You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Peter Grzeschik <pe...@plan.one> on 2021/07/15 17:24:23 UTC
[Qpid Java] How do I connect with ActiveMQ at AWS?
Hello,
I am trying to create/send a message to a topic.
For this I'm using Java/Kotlin with https://qpid.apache.org/releases/qpid-protonj2-1.0.0-M1
Target-Broker: ActiveMQ v5.15.15
Target-URL: amqp+ssl://b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.amazonaws.com:5671
On ActiveMQ the access is restricted to users, but they are currently allowed to create a topic: <authorizationEntry admin="myUserName" read="myUserName" topic=">" write="myUserName"/>
-----------8<---------------------------
val client = Client.create(ClientOptions().id("myClientId"))
val options = ConnectionOptions()
options.user("myUserName")
options.password("myPassword")
options.reconnectEnabled(true)
options.sslEnabled(true)
// options.saslOptions().saslEnabled(true)
// options.saslOptions().addAllowedMechanism("PLAIN")
val connection = client.connect("b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.amazonaws.com", 5671, options)
val session = connection.openSession()
val sender = session.openSender("topic://myTopic")
----------->8---------------------------
With SSL only (as above) I get:
-----------8<---------------------------
[org.apache.qpid.protonj2.client.impl.ClientTransportListener] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during incoming data processing: Received SASL Header but no SASL support configured: org.apache.qpid.protonj2.engine.exceptions.EngineFailedException: Received SASL Header but no SASL support configured
----------->8---------------------------
With SSL + SASL:
-----------8<---------------------------
[org.apache.qpid.protonj2.client.impl.ClientConnection] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Connection ID:xxxx:1:1 has failed due to: ClientConnectionSecuritySaslException -> SASL exchange failed to authenticate client
[org.apache.qpid.protonj2.client.impl.ClientTransportListener] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during incoming data processing: Cannot ingest data into an Engine that has been shutdown or failed: org.apache.qpid.protonj2.engine.exceptions.EngineFailedException: Cannot ingest data into an Engine that has been shutdown or failed
----------->8---------------------------
What do I need to do to connect to ActiveMQ in AWS?
Best Regards,
Peter
Re: AW: [Qpid Java] How do I connect with ActiveMQ at AWS?
Posted by Timothy Bish <ta...@gmail.com>.
On 7/23/21 5:56 AM, Peter Grzeschik wrote:
> Hello Tim,
>
> sorry for the late reply.
>
> In the end, it was the password that was wrong.
> It had a $-character, so that an error happened during the transfer in the shell. My fault.
>
> Then I added the trust store and it worked.
> Thanks.
>
> Best Regards,
> Peter
Great to hear that it works for you, thanks for closing the loop on that.
>
> -----Ursprüngliche Nachricht-----
> Von: Timothy Bish <ta...@gmail.com>
> Gesendet: Donnerstag, 15. Juli 2021 19:44
> An: users@qpid.apache.org
> Betreff: Re: [Qpid Java] How do I connect with ActiveMQ at AWS?
>
> On 7/15/21 1:24 PM, Peter Grzeschik wrote:
>> Hello,
>>
>> I am trying to create/send a message to a topic.
>> For this I'm using Java/Kotlin with
>> https://qpid.apache.org/releases/qpid-protonj2-1.0.0-M1
>>
>> Target-Broker: ActiveMQ v5.15.15
>> Target-URL:
>> amqp+ssl://b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.a
>> mazonaws.com:5671 On ActiveMQ the access is restricted to users, but
>> they are currently allowed to create a topic: <authorizationEntry
>> admin="myUserName" read="myUserName" topic=">" write="myUserName"/>
>>
>>
>> -----------8<---------------------------
>> val client = Client.create(ClientOptions().id("myClientId"))
>> val options = ConnectionOptions()
>> options.user("myUserName")
>> options.password("myPassword")
>> options.reconnectEnabled(true)
>> options.sslEnabled(true)
>> // options.saslOptions().saslEnabled(true)
>> // options.saslOptions().addAllowedMechanism("PLAIN")
>> val connection =
>> client.connect("b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-centra
>> l-1.amazonaws.com", 5671, options) val session =
>> connection.openSession() val sender =
>> session.openSender("topic://myTopic")
>> ----------->8---------------------------
>>
>> With SSL only (as above) I get:
>> -----------8<---------------------------
>> [org.apache.qpid.protonj2.client.impl.ClientTransportListener]
>> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during
>> incoming data processing: Received SASL Header but no SASL support
>> configured:
>> org.apache.qpid.protonj2.engine.exceptions.EngineFailedException:
>> Received SASL Header but no SASL support configured
>> ----------->8---------------------------
> This error would imply you've disabled SASL on the client but the broker is indicating it wants a SASL exchange in order to allow the client to connect even if that is done via an SASL ANONYMOUS mechanism.
