the contents of
the dead message queue. For the QBrowser demo’s platform-specific location, see Appendix A,
“Platform-Specific Locations of Message Queue Data” and look in the tables for “Example
Applications and Locations.”
Here is an example invocation on the Windows platform:
cd \MessageQueue3\demo\applications\qbrowser java QBrowser
252 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Dead Message Queue Contains Messages
When the QBrowser main window appears, select the queue name mq.sys.dmq and then click
Browse. A list like the one shown earlier under “Message timeout value is expiring” appears.
Double-click any message to display details about that message, as shown under “Message
timeout value is expiring.”
Note the values for the following message properties:
■ JMS_SUN_DMQ_UNDELIVERED_REASON
■ JMS_SUN_DMQ_UNDELIVERED_COMMENT
■ JMS_SUN_DMQ_UNDELIVERED_TIMESTAMP
Under JMS Headers, note the value for JMSDestination to determine the destination whose
messages are becoming dead.
To resolve the problem: Increase the destination limits. For example:
imqcmd update dst -n MyDest -o maxNumMsgs=1000
Possible cause: The broker clock and producer clock are not synchronized.
To confirm this cause of the problem: Using the QBrowser application, view the message details for
messages in the dead message queue. Check the value for JMS_SUN_DMQ_UNDELIVERED_REASON,
looking for messages with the reason EXPIRED.
In the broker log file, look for any of the following messages: B2102, B2103, B2104. These
messages all report that possible clock skew was detected.
To resolve the problem: Check that you are running a time synchronization program, as
described in “Preparing System Resources” on page 67.
Possible cause: Consumers are not receiving messages before they time out.
To verify this cause of the problem: Using the QBrowser application, view the message details for
messages in the dead message queue. Check the value for JMS_SUN_DMQ_UNDELIVERED_REASON,
looking for messages with the reason EXPIRED.
Check to see whether there any consumers on the destination. For example:
imqcmd query dst -t q -n MyDest
Check the value listed for Current Number of Active Consumers. If there are active consumers,
one of the following is true:
■ A consumer’s connection is paused.
■ The message timeout is too short for the speed at which the consumer executes.
To resolve the problem: Request that application developers increase message time-to-live
values.
Possible cause: There are too many producers for the number of consumers.
To confirm this cause of the problem: Using the QBrowser application, view the message details for
messages in the dead message queue. Check the value for JMS_SUN_DMQ_UNDELIVERED_REASON.
If the reason is REMOVE_OLDEST or REMOVE_LOW_PRIORITY, use the imqcmd query dst command
to check the number of producers and consumers on the destination. If the number of
producers exceeds the number of consumers, production rate may be overwhelming
consumption rate.
To resolve the problem: Add more consumer clients or set the destination’s limit behavior to
FLOW_CONTROL (which uses consumption rate to control production rate), using a command
such as the following:
imqcmd update dst -n myDst -t q -o consumerFlowLimit=FLOW_CONTROL
254 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Dead Message Queue Contains Messages
----------------------------------------------------------------------
Transaction ID State User name # Msgs/# Acks Creation time
----------------------------------------------------------------------
6800151593984248832 STARTED guest 3/2 7/19/04 11:03:08 AM
Note the numbers of messages and number of acknowledgments. If the number of messages is
high, producers may be sending individual messages but failing to commit transactions. Until
the broker receives a commit, it cannot route and deliver the messages for that transaction. If
the number of acknowledgments is high, consumers may be sending acknowledgments for
individual messages but failing to commit transactions. Until the broker receives a commit, it
cannot remove the acknowledgments for that transaction.
To resolve the problem: Contact application developers to fix the coding error.
256 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Dead Message Queue Contains Messages
Reference
■ Chapter 13, “Command Line Reference”
■ Chapter 14, “Broker Properties Reference”
■ Chapter 15, “Physical Destination Property Reference”
■ Chapter 16, “Administered Object Attribute Reference”
■ Chapter 17, “JMS Resource Adapter Property Reference”
■ Chapter 18, “Metrics Reference”
■ Chapter 19, “JES Monitoring Framework Reference”
259
260
13
C H A P T E R 1 3
This chapter provides reference information on the use of the Message Queue command line
administration utilities. It consists of the following sections:
■ “Command Line Syntax” on page 261
■ “Broker Utility” on page 262
■ “Command Utility” on page 266
■ “Object Manager Utility” on page 275
■ “Database Manager Utility” on page 277
■ “User Manager Utility” on page 278
■ “Service Administrator Utility” on page 280
■ “Key Tool Utility” on page 281
All the command line utilities share the following command syntax:
261
Broker Utility
Subcommands and command-level arguments, if any, must precede all options and their
arguments; the options themselves may appear in any order. All subcommands, command
arguments, options, and option arguments are separated with spaces. If the value of an option
argument contains a space, the entire value must be enclosed in quotation marks. (It is generally
safest to enclose any attribute-value pair in quotation marks.)
The following command, which starts the default broker, is an example of a command line with
no subcommand clause:
imqbrokerd
Broker Utility
The Broker utility (imqbrokerd) starts a broker. Command line options override values in the
broker configuration files, but only for the current broker session.
Table 13–1 shows the options to the imqbrokerd command and the configuration properties, if
any, overridden by each option.
262 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Utility
-dbuser userName imq.persist.jdbc.user User name for JDBC-based persistent data store
264 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Broker Utility
Command Utility
The Command utility (imqcmd) is used for managing brokers, connection services, connections,
physical destinations, durable subscriptions, and transactions.
All imqcmd commands must include a subcommand (except those using the -v or -h option to
display product version information or usage help). The possible subcommands are listed in
Table 13–2 and described in detail in the corresponding sections below. In all cases, if the
subcommand accepts a broker address (-b option) and no host name or port number is
specified, the values localhost and 7676 are assumed by default.
266 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Command Utility
Broker Management
The Command utility cannot be used to start a broker; use the Broker utility (imqbrokerd)
instead. Once the broker is started, you can use the imqcmd subcommands listed in Table 13–3
to manage and control it.
Syntax Description
268 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Command Utility
Syntax Description
270 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Command Utility
TABLE 13–4 Command Utility Subcommands for Connection Service Management (Continued)
Syntax Description
Connection Management
Table 13–5 lists the imqcmd subcommands for managing connections.
