You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2018/08/20 09:24:14 UTC
[10/21] qpid-site git commit: Update site for Qpid JMS AMQP 0-x
release 6.3.3
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Example.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Example.html b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Example.html
new file mode 100644
index 0000000..db8cd32
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Example.html
@@ -0,0 +1,326 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>9.4. Message Encryption Example - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/index.html">Qpid JMS AMQP 0-x 6.3.3</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/index.html">Apache Qpid JMS AMQP 0-8/0-9/0-9-1</a></li><li>9.4. Message Encryption Example</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">9.4. Message Encryption Example</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="JMS-Client-Message-Encryption-Receiving.html">Prev</a> </td><th align="center" width="60%">Chapter 9. Message Encryption</th><td align="right" width="20%"> <a accesskey="n" href="JMS-Client-0-8-System-Properties.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="JMS-Client-Message-Encryption-Example"></a>9.4. Message Encryption Example</h2></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Example-Introduction"></a>9.4.1. Introduction</h3></div></div></div><p>
+ In this example we will setup the Qpid Broker-J and two clients who will send each other encrypted messages.
+ The clients will use self signed certificates and the certificates will be distributed by the Broker.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Example-Prerequisites"></a>9.4.2. Prerequisites</h3></div></div></div><p>
+ For this example it is assumed the Broker is already running and that Management is enabled on port
+ 8443.
+ </p><p>
+ The example requires two (one for each client) self-signed X.509 certificates and the corresponding
+ keys. We refer to these as
+ <code class="literal">client_1/2.cert</code>
+ and
+ <code class="literal">client_1/2.key</code>
+ throughout the text below.
+ </p><p>
+ The following
+ <a class="link" href="https://www.openssl.org" target="_top">openssl</a>
+ commands can be used to generate self signed certicates suitable for this test.
+ </p><pre class="programlisting">
+openssl req -x509 -newkey rsa:4096 -keyout client_1.key -out client_1.cert -days 365 -nodes -subj "/C=US/O=Apache/OU=Qpid/CN=client1"
+openssl req -x509 -newkey rsa:4096 -keyout client_2.key -out client_2.cert -days 365 -nodes -subj "/C=US/O=Apache/OU=Qpid/CN=client2"
+ </pre><p>
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Example-Broker-Config"></a>9.4.3. Broker Configuration</h3></div></div></div><p>
+ In this example we want the broker to distribute the client certificates.
+ Essentially, we want the broker to act as a<a class="link" href="https://en.wikipedia.org/wiki/Key_server_(cryptographic)" target="_top">
+ Key Server</a>.
+ Use
+ <a class="link" href="http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html" target="_top">java's keytool</a>
+ to create a trust store containing the two client certificates.
+ </p><pre class="programlisting">
+keytool -importcert -file client_1.cert -alias client1 -keystore mytruststore.jks
+keytool -importcert -file client_2.cert -alias client2 -keystore mytruststore.jks
+ </pre><p>
+ Now a FileTrustStore can be created on the broker pointing to the java trust store that was just
+ created.
+ This can be done via the Web Management Console or the REST API:
+ </p><pre class="programlisting">curl -v -u admin https://localhost:8443/api/v6.1/truststore/clientcerts -X PUT -d
+ '{"type": "FileTrustStore", "stroeUrl": "<path_to_truststore>", "password": "<your_truststore_password>"}'
+ </pre><p>
+ The TrustStore must be configured to expose the certificates as a message source to the clients:
+ </p><pre class="programlisting">curl -v -u admin https://localhost:8443/api/v6.1/truststore/clientcerts -X POST -d
+ '{"exposedAsMessageSource": true}'
+ </pre><p>
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Example-Client-Config"></a>9.4.4. Client Configuration</h3></div></div></div><p>
+ The configuration for the clients happens in the connection URL. In this example this is provided via a
+ JNDI properties file.