>
>
>> With SSL + SASL:
>> -----------8<---------------------------
>> [org.apache.qpid.protonj2.client.impl.ClientConnection]
>> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Connection ID:xxxx:1:1
>> has failed due to: ClientConnectionSecuritySaslException -> SASL
>> exchange failed to authenticate client
>> [org.apache.qpid.protonj2.client.impl.ClientTransportListener]
>> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during
>> incoming data processing: Cannot ingest data into an Engine that has
>> been shutdown or failed:
>> org.apache.qpid.protonj2.engine.exceptions.EngineFailedException:
>> Cannot ingest data into an Engine that has been shutdown or failed
>> ----------->8---------------------------
> This one indicates there's either an error in the SASL authentication exchange or possibly you've configured SSL but not added any trust store configuration to allow the client to fully connect and validate the broker certificate.
>
> I'd suggest turning on AMQP frame tracing using PN_TRACE_FRM=true and capturing trace logs to dig a bit deeper. I've not attempted any connections to AWS ActiveMQ or much testing with ActiveMQ 5 in general.
>
>> What do I need to do to connect to ActiveMQ in AWS?
>>
>> Best Regards,
>> Peter
>>
--
Tim Bish
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org
AW: [Qpid Java] How do I connect with ActiveMQ at AWS?
Posted by Peter Grzeschik <pe...@plan.one>.
Hello Tim,
sorry for the late reply.
In the end, it was the password that was wrong.
It had a $-character, so that an error happened during the transfer in the shell. My fault.
Then I added the trust store and it worked.
Thanks.
Best Regards,
Peter
-----Ursprüngliche Nachricht-----
Von: Timothy Bish <ta...@gmail.com>
Gesendet: Donnerstag, 15. Juli 2021 19:44
An: users@qpid.apache.org
Betreff: Re: [Qpid Java] How do I connect with ActiveMQ at AWS?
On 7/15/21 1:24 PM, Peter Grzeschik wrote:
> Hello,
>
> I am trying to create/send a message to a topic.
> For this I'm using Java/Kotlin with
> https://qpid.apache.org/releases/qpid-protonj2-1.0.0-M1
>
> Target-Broker: ActiveMQ v5.15.15
> Target-URL:
> amqp+ssl://b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.a
> mazonaws.com:5671 On ActiveMQ the access is restricted to users, but
> they are currently allowed to create a topic: <authorizationEntry
> admin="myUserName" read="myUserName" topic=">" write="myUserName"/>
>
>
> -----------8<---------------------------
> val client = Client.create(ClientOptions().id("myClientId"))
> val options = ConnectionOptions()
> options.user("myUserName")
> options.password("myPassword")
> options.reconnectEnabled(true)
> options.sslEnabled(true)
> // options.saslOptions().saslEnabled(true)
> // options.saslOptions().addAllowedMechanism("PLAIN")
> val connection =
> client.connect("b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-centra
> l-1.amazonaws.com", 5671, options) val session =
> connection.openSession() val sender =
> session.openSender("topic://myTopic")
> ----------->8---------------------------
>
> With SSL only (as above) I get:
> -----------8<---------------------------
> [org.apache.qpid.protonj2.client.impl.ClientTransportListener]
> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during
> incoming data processing: Received SASL Header but no SASL support
> configured:
> org.apache.qpid.protonj2.engine.exceptions.EngineFailedException:
> Received SASL Header but no SASL support configured
> ----------->8---------------------------
This error would imply you've disabled SASL on the client but the broker is indicating it wants a SASL exchange in order to allow the client to connect even if that is done via an SASL ANONYMOUS mechanism.