Syntax Description
Syntax Description
pause dst [-t destType -n destName] Pause message delivery for physical destination
[-pst pauseType]
Pauses message delivery for the physical destination
specified by the -t and -n options. If these options are not
specified, all destinations are paused.
The -pst option specifies the type of message delivery to be
paused:
PRODUCERS: Pause delivery from message producers
CONSUMERS: Pause delivery to message consumers
ALL: Pause all message delivery
resume dst [-t destType -n destName] Resume message delivery for physical destination
Resumes message delivery for the physical destination
specified by the -t and -n options. If these options are not
specified, all destinations are resumed.
purge dst -t destType -n destName Purge all messages from physical destination
272 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Command Utility
TABLE 13–6 Command Utility Subcommands for Physical Destination Management (Continued)
Syntax Description
Syntax Description
purge dur -n subscriberName -c clientID Purge all messages for durable subscription
Transaction Management
Table 13–8 lists the imqcmd subcommands for managing transactions.
Syntax Description
JMX Management
The imqcmd subcommand shown in Table 13–9 is used for administrative support of Message
Queue client programs using the Java Management Extensions (JMX) application
programming interface to configure and monitor Message Queue resources. See Appendix D,
“JMX Support” for further information on administrative support of JMX clients.
Syntax Description
Option Description
274 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Object Manager Utility
-rtr numRetries Number of retries to attempt after a broker request times out
Default value: 5.
Subcommand Description
Option Description
-j attribute=value Attributes of JNDI object store (see “Object Stores” on page 127)
-o attribute=value Attributes of administered object (see “Administered Object Attributes” on page 130
and Chapter 16, “Administered Object Attribute Reference”)
276 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Database Manager Utility
Subcommand Description
delete tbl Delete Message Queue database tables from current persistent store
delete oldtbl Delete Message Queue database tables from earlier-version persistent store
Used after the persistent store has been automatically migrated to the current
version of Message Queue.
Option Description
-dir dirPath Backup directory for backing up or restoring JDBC-based data store
278 Sun Java System Message Queue 4.1 Administration Guide • September 2007
User Manager Utility
Table 13–15 lists the subcommands available with the imqusermgr command. In all cases, the
-i option specifies the instance name of the broker to whose user repository the command
applies; if not specified, the default name imqbroker is assumed.
Syntax Description
In addition, the options listed in Table 13–16 can be applied to any subcommand of the
imqusermgr command.
Option Description
Subcommand Description
Option Description
-vmargs arg1 [ [arg2] … ] Additional arguments to pass to Java Virtual Machine (JVM) running broker
service1
Example:
imqsvcadmin install -vmargs "-Xms16m -Xmx128m"
-args arg1 [ [arg2] … ] Additional command line arguments to pass to broker service1
Example:
imqsvcadmin install -args "-passfile d:\\imqpassfile"
See “Broker Utility” on page 262 for information about broker command line
arguments.
280 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Key Tool Utility
Any information you specify using the -javahome, -vmargs, and -args options is stored in the
Windows registry under the keys JREHome, JVMArgs, and ServiceArgs in the path
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iMQ_Broker\Parameters
imqkeytool -broker
On UNIX systems, you may need to run the utility from the root user account.
This chapter provides reference information about configuration properties for a message
broker. It consists of the following sections:
■ “Connection Properties” on page 283
■ “Routing Properties” on page 286
■ “Persistence Properties” on page 290
■ “Security Properties” on page 293
■ “Monitoring Properties” on page 298
■ “Cluster Configuration Properties” on page 302
■ “JMX Properties” on page 304
■ “Alphabetical List of Broker Properties” on page 307
Connection Properties
Table 14–1 lists the broker properties related to connection services.
283
Connection Properties
imq.hostname String All available IP Default host name or IP address for all connection
addresses services
284 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Properties
imq.serviceName.max_threads Integer jms: 1000 Number of threads beyond which no new threads are
ssljms: 500 added to the thread pool for use by the named connection
httpjms: 500 service
httpsjms : 500
Must be greater than 0 and greater than the value of
admin: 10
imq.serviceName.min_threads.
ssladmin: 10
The default value varies by connection service, as shown.
3
jms, ssljms, admin, and ssladmin services only; see Appendix C, “HTTP/HTTPS Support” for information on configuring the httpjms and httpsjms services
4
jms and admin services only
Routing Properties
Table 14–2 lists the broker properties related to routing services. Properties that configure the
automatic creation of destinations are listed in Table 14–3.
imq.system.max_size 1
String −1 Maximum total size of messages held by broker
The value may be expressed in bytes, kilobytes, or megabytes,
using the following suffixes:
b: Bytes
k: Kilobytes (1024 bytes)
m: Megabytes (1024 × 1024 = 1,048,576 bytes)
286 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Routing Properties
Examples:
1600: 1600 bytes
1600b: 1600 bytes
16k: 16 kilobytes (= 16,384 bytes)
16m: 16 megabytes (= 16,777,216 bytes)
−1: No limit
imq.resourceState.count Integer green: 5000 Maximum number of incoming messages allowed in a batch
yellow: 500 before checking whether memory resource state threshold
orange: 50 has been reached (where resourceState is green, yellow,
red: 0 orange , or red)
This limit throttles back message producers as system
memory becomes increasingly scarce.
imq.destination.DMQ.truncateBody1 Boolean false Remove message body before storing in dead message
queue?
If true, only the message header and property data will be
saved.
1,2
imq.autocreate.queue Boolean true Allow auto-creation of queue destinations?
Examples:
1600: 1600 bytes
1600b: 1600 bytes
16k: 16 kilobytes (= 16,384 bytes)
16m: 16 megabytes (= 16,777,216 bytes)
−1: No limit
288 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Routing Properties
Persistence Properties
Message Queue supports both file-based and JDBC-based models for persistent data storage.
The broker property imq.persist.store (Table 14–4) specifies which model to use. The
following sections describe the broker configuration properties for the two models.
