NIFI-15647 Add SSL configuration support for ActiveMQ Artemis JMS connections#10936
Open
Chaffelson wants to merge 1 commit intoapache:mainfrom
Open
NIFI-15647 Add SSL configuration support for ActiveMQ Artemis JMS connections#10936Chaffelson wants to merge 1 commit intoapache:mainfrom
Chaffelson wants to merge 1 commit intoapache:mainfrom
Conversation
Author
|
Also should complete https://issues.apache.org/jira/browse/NIFI-13522 |
79a5e58 to
dd18e7d
Compare
…nections JMSConnectionFactoryHandler now augments the broker URL with SSL transport parameters (sslEnabled, trustStorePath, keyStorePath, etc.) when an SSLContextService is configured and the connection factory implementation is ActiveMQ Artemis. Previously, Artemis SSL settings were silently ignored because Artemis does not expose bean-style SSL setters like Classic ActiveMQ.
dd18e7d to
0d97dce
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
When an
SSLContextServiceis configured on aJMSConnectionFactoryProviderusing ActiveMQ Artemis, the trust store and key store settings are silently ignored. This causesAMQ219007connection failures against SSL-enabled Artemis brokers.Unlike Classic ActiveMQ which exposes bean-style setters (
setTrustStore, etc.), Artemis parses SSL configuration from query-string parameters on the broker URL (sslEnabled,trustStorePath,trustStorePassword, etc.).Because the Artemis package prefix (
org.apache.activemq.artemis) matches the existing Classic ActiveMQ check (org.apache.activemq), the handler falls into the wrong branch and the reflection-based setters silently fail.This change adds Artemis-specific handling in
JMSConnectionFactoryHandlerthat augments the broker URL with SSL transport parameters from theSSLContextService. The Artemis check is ordered before the Classic ActiveMQ check to ensure correct prefix matching.Changes
JMSConnectionFactoryHandler.java: AddedconfigureArtemisSSL()method and Artemis-specific branch in SSL configuration sectionJMSConnectionFactoryProviderTest.java: Added unit tests for Artemis SSL URL constructionTesting
sslEnabledparam, trust-only and trust+key store scenarios)Related Issues
ClassCastExceptionfrom using wrong factory class)