+ </p><p>
+ On the producing side, in order to encrypt a message for a recipient, the Qpid client needs the
+ recipient's public certificate which is distributed by the Broker following our above broker setup. The
+ <code class="literal">encryption_remote_trust_store</code>
+ element within the connection URL provides the name of the truststore.
+ </p><p>
+ On the receiving side, in order to decrypt a message it needs a JKS keystore with the private key
+ matching the public certificate.
+ For this example, the keystores can again be created with a two-step process involving
+ <a class="link" href="https://www.openssl.org" target="_top">openssl</a>
+ and <a class="link" href="http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html" target="_top">java's keytool</a>.
+ </p><pre class="programlisting">
+openssl pkcs12 -export -in client_1.cert -inkey client_1.key -out client_1.pkcs12 -name "client1"
+openssl pkcs12 -export -in client_2.cert -inkey client_2.key -out client_2.pkcs12 -name "client2"
+
+keytool -importkeystore -destkeystore client_1.jks -srckeystore client_1.pkcs12 -srcstoretype PKCS12
+keytool -importkeystore -destkeystore client_2.jks -srckeystore client_2.pkcs12 -srcstoretype PKCS12
+ </pre><p>
+
+ </p><p>
+ The final JNDI properties file should look similar to this:
+ </p><pre class="programlisting">
+java.naming.factory.initial = org.apache.qpid.jndi.PropertiesFileInitialContextFactory
+
+# connection factories. This is where end-to-end encryption is configured on the client.
+# connectionfactory.[jndiname] = [ConnectionURL]
+connectionfactory.producerConnectionFactory = amqp://<username>:<password>@/?brokerlist='tcp://localhost:5672?encryption_remote_trust_store='$certificates%255c/clientcerts''
+connectionfactory.consumer1ConnectionFactory = amqp://<username>:<password>@/?brokerlist='tcp://localhost:5672?encryption_key_store='path/to/client_1.jks'&encryption_key_store_password='<keystore_password>''
+connectionfactory.consumer2ConnectionFactory = amqp://<username>:<password>@/?brokerlist='tcp://localhost:5672?encryption_key_store='path/to/client_2.jks'&encryption_key_store_password='<keystore_password>''
+
+# Rest of JNDI configuration. For example
+# destination.[jniName] = [Address Format]
+queue.myTestQueue = testQueue
+ </pre><p>
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Example-Application"></a>9.4.5. Application Code</h3></div></div></div><p>
+ On the producing side, the application needs to enable encryption and indicate the intended recipient(s)
+ of each message. This is done via the
+ <code class="literal">x-qpid-encrypt</code>
+ and
+ <code class="literal">x-qpid-encrypt-recipients</code>
+ message properties. Note that the order of the relative distinguished name (RDN) entries within the
+ recipent's distinguished name (DNs) is significant. If the order does not match that recorded in
+ truststore, a
+ <a class="link" href="JMS-Client-0-8-Appendix-Exceptions.html#JMS-Client-0-8-Appendix-Exceptions-CertificateException">CertificateException</a>
+ will be encountered.
+ </p><p>
+ On the receiving side, there is nothing to do. The application code does not have to add decryption code as this is handled transparently by the Qpid client library.
+ However, the receiving application should gracefully handle failures in decryption in which case the encrypted message will be delivered as a BytesMessage.