290 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Persistence Properties
Default
Property Type Value Description
Examples:
1600: 1600 bytes
1600b: 1600 bytes
16k: 16 kilobytes (= 16,384 bytes)
16m: 16 megabytes (= 16,777,216 bytes)
Default
Property Type Value Description
imq.persist.jdbc.dbVendor String derby Name of database vendor for persistent data store:
hadb: HADB (Sun Microsystems, Inc.)
derby: Java DB (Derby, Apache Software
Foundation)
oracle: Oracle Real Application Cluster
(Oracle Corporation)
mysql: MySQL (MySQL AB)
imq.persist.jdbc.vendorName.driver String None Java class name of JDBC driver for connecting to
database from vendor vendorName
292 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Security Properties
imq.persist.jdbc.vendorName.createdburl1 String None URL for creating new database from vendor
vendorName
Needed only if the database will be created using the
Message Queue Database Manager utility
(imqdbmgr).
Security Properties
Table 14–7 lists general broker properties related to security services.
294 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Security Properties
296 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Security Properties
imq.user_repository.ldap.propertyName
Monitoring Properties
Table 14–9 lists the broker properties related to monitoring services.
298 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Monitoring Properties
imq.log.file.dirpath String See Appendix A, “Platform-Specific Path to directory containing log file
Locations of Message Queue Data”
300 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Monitoring Properties
imq.log.timezone String Local time zone Time zone for log time stamps
Possible values are the same as those
used by the method
java.util.TimeZone.getTimeZone.
Examples:
GMT
GMT−8:00
America/LosAngeles
Europe/Rome
Asia/Tokyo
Default
Property Type Value Description
file:/net/mfsserver/imq/cluster.properties
(for a file on a shared drive)
302 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Cluster Configuration Properties
1,3
imq.cluster.brokerlist String None List of broker addresses belonging to cluster
The list consists of one or more addresses, separated by commas.
Each address specifies the host name and Port Mapper port
number of a broker in the cluster, in the form
hostName:portNumber.
Example:
host1:3000,host2:8000,ctrlhost
imq.cluster.hostname4 String None Host name or IP address for cluster connection service
If specified, overrides imq.hostname (see Table 14–1) for the
cluster connection service. This might be necessary, for
instance, if the broker’s host computer has more than one
interface card installed.
imq.cluster.transport1 String tcp Network transport protocol for cluster connection service
For secure, encrypted message delivery between brokers, set this
property to ssl.
imq.cluster.masterbroker3,1 String None Host name and Port Mapper port number of host on which
cluster’s master broker (if any) is running
The value has the form hostName:portNumber, where hostName
is the host name of the master broker’s host and portNumber is its
Port Mapper port number.
Example:
ctrlhost:7676
5,1
imq.cluster.clusterid String None Cluster identifier
Must be a unique alphanumeric string of no more than n — 13
characters, where n is the maximum table name length allowed
by the database. No two running clusters may have the same
cluster identifier.
This string is appended to the names of all database tables in the
cluster’s shared persistent store.
Note – For brokers belonging to an HA cluster, this property is
used in database table names in place of imq.brokerid (see
Table 14–1).
JMX Properties
The broker properties listed in Table 14–11 support the use of the Java Management Extensions
(JMX) application programming interface by Message Queue client programs to configure and
monitor Message Queue resources. None of these properties can be set from the command line
with the Command utility (imqcmd). Instead, they can either be set at broker startup with the -D
option of the Broker utility (imqbrokerd) or edited by hand in the broker's instance
configuration file (config.properties). In addition, some of these properties
304 Sun Java System Message Queue 4.1 Administration Guide • September 2007
JMX Properties
See Appendix D, “JMX Support” for further information on administrative support of JMX
clients.
imq.jmx.connector.connectorName.urlpath String See description urlPath component of JMX service URL for
connector connectorName
Useful in cases where the JMX service URL path
must be set explicitly (such as when a shared
external RMI registry is used).
Default value: If an RMI registry is used to
store the RMI stub for JMX connectors
(imq.jmx.registry.start or
imq.jmx.registry.use set to true):
/jndi/rmi://brokerHost:rmiPort
/brokerHost/brokerPort/connectorName
If an RMI registry is not used (the default case,
imq.jmx.registry.start and
imq.jmx.registry.use both false):
/stub/rmiStub
where rmiStub is an encoded and serialized
representation of the RMI stub itself
imq.jmx.connector.connectorName.useSSL Boolean false Use Secure Socket Layer (SSL) for connector
connectorName?
306 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Alphabetical List of Broker Properties
Property Table
308 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Alphabetical List of Broker Properties
310 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Alphabetical List of Broker Properties
312 Sun Java System Message Queue 4.1 Administration Guide • September 2007
15
C H A P T E R 1 5
This chapter provides reference information about configuration properties for physical
destinations.
313
Physical Destination Properties
Examples:
1600: 1600 bytes
1600b: 1600 bytes
16k: 16 kilobytes (= 16,384 bytes)
16m: 16 megabytes (= 16,777,216 bytes)
−1: No limit
314 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Physical Destination Properties
This chapter provides reference information about the attributes of administered objects. It
consists of the following sections:
■ “Connection Factory Attributes” on page 317
■ “Destination Attributes” on page 325
Connection Handling
Table 16–1 lists the connection factory attributes for connection handling.
317
Connection Factory Attributes
318 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Factory Attributes
The value of the imqAddressList attribute is a comma-separated string specifying one or more
broker addresses to which to connect. The general syntax for each address is as follows:
scheme://address
where scheme identifies one of the addressing schemes shown in the first column of Table 16–2
and address denotes the broker address itself. The exact syntax for specifying the address
depends on the addressing scheme, as shown in the last column of the table.
320 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Factory Attributes
Not specified Not specified Specified Port Mapper port 1012 (mq://localHost:1012/jms)
Client Identification
Table 16–4 lists the connection factory attributes for client identification.
imqDefaultUsername String guest Default user name for authenticating with broker
imqDisableSetClientID Boolean false Prevent client from changing client identifier using
setClientID method?
TABLE 16–5 Connection Factory Attributes for Reliability and Flow Control
imqConnectionFlowLimit Integer 1000 Maximum number of messages per connection to deliver and
buffer for consumption
Message delivery on a connection stops when the number of
unconsumed payload messages pending (subject to flow
metering governed by imqConnectionFlowCount) exceeds this
limit. Delivery resumes only when the number of pending
messages falls below the limit. This prevents the client from
being overwhelmed with pending messages that might cause it
to run out of memory.
