External ActiveMQ with Wildfly 9.0.1

Target of this post is to configure a vanilla Wildfly 9.0.1 to use an external vanilla ActiveMQ 5.12.0. These are the latest releases on 2015-09-18. I got it running with following steps:

  1. Download Wildfly 9.0.1 if you don’t have it already: http://download.jboss.org/wildfly/9.0.1.Final/wildfly-9.0.1.Final.zip
  2. Download ActiveMQ 5.12.0 if you don’t have it already: http://www.apache.org/dyn/closer.cgi?path=/activemq/5.12.0/apache-activemq-5.12.0-bin.zip
  3. Download ActiveMQ Resource Adapter if you don’t have it already: https://repository.apache.org/content/repositories/releases/org/apache/activemq/activemq-rar/5.9.1/activemq-rar-5.9.1.rar
  4. Extract all the downloaded files. You can place Wildfly and ActiveMQ wherever you want. The resource adapter should go to $WILDFLY/modules/org/apache/activemq/main. All files in apache-activemq-5.12.0-bin.zip should go to this folder.
  5. Edit $WILDFLY/modules/org/apache/activemq/main/META-INF/ra.xml and remove the part marked with <!– NOTE disable the following property if you do not wish to deploy an embedded broker –>
  6. Add the file $WILDFLY/modules/org/apache/activemq/main/module.xml with this content
  7. Edit $WILDFLY/standalone/configuration/standalone.xml and add the following parts:
    • Under urn:jboss:domain:ejb3:3.0 add
    • Under urn:jboss:domain:resource-adapters:3.0 add the resource adapter
  8. In your project you will need to activate javax.jms.api in your jboss-deployment-structure.xml file (placed in WEB-INF folder):
  9. Now you should be able to write your MDB like this
  10. You will find the ActiveMQ management gui under http://localhost:8161/admin/. The default credentials are admin/admin.

JBAS010153: Node identifier property is set to the default value

I got the following warning on startup of EAP 6.4.2:

WARN  [org.jboss.as.txn] (ServerService Thread Pool — 46) JBAS010153: Node identifier property is set to the default value. Please make sure it is unique.

To get rid of this you have to add a node-identifier attribute in the transactions subsystem. Here is my actual config after adding the attribute:

The default standalone.xml has no node-identifier=”SOME_ID” entry and that’s the reason for this warning.

Remove “Server” and “X-Powered-By” headers in wildfly 8.2.0

Just remove the following two lines

from your undertow config in standalone.xml. They are found under subsystem urn:jboss:domain:undertow:1.2 > server > host.

Don’t forget to reload/-start your application server after these changes.

Continue reading

SSL in Wildfly 8.2.0

Since wildfly uses undertow the configuration of SSL has changed. You can follow these steps to get SSL running:

  • Create a keystore with keys:

You need to replace “localhost” with your domain name.

NOTE: Your browser will complain that the connection is unsecure because we have no officially signed certificate. Look for a tutorial to create a keypair and a certificate sign request (csr) that you have to send to a certification authority (ca).

  • Configure the SslRealm:

  •  And add a listener:

Now you should be able to access your wildfly under https://localhost:8433/.

Widlfly 8.2.0 – JBAS010153: Node identifier is set to the default value

In the latest version of Wildfly (8.2.0) there is a warning looking like

To get rid of this you have to change the standalone.xml file.  Change this part

to look like this

Of course you can use any value as identifier and “wildfly1” is just an example. Make sure not to use more than 23 characters.

Encrypted Database Passwords in JBoss

JBoss provides a simple mechanism to encrypt database passwords with blowfish. So the standalone.xml does not include our database passwords in plaintext anymore.

First you have to encrypt your password with org.picketbox.datasource.security.SecureIdentityLoginModule. This class includes a main method so you can run it with a single argument which has to be your plaintext password. The result will look like this:

The class is included in jboss modules.

Then create a security-domain in your standalone.xml file:

Or with cli:

 

The last step is to replace the username+password part of your datasource with a security-domain element. This would look like this in its simplest way:

After theses changes start your application server.

ATTENTION! The passphrase that is used for the Blowfish algorithm is hardcoded in the login module. To make this secure you have to change the password in that component. Change the source and recompile or create an extension and overwrite all necessary parts and add it as a new module.

Disable Deployment-Scanner in JBoss

Look for the deployment-scanner config in your standalone.xml and configure the scan interval to -1 to allow deployment onyl from shell or at startup. Here is the relevant part:

Or with cli:

 

Make your webapplication log debug messages under jboss

I often catch myself writing info-messages because jboss is configured to info-mode by default. By adding the following few lines you can make your application use debug mode:

Of course you have to change the category (your package name) in the logger. The snippet is from Wildfly 8.1. But it is the same approach for JBoss AS 7+.

Get rid of Wildfly/JBoss headers “Server” and “X-Powered-By”

If you don’t want to send these headers with every response you have to disable them in your configuration file (standalone.xml).

I just removed the following lines from my undertow subsystem (urn:jboss:domain:undertow:1.1):

After a server restart the headers were gone.