+ </p><pre class="programlisting">
+// imports omitted for brevity
+
+public class EncryptionExample {
+ public EncryptionExample() {
+ }
+
+ public static void main(String[] args) throws Exception {
+ EncryptionExample encryptionExampleApp = new EncryptionExample();
+ encryptionExampleApp.runProducerExample();
+ encryptionExampleApp.runReceiverExample();
+ }
+
+ private void runProducerExample() throws Exception
+ {
+ Connection connection = createConnection("producerConnectionFactory");
+ try {
+ Session session = connection.createSession(true, Session.SESSION_TRANSACTED);
+ Destination destination = createDesination("myTestQueue");
+
+ MessageProducer messageProducer = session.createProducer(destination);
+ TextMessage message = session.createTextMessage("Hello world!");
+
+ // ============== Enable encryption for this message ==============
+ message.setBooleanProperty("x-qpid-encrypt", true);
+ // ============== Configure recipients for encryption ==============
+ message.setStringProperty("x-qpid-encrypt-recipients", "CN=client1, OU=Qpid, O=Apache, C=US");
+
+ messageProducer.send(message);
+ session.commit();
+ }
+ finally {
+ connection.close();
+ }
+ }
+
+ private void runReceiverExample() throws Exception
+ {
+ Connection connection = createConnection("consumer1ConnectionFactory");
+ try {
+ connection.start();
+ Session session = connection.createSession(true, Session.SESSION_TRANSACTED);
+ Destination destination = createDesination("myTestQueue");
+ MessageConsumer messageConsumer = session.createConsumer(destination);
+ Message message = messageConsumer.receive();
+ if (message instanceof TextMessage) {
+ // application logic
+ System.out.println(((TextMessage) message).getText());
+ } else if (message instanceof BytesMessage) {
+ // handle potential decryption failure
+ System.out.println("Potential decryption problem. Application not in list of intended recipients?");
+ }
+ session.commit();
+ }
+ finally {
+ connection.close();
+ }
+ }
+
+ ///////////////////////////////////////
+ // The following is boilerplate code //
+ ///////////////////////////////////////
+
+ private Connection createConnection(final String connectionFactoryName) throws JMSException, IOException, NamingException
+ {
+ try (InputStream resourceAsStream = this.getClass().getResourceAsStream("example.properties")) {
+ Properties properties = new Properties();
+ properties.load(resourceAsStream);
+ Context context = new InitialContext(properties);
+ ConnectionFactory connectionFactory = (ConnectionFactory) context.lookup(connectionFactoryName);
+ final Connection connection = connectionFactory.createConnection();
+ context.close();
+ return connection;
+ }
+ }
+
+ private Destination createDesination(String desinationJndiName) throws IOException, NamingException
+ {
+ try (InputStream resourceAsStream = this.getClass().getResourceAsStream("example.properties")) {
+ Properties properties = new Properties();
+ properties.load(resourceAsStream);
+ Context context = new InitialContext(properties);
+ Destination destination = (Destination) context.lookup(desinationJndiName);
+ context.close();
+ return destination;
+ }
+ }
+}
+ </pre><p>
+ </p></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="JMS-Client-Message-Encryption-Receiving.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="JMS-Client-Message-Encryption.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="JMS-Client-0-8-System-Properties.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">9.3. Receiving an Encrypted Message </td><td align="center" width="20%"><a accesskey="h" href="JMS-Client-Book.html">Home</a></td><td align="right" valign="top" width="40%"> Chapter 10. System Properties</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Receiving.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Receiving.html b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Receiving.html
new file mode 100644
index 0000000..b3c30b9
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Receiving.html
@@ -0,0 +1,154 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>9.3. Receiving an Encrypted Message - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/index.html">Qpid JMS AMQP 0-x 6.3.3</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/index.html">Apache Qpid JMS AMQP 0-8/0-9/0-9-1</a></li><li>9.3. Receiving an Encrypted Message</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">9.3. Receiving an Encrypted Message</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="JMS-Client-Message-Encryption-Sending.html">Prev</a> </td><th align="center" width="60%">Chapter 9. Message Encryption</th><td align="right" width="20%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Example.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="JMS-Client-Message-Encryption-Receiving"></a>9.3. Receiving an Encrypted Message</h2></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Sending-Setting-KeyStore"></a>9.3.1. Providing the Key Store</h3></div></div></div><p>
+ In order for a connection to be capable of decrypting received encrypted messages, it must be provided
+ with a key store which contains the X509 certificates and associated Private Keys of the identities
+ on behalf of which it will be able to decrypt. The details of the
+ key store are supplied in the <a class="link" href="JMS-Client-0-8-Connection-URL.html" title="Chapter 7. Connection URLs">connection URL</a>.
