Category Archives: JBoss

External ActiveMQ with Wildfly 9.0.1

Target of this post is to configure a vanilla Wildfly 9.0.1 to use an external vanilla ActiveMQ 5.12.0. These are the latest releases on 2015-09-18. I got it running with following steps:

  1. Download Wildfly 9.0.1 if you don’t have it already:
  2. Download ActiveMQ 5.12.0 if you don’t have it already:
  3. Download ActiveMQ Resource Adapter if you don’t have it already:
  4. Extract all the downloaded files. You can place Wildfly and ActiveMQ wherever you want. The resource adapter should go to $WILDFLY/modules/org/apache/activemq/main. All files in should go to this folder.
  5. Edit $WILDFLY/modules/org/apache/activemq/main/META-INF/ra.xml and remove the part marked with <!– NOTE disable the following property if you do not wish to deploy an embedded broker –>
  6. Add the file $WILDFLY/modules/org/apache/activemq/main/module.xml with this content
    <module xmlns="urn:jboss:module:1.1" name="org.apache.activemq" xmlns:xsi="">
        <resource-root path="."/>
        <resource-root path="activemq-broker-5.9.1.jar"/>
        <resource-root path="activemq-client-5.9.1.jar"/>
        <resource-root path="activemq-jms-pool-5.9.1.jar"/>
        <resource-root path="activemq-kahadb-store-5.9.1.jar"/>
        <resource-root path="activemq-openwire-legacy-5.9.1.jar"/>
        <resource-root path="activemq-pool-5.9.1.jar"/>
        <resource-root path="activemq-protobuf-1.1.jar"/>
        <resource-root path="activemq-ra-5.9.1.jar"/>
        <resource-root path="activemq-spring-5.9.1.jar"/>
        <resource-root path="aopalliance-1.0.jar"/>
        <resource-root path="commons-pool-1.6.jar"/>
        <resource-root path="commons-logging-1.1.3.jar"/>
        <resource-root path="hawtbuf-1.9.jar"/>
        <resource-root path="spring-aop-3.2.5.RELEASE.jar"/>
        <resource-root path="spring-beans-3.2.5.RELEASE.jar"/>
        <resource-root path="spring-context-3.2.5.RELEASE.jar"/>
        <resource-root path="spring-core-3.2.5.RELEASE.jar"/>
        <resource-root path="spring-expression-3.2.5.RELEASE.jar"/>
        <resource-root path="xbean-spring-3.15.jar"/>
        <exclude path="org/springframework/**"/>
        <exclude path="org/apache/xbean/**"/>
        <exclude path="org/apache/commons/**"/>
        <exclude path="org/aopalliance/**"/>
        <exclude path="org/fusesource/**"/>
        <module name="javax.api"/>
        <module name="org.slf4j"/>
        <module name="javax.resource.api"/>
        <module name="javax.jms.api"/>
        <module name=""/>
  7. Edit $WILDFLY/standalone/configuration/standalone.xml and add the following parts:
    • Under urn:jboss:domain:ejb3:3.0 add
        <resource-adapter-ref resource-adapter-name="activemq-rar.rar"/>
        <bean-instance-pool-ref pool-name="mdb-strict-max-pool"/>
    • Under urn:jboss:domain:resource-adapters:3.0 add the resource adapter
          <resource-adapter id="activemq-rar.rar">
              <module slot="main" id="org.apache.activemq"/>
              <config-property name="ServerUrl">tcp://localhost:61616</config-property>
                  <connection-definition class-name="org.apache.activemq.ra.ActiveMQManagedConnectionFactory" jndi-name="java:/ConnectionFactory" enabled="true" use-java-context="true" pool-name="ConnectionFactory"/>
                  <admin-object class-name="org.apache.activemq.command.ActiveMQQueue" jndi-name="queue/test-queue" use-java-context="true" pool-name="test_queue">
                      <config-property name="PhysicalName">testQueue</config-property>
  8. In your project you will need to activate javax.jms.api in your jboss-deployment-structure.xml file (placed in WEB-INF folder):
    <jboss-deployment-structure xmlns="urn:jboss:deployment-structure:1.1">
                <module name="javax.jms.api" export="true"/>
  9. Now you should be able to write your MDB like this
    import javax.ejb.ActivationConfigProperty;
    import javax.ejb.MessageDriven;
    import javax.jms.Message;
    import javax.jms.MessageListener;
    @MessageDriven(activationConfig = {
        @ActivationConfigProperty(propertyName = "acknowledgeMode", propertyValue = "Auto-acknowledge"),
        @ActivationConfigProperty(propertyName = "destination", propertyValue = "queue/test-queue"),
        @ActivationConfigProperty(propertyName = "destinationType", propertyValue = "javax.jms.Queue"),
    public class TestMDB implements MessageListener {
        public void onMessage(Message msg) {
            // do something
  10. You will find the ActiveMQ management gui under http://localhost:8161/admin/. The default credentials are admin/admin.