This attribute is ignored if imqConnectionFlowLimitEnabled is
false.
322 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Factory Attributes
TABLE 16–5 Connection Factory Attributes for Reliability and Flow Control (Continued)
Attribute Type Default Value Description
imqConsumerFlowLimit Integer 100 Maximum number of messages per consumer to deliver and
buffer for consumption
Message delivery to a given consumer stops when the number of
unconsumed payload messages pending for that consumer
exceeds this limit. Delivery resumes only when the number of
pending messages for the consumer falls below the percentage
specified by imqConsumerFlowThreshold. This can be used to
improve load balancing among multiple consumers and prevent
any single consumer from starving others on the same
connection.
This limit can be overridden by a lower value set for a queue’s
own consumerFlowLimit attribute (see Chapter 15, “Physical
Destination Property Reference”). Note also that message
delivery to all consumers on a connection is subject to the
overall limit specified by imqConnectionFlowLimit.
TABLE 16–6 Connection Factory Attributes for Queue Browser and Server Sessions
Default
Attribute Type Value Description
TABLE 16–6 Connection Factory Attributes for Queue Browser and Server Sessions (Continued)
Default
Attribute Type Value Description
imqSetJMSXUserID Boolean false Set JMSXUserID property (identity of user sending message) for
produced messages?
324 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Destination Attributes
Destination Attributes
Table 16–9 lists the attributes that can be set for a destination administered object.
This chapter describes the configuration properties of the Message Queue JMS Resource
Adapter (JMS RA), which enables you to integrate Sun JavaTM System Message Queue with any
J2EE 1.4 application server by means of the standard J2EE connector architecture (JCA). When
plugged into an application server, the Resource Adapter allows applications deployed in that
application server to use Message Queue to send and receive JMS messages.
The Message Queue JMS Resource Adapter exposes its configuration properties through three
JavaBean components:
■ The ResourceAdapter JavaBean (“ResourceAdapter JavaBean” on page 327) affects the
behavior of the Resource Adapter as a whole.
■ The ManagedConnectionFactory JavaBean (“ManagedConnectionFactory JavaBean” on
page 330) affects connections created by the Resource Adapter for use by message-driven
beans (MDBs).
■ The ActivationSpec JavaBean (“ActivationSpec JavaBean” on page 331) affects message
endpoints that represent MDBs in their interactions with the messaging system.
To set property values for these entities, you use the tools provided by your application server
for configuration and deployment of the Resource Adapter and for deployment of MDBs.
This chapter lists and describes the configuration properties of the Message Queue JMS
Resource Adapter. It contains the following sections:
ResourceAdapter JavaBean
The ResourceAdapter configuration configures the default JMS Resource Adapter behavior.
Table 17–1 lists and describes the properties with which you can configure this JavaBean.
327
ResourceAdapter JavaBean
328 Sun Java System Message Queue 4.1 Administration Guide • September 2007
ResourceAdapter JavaBean
ManagedConnectionFactory JavaBean
A managed connection factory defines the connections that the Resource Adapter provides to a
message-driven bean. Table 17–2 shows the properties of the ManagedConnectionFactory
JavaBean; if set, these properties override the corresponding properties of the ResourceAdapter
JavaBean.
330 Sun Java System Message Queue 4.1 Administration Guide • September 2007
ActivationSpec JavaBean
ActivationSpec JavaBean
Table 17–3 shows the configurable properties of the ActivationSpec JavaBean. These
properties are used by the application server when instructing the Resource Adapter to activate
a message endpoint and associate it with a message-driven bean.
332 Sun Java System Message Queue 4.1 Administration Guide • September 2007
ActivationSpec JavaBean
Metrics Reference
1 8
This chapter describes the metric information that a Message Queue message broker can
provide for monitoring, tuning, and diagnostic purposes. This information can be made
available in a variety of ways:
■ In a log file (see “Sending Metrics Data to Log Files” on page 203)
■ With the Command utility’s metrics bkr command (see “Broker Management” on
page 268)
■ In metrics messages sent to a metrics topic destination (see “Writing an Application to
Monitor Brokers” on page 210)
The tables in this chapter list the kinds of metric information available and the forms in which it
can be provided. For metrics provided through the Command utility’s metrics bkr command,
the tables list the metric type with which they can be requested; for those provided in metrics
messages, the tables list the metrics topic destination to which they are delivered. The chapter
consists of the following sections:
■ “JVM Metrics” on page 335
■ “Brokerwide Metrics” on page 336
■ “Connection Service Metrics” on page 338
■ “Physical Destination Metrics” on page 339
JVM Metrics
Table 18–1 shows the metric information that the broker reports for the broker process JVM
(Java Virtual Machine) heap.
335
Brokerwide Metrics
metrics bkr
Metric Quantity Description Log File? Metric Type Metrics Topic
JVM heap: total memory Current total memory, in bytes Yes cxn mq.metrics.jvm
JVM heap: free memory Amount of memory currently available for use, in Yes cxn mq.metrics.jvm
bytes
JVM heap: max memory Maximum allowable heap size, in bytes Yes None mq.metrics.jvm
Brokerwide Metrics
Table 18–2 shows the brokerwide metric information that the broker reports.