> With SSL + SASL:
> -----------8<---------------------------
> [org.apache.qpid.protonj2.client.impl.ClientConnection]
> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Connection ID:xxxx:1:1
> has failed due to: ClientConnectionSecuritySaslException -> SASL
> exchange failed to authenticate client
> [org.apache.qpid.protonj2.client.impl.ClientTransportListener]
> (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during
> incoming data processing: Cannot ingest data into an Engine that has
> been shutdown or failed:
> org.apache.qpid.protonj2.engine.exceptions.EngineFailedException:
> Cannot ingest data into an Engine that has been shutdown or failed
> ----------->8---------------------------
This one indicates there's either an error in the SASL authentication exchange or possibly you've configured SSL but not added any trust store configuration to allow the client to fully connect and validate the broker certificate.
I'd suggest turning on AMQP frame tracing using PN_TRACE_FRM=true and capturing trace logs to dig a bit deeper. I've not attempted any connections to AWS ActiveMQ or much testing with ActiveMQ 5 in general.
>
> What do I need to do to connect to ActiveMQ in AWS?
>
> Best Regards,
> Peter
>
--
Tim Bish
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org
Re: [Qpid Java] How do I connect with ActiveMQ at AWS?
Posted by Timothy Bish <ta...@gmail.com>.
On 7/15/21 1:24 PM, Peter Grzeschik wrote:
> Hello,
>
> I am trying to create/send a message to a topic.
> For this I'm using Java/Kotlin with https://qpid.apache.org/releases/qpid-protonj2-1.0.0-M1
>
> Target-Broker: ActiveMQ v5.15.15
> Target-URL: amqp+ssl://b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.amazonaws.com:5671
> On ActiveMQ the access is restricted to users, but they are currently allowed to create a topic: <authorizationEntry admin="myUserName" read="myUserName" topic=">" write="myUserName"/>
>
>
> -----------8<---------------------------
> val client = Client.create(ClientOptions().id("myClientId"))
> val options = ConnectionOptions()
> options.user("myUserName")
> options.password("myPassword")
> options.reconnectEnabled(true)
> options.sslEnabled(true)
> // options.saslOptions().saslEnabled(true)
> // options.saslOptions().addAllowedMechanism("PLAIN")
> val connection = client.connect("b-xxxxxxxx-xxxx-4xxx-xxxx-xxxxxxxxxxxxx-1.mq.eu-central-1.amazonaws.com", 5671, options)
> val session = connection.openSession()
> val sender = session.openSender("topic://myTopic")
> ----------->8---------------------------
>
> With SSL only (as above) I get:
> -----------8<---------------------------
> [org.apache.qpid.protonj2.client.impl.ClientTransportListener] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during incoming data processing: Received SASL Header but no SASL support configured: org.apache.qpid.protonj2.engine.exceptions.EngineFailedException: Received SASL Header but no SASL support configured
> ----------->8---------------------------
This error would imply you've disabled SASL on the client but the broker
is indicating it wants a SASL exchange in order to allow the client to
connect even if that is done via an SASL ANONYMOUS mechanism.
> With SSL + SASL:
> -----------8<---------------------------
> [org.apache.qpid.protonj2.client.impl.ClientConnection] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Connection ID:xxxx:1:1 has failed due to: ClientConnectionSecuritySaslException -> SASL exchange failed to authenticate client
> [org.apache.qpid.protonj2.client.impl.ClientTransportListener] (ClientConnection :(ID:xxxx:1:1): I/O Thread) Caught problem during incoming data processing: Cannot ingest data into an Engine that has been shutdown or failed: org.apache.qpid.protonj2.engine.exceptions.EngineFailedException: Cannot ingest data into an Engine that has been shutdown or failed
> ----------->8---------------------------
This one indicates there's either an error in the SASL authentication
exchange or possibly you've configured SSL but not added any trust store
configuration to allow the client to fully connect and validate the
broker certificate.
I'd suggest turning on AMQP frame tracing using PN_TRACE_FRM=true and
capturing trace logs to dig a bit deeper. I've not attempted any
connections to AWS ActiveMQ or much testing with ActiveMQ 5 in general.
>
> What do I need to do to connect to ActiveMQ in AWS?
>
> Best Regards,
> Peter
>
--
Tim Bish
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org