+ The location and password for this must
+ be specified using the <a class="link" href="JMS-Client-0-8-Connection-URL.html#JMS-Client-0-8-Connection-URL-BrokerOptions-EncryptionKeyStore">
+ encryption_key_store</a> and
+ <a class="link" href="JMS-Client-0-8-Connection-URL.html#JMS-Client-0-8-Connection-URL-BrokerOptions-EncryptionKeyStorePassword">encryption_trust_store_password
+ </a> options respectively. Such a connection URL might look somthing like:
+ </p><pre class="programlisting">amqp://username:password@clientid/test?brokerlist='tcp://localhost:5672?encryption_key_store='/home/qpid/identities.jks'&encryption_key_store_password='password''</pre></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="JMS-Client-Message-Encryption-Sending.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="JMS-Client-Message-Encryption.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Example.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">9.2. Sending an Encrypted Message </td><td align="center" width="20%"><a accesskey="h" href="JMS-Client-Book.html">Home</a></td><td align="right" valign="top" width="40%"> 9.4. Message Encryption Example</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Sending.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Sending.html b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Sending.html
new file mode 100644
index 0000000..7fc21f9
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption-Sending.html
@@ -0,0 +1,203 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>9.2. Sending an Encrypted Message - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/index.html">Qpid JMS AMQP 0-x 6.3.3</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/index.html">Apache Qpid JMS AMQP 0-8/0-9/0-9-1</a></li><li>9.2. Sending an Encrypted Message</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">9.2. Sending an Encrypted Message</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="JMS-Client-Message-Encryption.html">Prev</a> </td><th align="center" width="60%">Chapter 9. Message Encryption</th><td align="right" width="20%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Receiving.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="JMS-Client-Message-Encryption-Sending"></a>9.2. Sending an Encrypted Message</h2></div></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Sending-Setting-TrustStore"></a>9.2.1. Providing the Trust Store</h3></div></div></div><p>
+ In order for a connection to be capable of sending encrypted messages, it must be provided with a trust
+ store which contains the X509 certificates of the entities to which you wish to send. The details of the
+ trust store are supplied in the <a class="link" href="JMS-Client-0-8-Connection-URL.html" title="Chapter 7. Connection URLs">connection URL</a>.
+ </p><p>
+ There are two distinct mechanisms for providing the encryption trust store. Firstly you can supply a
+ standard password-protected trust store file on the file system. The location and password for this must
+ be specified using the <a class="link" href="JMS-Client-0-8-Connection-URL.html#JMS-Client-0-8-Connection-URL-BrokerOptions-EncryptionTrustStore">
+ encryption_trust_store</a> and
+ <a class="link" href="JMS-Client-0-8-Connection-URL.html#JMS-Client-0-8-Connection-URL-BrokerOptions-EncryptionTrustStorePassword">encryption_trust_store_password
+ </a> options respectively. Such a connection URL might look somthing like:
+ </p><pre class="programlisting">amqp://username:password@clientid/test?brokerlist='tcp://localhost:5672?encryption_trust_store='/home/qpid/certificates.jks'&encryption_trust_store_password='password''</pre><p>
+ Alternatively, where available, you can configure the broker to distribute certificates from a trust
+ store (this is currently only available in the Apache Qpid Broker-J). In order to use this method, the broker
+ details in the connection url must contain the correctly configured
+ <a class="link" href="JMS-Client-0-8-Connection-URL.html#JMS-Client-0-8-Connection-URL-BrokerOptions-EncryptionRemoteTrustStore">encryption_remote_trust_store</a>
+ option. Such a connection URL might look somthing like:
+ </p><pre class="programlisting">amqp://username:password@clientid/test?brokerlist='tcp://localhost:5672?encryption_remote_trust_store='$certificates%255c/certstore''</pre><p>
+ The <code class="literal">$certificates/</code> prefix is mandatory.