metrics bkr
Metric Quantity Description Log File? Metric Type Metrics Topic
Connections
Num connections Total current number of connections for all Yes cxn mq.metrics.broker
connection services
Num threads Total current number of threads for all connection Yes cxn None
services
Min threads Total minimum number of threads for all connection Yes cxn None
services
Max threads Total maximum number of threads for all connection Yes cxn None
services
Stored Messages
Total message bytes Total size in bytes of payload messages currently No None1 mq.metrics.broker
stored in memory and persistent store
Message Flow
Num messages in Cumulative number of payload messages received Yes ttl mq.metrics.broker
since broker started
Num messages out Cumulative number of payload messages sent since Yes ttl mq.metrics.broker
broker started
1
Use query bkr command instead
336 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Brokerwide Metrics
Rate messages in Current rate of flow of payload messages into broker Yes rts None
Rate messages out Current rate of flow of payload messages out of Yes rts None
broker
Message bytes in Cumulative size in bytes of payload messages Yes ttl mq.metrics.broker
received since broker started
Message bytes out Cumulative size in bytes of payload messages sent Yes ttl mq.metrics.broker
since broker started
Rate message bytes in Current rate of flow of payload message bytes into Yes rts None
broker
Rate message bytes out Current rate of flow of payload message bytes out of Yes rts None
broker
Num packets in Cumulative number of payload and control packets Yes ttl mq.metrics.broker
received since broker started
Num packets out Cumulative number of payload and control packets Yes ttl mq.metrics.broker
sent since broker started
Rate packets in Current rate of flow of payload and control packets Yes rts None
into broker
Rate packets out Current rate of flow of payload and control packets Yes rts None
out of broker
Packet bytes in Cumulative size in bytes of payload and control Yes ttl mq.metrics.broker
packets received since broker started
Packet bytes out Cumulative size in bytes of payload and control Yes ttl mq.metrics.broker
packets sent since broker started
Rate packet bytes in Current rate of flow of payload and control packet Yes rts None
bytes into broker
Rate packet bytes out Current rate of flow of payload and control packet Yes rts None
bytes out of broker
Destinations
metrics svc
Metric Quantity Description Log File? Metric Type Metrics Topic
Connections
Message Flow
Num messages out Cumulative number of payload messages sent No ttl None
through connection service since broker started
Rate messages in Current rate of flow of payload messages into broker No rts None
through connection service
Rate messages out Current rate of flow of payload messages out of No rts None
broker through connection service
Message bytes out Cumulative size in bytes of payload messages sent No ttl None
through connection service since broker started
Rate message bytes in Current rate of flow of payload message bytes into No rts None
broker through connection service
Rate message bytes out Current rate of flow of payload message bytes out of No rts None
broker through connection service
Num packets in Cumulative number of payload and control packets No ttl None
received through connection service since broker
started
Num packets out Cumulative number of payload and control packets No ttl None
sent through connection service since broker started
1
Also available with query svc command
338 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Physical Destination Metrics
Rate packets in Current rate of flow of payload and control packets No rts None
into broker through connection service
Rate packets out Current rate of flow of payload and control packets No rts None
out of broker through connection service
Packet bytes in Cumulative size in bytes of payload and control No ttl None
packets received through connection service since
broker started
Packet bytes out Cumulative size in bytes of payload and control No ttl None
packets sent through connection service since broker
started
Rate packet bytes in Current rate of flow of payload and control packet No rts None
bytes into broker through connection service
Rate packet bytes out Current rate of flow of payload and control packet No rts None
bytes out of broker through connection service
metrics dst
Metric Quantity Description Log File? Metric Type Metrics Topic
Message Consumers
340 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Physical Destination Metrics
Stored Messages
Peak total message bytes Peak total size in bytes of No ttl mq.metrics.destination.queue.queueName
messages stored in rts mq.metrics.destination.topic.topicName
memory and persistent
store since broker started
Avg total message bytes Average total size in bytes No ttl mq.metrics.destination.queue.queueName
of messages stored in rts mq.metrics.destination.topic.topicName
memory and persistent
store since broker started
Message Flow
342 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Physical Destination Metrics
Disk Utilization
This chapter describes the monitoring information items that Message Queue exposes through
the Sun JavaTM Enterprise System Monitoring Framework (JESMF), using the Monitoring
Framework’s Common Monitoring Model (CMM). It contains the following sections:
■ “Common Attributes” on page 345
■ “Message Queue Product Information” on page 346
■ “Broker Information” on page 346
■ “Port Mapper Information” on page 347
■ “Connection Service Information” on page 347
■ “Destination Information” on page 349
■ “Persistent Store Information” on page 350
■ “User Repository Information” on page 350
Common Attributes
The attributes listed in Table 19–1 are common to all (or almost all) CMM objects.
Attribute Description
345
Message Queue Product Information
Attribute Description
Broker Information
Table 19–3 shows the JESMF-accessible attributes pertaining to each broker instance.
Attribute Description
346 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Connection Service Information
Roles Array of strings denoting broker’s roles (taken from broker properties
imq.broker.adminDefinedRoles.namen; see Table 14–9)
DirectoryName Distinguished name of directory (for example, LDAP) entry where static
information about application is stored
An empty string indicates that no information about the application is
available in the directory.
Attribute Description
Attribute Description
or
mqssl://hostName:servicePort/serviceName
if statically assigned
MaxThreadPoolSize Number of threads beyond which no new threads are added to thread pool
for use by connection service (broker property
imq.serviceName.max_threads; see Table 14–1)
348 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Destination Information
Destination Information
Table 19–6 shows the JESMF-accessible attributes pertaining to each destination. Each of these
attributes corresponds to a Message Queue physical destination property; see Table 15–1 for
further information.
Attribute Description
Attribute Description
350 Sun Java System Message Queue 4.1 Administration Guide • September 2007
P A R T I V
Appendixes
■ Appendix A, “Platform-Specific Locations of Message Queue Data”
■ Appendix B, “Stability of Message Queue Interfaces”
■ Appendix C, “HTTP/HTTPS Support”
■ Appendix D, “JMX Support”
■ Appendix E, “Frequently Used Command Utility Commands”
351
352
A
A P P E N D I X A
Sun JavaTM System Message Queue data is stored in different locations on different operating
system platforms. The tables that follow show the location of various types of Message Queue
data on the following platforms:
■ “Solaris” on page 353
■ “Linux” on page 354
■ “Windows” on page 355
In the tables, instanceName denotes the name of the broker instance with which the data is
associated.
Solaris
Table A–1 shows the location of Message Queue data on the Solaris operating system. If you are
using Message Queue on Solaris with the standalone version of Sun Java System Application
Server, the directory structure is like that described under “Windows” on page 355.
353
Linux
Linux
Table A–2 shows the location of Message Queue data on the Linux operating system.
354 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Windows
Windows
Table A–3 shows the location of Message Queue data on the Windows operating system. The
table also applies to the Solaris platform when Message Queue is bundled with the standalone
version of Sun Java System Application Server. That version of Application Server is bundled
with neither Solaris nor Sun Java Enterprise System. Use the pathnames in Table A–3, but
change the direction of the slash characters from the Windows backslash (\) to the Solaris
forward slash (/). See“Directory Variable Conventions” on page 25 for definitions of the
IMQ_HOME and IMQ_VARHOME directory variables.
