NIFI-614 Added initial support for new style JMS #222
Conversation
olegz
force-pushed
the
NIFI-614
branch
2 times, most recently
from
913a744
to
8d95aaa
Compare
| @@ -0,0 +1 @@ | |||
| /lib/ | |||
olegz
force-pushed
the
NIFI-614
branch
2 times, most recently
from
66bace0
to
eab2408
Compare
olegz
force-pushed
the
NIFI-614
branch
2 times, most recently
from
e39ab74
to
f9ff8a0
Compare
|
Reviewing |
|
Following the pattern for Controller Services and their API in nifi-standard-services, JMSConnectionFactoryProviderDefinition should be in it's own package. |
|
New commits fail contrib-check for these reasons: [INFO] --- maven-checkstyle-plugin:2.15:check (check-style) @ nifi-jms-processors --- |
|
What was the motivation for creating an additional details page for the Publish/Consume processors that is just a summary and an overview of the configuration? Both of those could be conveyed using the CapabilityDescription tag and the property descriptions. It also makes it harder to maintain. |
|
We'll be adding more docs in there in the future related to specific providers (e.g., IBM, Tibco etc), so treat it as place holder |
|
Why are the docs needed as place holders? It is not a breaking change to adding additional documentation pages in the future. Details regarding simple capability description and processor property descriptors should follow the same convention other components follow. |
|
Build is still failing contrib check after the latest patches due to: [INFO] --- maven-checkstyle-plugin:2.15:check (check-style) @ nifi-jms-cf-service --- |
olegz
force-pushed
the
NIFI-614
branch
3 times, most recently
from
b125cd7
to
3aa79c2
Compare
|
Tested on IBM MQ 7.5 and greater |
|
Tested using Tibco with SSL, didn't work. ERROR o.a.n.jms.processors.PublishJMS org.springframework.jms.JmsSecurityException: Can not initialize SSL client: no trusted certificates are set; nested exception is javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set Caused by: javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set I'm not sure how to pass the keystores from the SSL Context Service property of JMSConnectionFactoryProvider into the instance of the MQ ConnectionFactory Implementation using the configuration options provided. |
|
@mosermw shouldn't you just be able to create a typical SSL controller service and set the "SSL Context Service" property to point to it? This should automatically use the properties set in the SSL controller service. |
|
Yep, that's what I did. The TibjmsConnectionFactory must not see the truststore I set in the SSL Context Service. I'm worried that different JMS providers require different SSL setup. |
|
I'll look at it. I think I know what's going on. |
|
So the problem with Tibco and SSL is that Tibco does things differently then other providers. In other words they don't use SSLContext and instead rely on setting individual properties inside their implementation of ConnectionFactory. The good thing is we can extract them from SSLContext, but need ti know exactly what we need. That said, propose to release this new JMS support with understanding that it does not yet support Tibco SSL and add it later as part of the enhancement. |
|
i am on the same page of this being a good start oleg provided the JIRA is created to enable ssl context to provide info for providers that want it. We don't have support for tibco ssl in apache now anyway. |
|
Agreed and the JIRA is https://issues.apache.org/jira/browse/NIFI-1628 |
|
I am a +1 on merging this PR in (once commits have been squashed). I reviewed the code, did a contrib check build and did basic testing with ActiveMQ. With @digitalplummer having done more extensive testing with other JMS brokers, I am satisfied with the PR. |
NIFI-614 finalized JMSConnectionFactoryProvider ControllerService NIFI-614 finalized implementation of both Processors and ControllerService NIFI-614 added initial documentation NIFI-614 addressed PR comment with unused import and squashed NIFI-614 added @OnDisabled method NIFI-614 changed POMs to 0.6 NIFI-614 removed local .gitignore NIFI-614 added support for parsing Tibco URL NIFI-614 removed setting of jms message id NIFI-614 addressed PR comments, fixed tests NIFI-614 addressed latest PR comments NIFI-614 second round of PR comments addressed NIFI-614 3rd round of PR comments addressed NIFI-614 finalizing on PR comments NIFI-614 more PR comments
|
Was the Tibco issue ever followed up on? Tibco Java Doc is available here: |
|
Since TIBCO libraries don't fall under a license that is compatible with the Apache License 2.0, Apache NiFi cannot distribute a solution that is specific to TIBCO. But you should be able to build an extension to Apache NiFi that works for you. Here is an example for how you might approach building a NiFi extension for this mosermw/nifi-jms-providers-bundle. |
|
I understand that Apache Nifi can not deliver custom solutions for individual proprietary JMS providers. But as I understood, the dynamic property was build exactly for the purpose to set custom attributes of the Connection Factory as mentioned in the Documentation: So the question is if this is working for other providers and the implementation on Tibco Site does not allow the dynamic setting of attributes or is it a problem in Nifi that it does not call the set Method of the attribute correctly? |
|
@jugi92 you're right that the NIFi support for dynamic/custom attributes to help with Vendor differences. However, even in that case it appears (though I've not personally verified) that this isn't enough in the Tibco case for getting TLS setup propertly for them. For the NiFi method to work the custom attributes need to correspond to bean properties/setters. If their approach requires more awareness then it will require a specific component for them. I am aware of plenty of NiFi/Tibco integrations but they're outside of Apache at this point given what Mike highlighted above. If you are able to investigate the Tibco TLS setup requirements and see what the gap is perhaps it can be done in a vendor neutral way |
|
I found out that it works if the SSL Context Service is configured correctly and the dynamic property is provided as shown below:
So the dynamic attributes are a really valuable thing. |
|
@jugi92 this solution does not work with tibjms.jar v8.x In v8 tibco adds "void setSSLTrustedCertificate(byte[] certificate, java.lang.String trustedEncoding)" to it's TibjmsConnectionFactory class, which is what method the jms util finds first causing a too few arguments exception. |
NIFI-614 finalized JMSConnectionFactoryProvider ControllerService
NIFI-614 finalized implementation of both Processors and ControllerService
NIFI-614 added initial documentation
NIFI-614 polishing