+ However, in order to prevent the client from interpreting this the wrong way several layers of escaping and encoding need to take place.
+ The slash character ('/') needs to be escaped by a backslash ('\') which needs to be doubly URL encoded resulting in <code class="literal">$certificates%255c/</code>.
+ </p><p>
+ Note that to use the broker-distributed certificates the broker must be configured to expose the trust store as a message source.
+ See the broker documentation on TrustStores for more details.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Sending-Enabling-Encryption"></a>9.2.2. Enabling Encryption</h3></div></div></div><p>
+ Message encryption can be enabled individually on each sent message, or - using configuration - all
+ messages sent to a Destination can be encrypted.
+ </p><p>
+ In order to encrypt messages on a case by case basis, the appliation must set the boolean property
+ <code class="literal">x-qpid-encrypt</code> to true on the message before sending. The intended recipients of the
+ message must also be set (see
+ <a class="link" href="JMS-Client-Message-Encryption-Sending.html#JMS-Client-Message-Encryption-Sending-Choosing-Recipients" title="9.2.3. Choosing Recipients">Choosing Recipients</a>).
+ </p><pre class="programlisting">message.setBooleanProperty("x-qpid-encrypt", true);</pre><p>
+ In order to encrypt all messages sent to a given Destination, the option
+ <a class="link" href="JMS-Client-0-8-Binding-URL.html#JMS-Client-0-8-Binding-URL-Options-SendEncrypted">sendencrypted</a> can be used. Note
+ that enabling encryption on the address can be overridden by explicitly setting the property
+ <code class="literal">x-qpid-encrypt</code> to false on an individual message. An example address would look like:
+ </p><pre class="programlisting">direct:///queue/queue?sendencrypted='true'</pre></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Sending-Choosing-Recipients"></a>9.2.3. Choosing Recipients</h3></div></div></div><p>
+ Any message which is to be sent encrypted must also have a list of recipients who the sender wishes to
+ be able to decrypt the message. The recipients must be encoded as a semi-colon separated list of the
+ names given in the respective certificates of the recipients, e.g.
+ <code class="literal">cn=first@example.org,ou=example,o=example,l=ny,st=ny,c=us;cn=second@example.org,ou=example,o=example,l=ny,st=ny,c=us</code>.
+ </p><p>
+ As with enabling encryption, the recipients can be set either on a per-message basis or for all messages
+ sent to a given address. If both forms are used, the former overrides the latter. To set on an individual
+ message, set the String property <code class="literal">x-qpid-encrypt-recipients</code>.
+ </p><pre class="programlisting">message.setStringProperty("x-qpid-encrypt-recipients", "cn=only@example.org,ou=example,o=example");</pre><p>
+ To set the recipients on an address, use the address option
+ <a class="link" href="JMS-Client-0-8-Binding-URL.html#JMS-Client-0-8-Binding-URL-Options-EncryptedRecipients">encryptedrecipients</a>.
+ </p><pre class="programlisting">direct:///queue/queue?sendencrypted='true'&encryptedrecipients='cn=another@example.org,ou=example,o=example'</pre></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="JMS-Client-Message-Encryption-Sending-Exposing-Properties"></a>9.2.4. Exposing Properties</h3></div></div></div><p>
+ Message Encryption encrypts the message content and the properties set by the application. Sometimes
+ it is important to expose properties to allow (for example) message routing or message selectors within
+ the broker to work. To enable this it is possible to specify for each message all the properties which
+ the application wishes to make available to the broker. Note that exposing properties in this way means
+ that they are now visibe to anyone who can inspect the broker memory or file system stores.
+ </p><p>
+ To make message properties visible to the broker, set the String property
+ <code class="literal">x-qpid-unencrypted-properties</code> with a semi-colon separated list of the names of the
+ properties to be exposed.