356 Sun Java System Message Queue 4.1 Administration Guide • September 2007
B
A P P E N D I X B
Sun JavaTM System Message Queue uses many interfaces that can help administrators automate
tasks. This appendix classifies the interfaces according to their stability. The more stable an
interface is, the less likely it is to change in subsequent versions of the product.
Any interface that is not listed in this appendix is private and not for customer use.
Classification Scheme
Appendix B, “Stability of Message Queue Interfaces” describes the stability classification
scheme.
Classification Description
Private Not for direct use by customers. May change or be removed in any release.
Evolving For use by customers. Subject to incompatible change at a major (e.g. 3.0,
4.0) or minor (e.g. 3.1, 3.2) release. The changes will be made carefully and
slowly. Reasonable efforts will be made to ensure that all changes are
compatible but that is not guaranteed.
Standard For use by customers. These interfaces are defined by a formal standard, and
controlled by a standards organization. Incompatible changes to these
interfaces are rare.
357
Interface Stability
Unstable For use by customers. Subject to incompatible change at a major (e.g. 3.0,
4.0) or minor (e.g. 3.1, 3.2) release. Customers are advised that these
interfaces may be removed or changed substantially and in an incompatible
way in a future release. It is recommended that customers not create explicit
dependencies on unstable interfaces.
Interface Stability
Appendix B, “Stability of Message Queue Interfaces” lists the interfaces and their classifications.
Interface Classification
Commands
358 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Interface Stability
APIs
C-API Evolving
Files
System Destinations
Configuration Properties
Message Queue JMS Resource Adapter JavaBean and ActivationSpec configuration Evolving
properties
Miscellaneous
360 Sun Java System Message Queue 4.1 Administration Guide • September 2007
C
A P P E N D I X
HTTP/HTTPS Support
C
Message Queue includes support for Java clients to communicate with a message broker by
means of the HTTP or secure HTTP (HTTPS) transport protocols, rather than through a direct
TCP connection. (HTTP/HTTPS support is not available for C clients.) Because HTTP/HTTPS
connections are normally allowed through firewalls, this allows client applications to be
separated from the broker by a firewall.
This appendix describes the architecture used to enable HTTP/HTTPS support and explains
the setup work needed to allow Message Queue clients to use such connections. It has the
following sections:
■ “HTTP/HTTPS Support Architecture” on page 361
■ “Enabling HTTP/HTTPS Support” on page 362
■ “Troubleshooting” on page 377
361
Enabling HTTP/HTTPS Support
■ On the broker side, the httpjms or httpsjms connection service unwraps and
demultiplexes incoming messages from the corresponding tunnel servlet.
Broker
httpjms/httpsjms
Connection
Services
JMS Client
TLS TCP
Message Queue
HTTP
Client Runtime
HTTP
Tunnel
Servlet
Firewall
HTTPS HTTPS
Tunnel
Servlet
HTTP
Proxy Web Server or
Application Server
The main difference between HTTP and HTTPS connections is that in the HTTPS case
(httpsjms connection service), the tunnel servlet has a secure connection to both the client
application and the broker. The secure connection to the broker is established by means of the
Secure Socket Layer (SSL) protocol. Message Queue’s SSL-enabled HTTPS tunnel servlet passes
a self-signed certificate to any broker requesting a connection. The broker uses the certificate to
establish an encrypted connection to the tunnel servlet. Once this connection is established, a
secure connection between the client application and the tunnel servlet can be negotiated by the
client application and the application server or Web server.
362 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
3. (HTTPS only) Validate the Web or application server’s self-signed certificate and install it in
the client application’s trust store.
4. (HTTP and HTTPS) Deploy the HTTP or HTTPS tunnel servlet.
5. (HTTP and HTTPS) Configure the broker’s httpjms or httpsjms connection service and
start the broker.
6. (HTTP and HTTPS) Configure an HTTP or HTTPS connection.
The following subsections describe each of these steps in greater detail, using Sun JavaTM System
Application Server as an example for purposes of illustration. If you are using a different
application server or Web server (such as Sun Java System Web Server), the procedures will be
substantially similar but may differ in detail; see your server product’s own documentation for
specifics.
Run the Message Queue Key Tool utility (imqkeytool) to generate a self-signed certificate for
the tunnel servlet. (On UNIX systems, you may need to run the utility as the root user in order
to have permission to create the key store.) Enter the following at the command prompt:
The Key Tool utility prompts you for a key store password:
After you have entered a valid password, the utility prompts you for identifying information
from which to construct an X.500 distinguished name. Table C–1 shows the prompts and the
values to be provided for each prompt. Values are case-insensitive and can include spaces.
What is your first and last commonName (CN) Fully qualified name of server running mqserver.sun.com
name? the broker
What is the name of your organizationalUnit (OU) Name of department or division purchasing
organizational unit?
What is the name of your organizationName (ON) Name of larger organization, such as a Acme Widgets, Inc.
organization? company or government entity
What is the name of your city localityName (L) Name of city or locality San Francisco
or locality?
What is the name of your state stateName (ST) Full (unabbreviated) name of state or California
or province? province
When you have entered the information, the Key Tool utility displays it for confirmation: for
example,
To accept the current values and proceed, enter yes; to reenter values, accept the default or
enter no. After you confirm, the utility pauses while it generates a key pair.
Next, the utility asks for a password to lock the key pair (key password). Press Return in
response to this prompt to use the same password for both the key password and the key store
password.
Caution – Be sure to remember the password you specify. You must provide this password later
to the tunnel servlet so it can open the key store.
The Key Tool utility generates a self-signed certificate and places it in Message Queue’s key store
file at the location you specified for the keyStoreLocation argument.
Caution – The HTTPS tunnel servlet must be able to see the key store. Be sure to move or copy
the generated key store from the location specified by keyStoreLocation to one accessible to the
tunnel servlet (see “Step 4 (HTTP and HTTPS): Deploying the Tunnel Servlet” on page 370).