JBAS010153: Node identifier property is set to the default value

I got the following warning on startup of EAP 6.4.2:

WARN  [] (ServerService Thread Pool — 46) JBAS010153: Node identifier property is set to the default value. Please make sure it is unique.

To get rid of this you have to add a node-identifier attribute in the transactions subsystem. Here is my actual config after adding the attribute:

<subsystem xmlns="urn:jboss:domain:transactions:1.5">
  <core-environment node-identifier="eap6">
  <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
  <coordinator-environment default-timeout="300"/>

The default standalone.xml has no node-identifier=”SOME_ID” entry and that’s the reason for this warning.

SSL in Wildfly 8.2.0

Since wildfly uses undertow the configuration of SSL has changed. You can follow these steps to get SSL running:

  • Create a keystore with keys:
cd $WILDFLY_HOME/standalone/configuration
keytool -genkey -alias localhost -keyalg RSA -keystore keystore.jks -keysize 4096

You need to replace “localhost” with your domain name.

NOTE: Your browser will complain that the connection is unsecure because we have no officially signed certificate. Look for a tutorial to create a keypair and a certificate sign request (csr) that you have to send to a certification authority (ca).

  • Configure the SslRealm:
    <security-realm name="SslRealm">
          <keystore path="keystore.jks" relative-to="jboss.server.config.dir" keystore-password="changeme"/>
  •  And add a listener:
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
  <buffer-cache name="default"/>
  <server name="default-server">
    <http-listener name="default" socket-binding="http"/>
    <https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>

Now you should be able to access your wildfly under https://localhost:8433/.

Widlfly 8.2.0 – JBAS010153: Node identifier is set to the default value

In the latest version of Wildfly (8.2.0) there is a warning looking like

[] (ServerService Thread Pool -- 46) JBAS010153: Node identifier property is set to the default value. Please make sure it is unique.

To get rid of this you have to change the standalone.xml file.  Change this part

<subsystem xmlns="urn:jboss:domain:transactions:2.0">
  <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>

to look like this

<subsystem xmlns="urn:jboss:domain:transactions:2.0">
  <core-environment node-identifier="wildfly1">
  <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>

Of course you can use any value as identifier and “wildfly1” is just an example. Make sure not to use more than 23 characters.

Encrypted Database Passwords in JBoss

JBoss provides a simple mechanism to encrypt database passwords with blowfish. So the standalone.xml does not include our database passwords in plaintext anymore.

First you have to encrypt your password with This class includes a main method so you can run it with a single argument which has to be your plaintext password. The result will look like this:

Encoded password: 1ab234cf321cca

The class is included in jboss modules.

Then create a security-domain in your standalone.xml file:

<security-domain name="databaseSecure" cache-type="default">
    <login-module code="" flag="required">
      <module-option name="username" value="username"/>
      <module-option name="password" value="1ab234cf321cca"/>

Or with cli:

/subsystem=security/security-domain=databaseSecure/authentication=classic:add(login-modules=[{"code"=>"", "flag"=>"required", "module-options"=>[("username"=>"username"), ("password"=>"1ab234cf321cca")]}])


The last step is to replace the username+password part of your datasource with a security-domain element. This would look like this in its simplest way:

<datasource jndi-name="java:jboss/datasources/mypgDS" pool-name="MypgDS" enabled="true" use-java-context="true">

After theses changes start your application server.

ATTENTION! The passphrase that is used for the Blowfish algorithm is hardcoded in the login module. To make this secure you have to change the password in that component. Change the source and recompile or create an extension and overwrite all necessary parts and add it as a new module.

Disable Stacktrace in Response of JBoss

To disable the source body in a stacktrace you have to add the following configuration to your web subsystem in standalone.xml:

  <jsp-configuration display-source-fragment="false"/>

Or with cli:

/subsystem=web/configuration=jsp-configuration:write-attribute(name=display-source-fragment, value=false)


Disable/Enable JSP Regeneration

To disable JSP regeneration (which is by default off in EAP6) simple add the following  to your web subsystem:

  <jsp-configuration development="false" />

Or with cli:


Simply replace false with true to enable it.

Disable Deployment-Scanner in JBoss

Look for the deployment-scanner config in your standalone.xml and configure the scan interval to -1 to allow deployment onyl from shell or at startup. Here is the relevant part:

<subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1">
  <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="-1"/>

Or with cli:

/subsystem=deployment-scanner/scanner=default:write-attribute(name=scan-interval, value=-1)