364 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
5 Edit the deployment descriptor to specify the key store location and password.
Edit the web.xml file to provide appropriate values for the keystoreLocation and
keystorePassword elements (as well as servletPort and servletHost, if necessary): for
example,
<init-param>
<param-name>keystoreLocation</param-name>
<param-value>/local/tmp/imqhttps/keystore</param-value>
</init-param>
<init-param>
<param-name>keystorePassword</param-name>
<param-value>shazam</param-value>
</init-param>
<init-param>
<param-name>servletHost</param-name>
<param-value>localhost</param-value>
</init-param>
<init-param>
<param-name>servletPort</param-name>
<param-value>7674</param-value>
</init-param>
Note – If you are concerned about exposure of the key store password, you can use file-system
permissions to restrict access to the imqhttps.war file.)
Note – If necessary, you can use the JDK Key Tool utility to generate a key store of your own and
use it in place of the default key store. For more information, see the section “Establishing a
Secure Connection Using SSL” in Chapter 28, “Introduction to Security in Java EE,” of the Java
EE 5 Tutorial at
http://java.sun.com/javaee/5/docs/tutorial/doc/Security-Intro7.html
366 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
a. Make the directory containing the key store file your current directory.
For example, to use the Application Server’s default key store file (as shown above), navigate
to its directory with the command
cd appServerRoot/glassfish/domains/domain1/config
where appServerRoot is, again, the root directory in which the Application Server is
installed.
368 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
To deploy the tunnel servlet from the command line, use the deploy subcommand of the
Application Server administration utility (asadmin): for example,
The procedure below shows how to use the Web-based GUI to deploy the servlet.
After deploying the tunnel servlet (whether from the command line or with the Web-based
GUI), proceed to “Modifying the Application Server’s Security Policy File” on page 371 for
instructions on how to grant it the appropriate permissions.
a. Enter the location of the tunnel servlet’s Web archive file (imqhttp.war or imqhttps.war) in
the File Path text field.
The file is located in the Message Queue installation directory containing .jar, .war, and
.rar files, depending on your operating system platform (see Appendix A,
“Platform-Specific Locations of Message Queue Data”).
370 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
where appServerRoot is the root directory in which Sun Java System Application Server is
installed.
TABLE C–2 Broker Configuration Properties for the httpjms and httpsjms Connection Services
372 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
.../instances/instanceName/props/config.properties
(See Appendix A, “Platform-Specific Locations of Message Queue Data” for the location of the
instances directory.)
imq.service.activelist=jms,admin,httpsjms
JRE_HOME/lib/ext
JRE_HOME/lib/security/java.security
where n is the next available priority number for a security provider package.
374 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Enabling HTTP/HTTPS Support
http://hostName:portNumber/contextRoot/tunnel
or
https://hostName:portNumber/contextRoot/tunnel
where hostName:portNumber is the host name and port number of the application server or
Web server hosting the tunnel servlet and contextRoot is the context root directory you
specified when deploying the tunnel servlet on the server, as described above under “Step 4
(HTTP and HTTPS): Deploying the Tunnel Servlet” on page 370.
You can set the imqAddressList attribute in any of the following ways:
■ Use the -o option to the imqobjmgr command that creates the connection factory
administered object (see “Adding a Connection Factory” on page 139).
■ Set the attribute when creating the connection factory administered object using the
Administration Console (imqadmin).
■ Use the -D option to the command that launches the client application.
■ Use an API call to set the attributes of the connection factory after you create it
programmatically in client application code (see the Message Queue Developer’s Guide for
Java Clients).
http://hostName:portNumber/contextRoot/tunnel?ServerName=brokerHostName:instanceName
or
https://hostName:portNumber/contextRoot/tunnel?ServerName=brokerHostName:instanceName
where brokerHostName is the broker instance host name and instanceName is the name of the
specific broker instance you want your client to access.
To check that you have entered the correct values for brokerHostName and instanceName,
generate a status report for the HTTP/HTTPS tunnel servlet by accessing the servlet URL from
a browser:
http://localhost:8080/imqhttp/tunnel
The report lists all brokers being accessed by the servlet, as shown in Example C–1.
376 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Troubleshooting
Troubleshooting
This section describes possible problems with an HTTP or HTTPS connection and provides
guidance on how to handle them.
2 Use a browser to access the servlet manually through the tunnel servlet URL.
3 Use the following administrative commands to pause and resume the connection:
imqcmd pause svc -n httpsjms -u admin
imqcmd resume svc -n httpsjms -u admin
When the service resumes, an HTTPS client should be able to connect to the broker through the
tunnel servlet.
JMX Support
D
Message Queue includes support for Java-based client programs to configure and monitor
Message Queue resources, such as message brokers, connections, and destinations,
programmatically by means of the Java Management Extensions (JMX) application
programming interface. Use of the JMX API from the client side is fully described in the
Message Queue Developer’s Guide for JMX Clients. This appendix describes the administrative
features provided to support such use.
imq.jmx.connector.connectorName.urlpath
imq.jmx.connector.connectorName.useSSL
imq.jmx.connector.connectorName.brokerHostTrusted
By default, two JMX connectors are created, named jmxrmi and ssljmxrmi; the second is
configured to use Secure Socket Layer (SSL) encryption
(imq.jmx.connector.ssljmxrmi.useSSL = true), while the second is not
(imq.jmx.connector.jmxrmi.useSSL = false). By default, only the jmxrmi connector is
activated at broker startup; see“SSL Support for JMX Clients” on page 380, below, for
information on how to activate the ssljmxrmi connector for secure communications.
379
SSL Support for JMX Clients
Message Queue’s JMX connectors use remote method invocation (RMI) as the infrastructure
for communicating between client and server. The broker properties
imq.jmx.rmiregistry.start and imq.jmx.rmiregistry.use specify whether to start a local
RMI registry at broker startup or use an external registry. The imq.jmx.rmiregistry.port
property specifies the port number for the RMI registry. For convenience, these properties can
also be specified by using equivalent Broker utility (imqbrokerd) options at broker startup:
-startRmiRegistry, -useRmiRegistry, and -rmiRegistryPort, respectively (see Table 13–1).
The Command utility (imqcmd) subcommand list jmx displays a list of JMX service URLs of
JMX connectors created and started at broker startup. This information is needed by JMX
clients that do not use the Message Queue convenience class AdminConnectionFactory to
obtain their JMX connectors, and can also be used for managing or monitoring Message Queue
via a generic JMX browser such as the Java Monitoring and Management Console (jconsole).
2 Install the root certification authority certificate in the trust store if necessary.
3 Add the ssljmxrmi connector to the list of JMX connectors to be activated at broker startup:
imq.jmx.connector.activelist=jmxrmi,ssljmxrmi
380 Sun Java System Message Queue 4.1 Administration Guide • September 2007
SSL Support for JMX Clients
This appendix lists some frequently used Message Queue Command utility ( imqcmd)
commands. For a comprehensive list of command options and attributes available to you from
the command line, refer to “Command Utility” on page 266 in “Command Utility” on page 266
Syntax
imqcmd subcommand argument [
options]
imqcmd -h|H
imqcmd -v
When you use imqcmd, the Command utility prompts you for a password. To avoid the prompt
(and to increase security), you can use the -passfile pathToPassfile option to point the utility
to a password file that contains the administrator user name and password.
383
Service and Connection Management
Property Notes
imq.autocreate.queue
imq.autocreate.topic
imq.cluster.url
imq.destination.DMQ.truncateBody
imq.destination.logDeadMessages
imq.log.level NONE
ERROR
WARNING
INFO
imq.portmapper.port
384 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Destination Management
Transaction Management
imqcmd list txn
imqcmd commit txn -n 1234567890
imqcmd query txn -n 1234567890
imqcmd rollback txn -n 1234567890
Destination Management
imqcmd create dst -n MyQueue -t q -o "maxNumMsgs=1000" -o "maxNumProducers=5"
imqcmd update dst -n MyTopic -t t -o "limitBehavior=FLOW_CONTROL| REMOVE_OLDEST|REJECT_NEWEST|REMOVE_LOW_PRIORITY"
imqcmd compact dst -n MyQueue -t q
imqcmd purge dst -n MyQueue -t q
imqcmd pause dst -n MyQueue -t q -pst PRODUCERS|CONSUMERS|ALL
imqcmd resume dst -n MyQueue -t q
imqcmd destroy dst -n MyQueue -t q
imqcmd query dst -n MyQueue -t q
imqcmd list dst -tmp
Property Notes
limitBehavior FLOW_CONTROL
REMOVE_OLDEST
REJECT_NEWEST
REMOVE_LOW_PRIORITY
useDMQ
Metrics
imqcmd metrics bkr -m cxn|rts|ttl -int 5 -msp 20
imqcmd metrics svc -m cxn|rts|ttl
imqcmd metrics dst -m con|dsk|rts|ttl
386 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
A Administration Console
access control file starting, 40
location, 354, 355, 356 tutorial, 39
acknowledgeMode activation specification administration tasks
attribute, 332 development environment, 33-34
ActivationSpec JavaBean, 331 production environment, 34-35
addressList activation specification attribute, 331 administration tools, 36-37
addressList managed connection factory attribute, 330 Administration Console, 37
addressList Resource Adapter attribute, 328 command line utilities, 36
addressListBehavior managed connection factory administrator password, 170
attribute, 330 API documentation, 354, 355, 356
addressListBehavior Resource Adapter attribute, 328 attributes of physical destinations, 313-315
addressListIterations managed connection factory authentication
attribute, 330 See also access control
addressListIterations Resource Adapter attribute, 328 about, 85
admin connection service, 76 JAAS-based
ADMIN service type, 76 See JAAS-based authentication
admin user, 167 managing, 165-179
changing password, 170 authorization
administered objects See also access control
attributes (reference), 317 about, 85-86
deleting, 141 managing, 180-185
listing, 141-142 user groups, 85
managing, 127-145 auto-create physical destinations
object store access control, 86, 184
See object stores properties (table), 287-290
querying, 142 automatic reconnection, 132
required information, 137 limitations, 132
updating, 143 AUTOSTART property, 69
XA connection factory
See connection factory administered objects
387
Index
B brokers (Continued)
benchmarks, performance, 214-215 clusters
bottlenecks, performance, 218 See broker clusters
broker clusters commands for managing, 268-270
adding brokers to, 156 configuration files
architecture, 225 See configuration files
configuration change record, 148 displaying metrics, 270
configuration file, 150, 154, 155, 161, 302 httpjms connection service properties, 372
configuration properties, 149, 302-304 httpsjms connection service properties, 372
connecting conventional brokers, 154 instance configuration properties, 90
conventional, 147-148 instance name, 262
automatic reconnection in, 132 interconnected
high-availability (HA), 148-149 See broker clusters
automatic reconnection in, 132 limit behaviors, 78, 225
listing brokers, 105, 152-154, 269 listing, 105
master broker, 148 listing connection services, 107
pausing physical destinations in, 118 listing property values, 269
performance effect of, 225 logging
purging physical destinations in, 119 See Logger
reasons for using, 225 managing, 97-114
reloading configuration, 269 memory management, 78, 225
secure interbroker connections (SSL), 155 message capacity, 78, 103, 286
broker components message flow control
connection services, 75, 76 See message flow control
monitoring services, 75, 86-88 metrics
persistence services, 75, 80-83 See broker metrics
routing services, 75, 78 pausing, 102, 268
security services, 75, 83-86 permissions required for starting, 68
broker metrics properties (reference), 283, 313
Logger properties, 87, 203, 301 querying, 104
metric quantities (table), 336-337 quiescing, 101, 268
metrics messages, 88 recovery from failure, 80
reporting interval, Logger, 265 removing, 72-73
using broker log files, 203 restarting, 80, 101, 268
using imqcmd, 207, 208 restarting automatically, 69
using message-based monitoring, 210 resuming, 102, 269
broker monitoring service, properties, 298-302 running as Windows service, 70-72
broker responses, wait period for client, 322 setting properties, 269
brokers shutting down, 100, 268
access control startup with SSL, 189
See authorization takeover, 269
auto-create physical destination properties, 287-290 unquiescing, 102, 269
clock synchronization, 67-68 updating properties of, 103
clustering, 154 viewing information about, 104-105
388 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
389
Index
390 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
I
imq.accesscontrol.enabled property, 84, 294
G imq.accesscontrol.file.filename property, 84, 295
guest user, 167 imq.admin.tcp.port property, 195
391
Index
392 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
393
Index
394 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
395
Index
396 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
397
Index
398 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
399
Index
400 Sun Java System Message Queue 4.1 Administration Guide • September 2007
Index
401
Index
X
xntpd daemon, 67
402 Sun Java System Message Queue 4.1 Administration Guide • September 2007