+ </p><pre class="programlisting">message.setStringProperty("x-qpid-unencrypted-properties", "foo;bar;baz");</pre></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="JMS-Client-Message-Encryption.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="JMS-Client-Message-Encryption.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Receiving.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">Chapter 9. Message Encryption </td><td align="center" width="20%"><a accesskey="h" href="JMS-Client-Book.html">Home</a></td><td align="right" valign="top" width="40%"> 9.3. Receiving an Encrypted Message</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption.html b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption.html
new file mode 100644
index 0000000..004fc29
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/JMS-Client-Message-Encryption.html
@@ -0,0 +1,177 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>Chapter 9. Message Encryption - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/index.html">Qpid JMS AMQP 0-x 6.3.3</a></li><li><a href="/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/index.html">Apache Qpid JMS AMQP 0-8/0-9/0-9-1</a></li><li>Chapter 9. Message Encryption</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">Chapter 9. Message Encryption</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="JMS-Client-0-8-Binding-URL.html">Prev</a> </td><th align="center" width="60%"> </th><td align="right" width="20%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Sending.html">Next</a></td></tr></table><hr /></div><div class="chapter"><div class="titlepage"><div><div><h1 class="title"><a id="JMS-Client-Message-Encryption"></a>Chapter 9. Message Encryption</h1></div></div></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="JMS-Client-Message-Encryption.html#JMS-Client-Message-Encryption-Overview">9.1. Overview</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Sending.html">9.2. Sending an Encrypted Message</a></span></dt><dd
><dl><dt><span class="section"><a href="JMS-Client-Message-Encryption-Sending.html#JMS-Client-Message-Encryption-Sending-Setting-TrustStore">9.2.1. Providing the Trust Store</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Sending.html#JMS-Client-Message-Encryption-Sending-Enabling-Encryption">9.2.2. Enabling Encryption</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Sending.html#JMS-Client-Message-Encryption-Sending-Choosing-Recipients">9.2.3. Choosing Recipients</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Sending.html#JMS-Client-Message-Encryption-Sending-Exposing-Properties">9.2.4. Exposing Properties</a></span></dt></dl></dd><dt><span class="section"><a href="JMS-Client-Message-Encryption-Receiving.html">9.3. Receiving an Encrypted Message</a></span></dt><dd><dl><dt><span class="section"><a href="JMS-Client-Message-Encryption-Receiving.html#JMS-Client-Message-Encryption-Sending-Set
ting-KeyStore">9.3.1. Providing the Key Store</a></span></dt></dl></dd><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html">9.4. Message Encryption Example</a></span></dt><dd><dl><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html#JMS-Client-Message-Encryption-Example-Introduction">9.4.1. Introduction</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html#JMS-Client-Message-Encryption-Example-Prerequisites">9.4.2. Prerequisites</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html#JMS-Client-Message-Encryption-Example-Broker-Config">9.4.3. Broker Configuration</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html#JMS-Client-Message-Encryption-Example-Client-Config">9.4.4. Client Configuration</a></span></dt><dt><span class="section"><a href="JMS-Client-Message-Encryption-Example.html#JMS-Client-Message-Encryption-Exam
ple-Application">9.4.5. Application Code</a></span></dt></dl></dd></dl></div><p>
+ In some cases it is desirable to ensure no-one but the intended recipient(s) of a message will be able to read
+ its contents. Using SSL/TLS to encrypt traffic travelling between client and broker only ensures that those
+ snooping the network cannot read messages, however once the message arrives at the broker it is decrypted and
+ so anyone with access to the broker can read the message. For such confidential information it is necessary to
+ implement a mechanism of end-to-end encryption such that the sender of the message encrypts the message before
+ sending, and the recipient(s), upon receiving the message, decrypt it with some secret known only to them.
+ </p><p>
+ Neither JMS nor AMQP provide any defined mechanism for message encryption, however it is possible for any
+ application to build a message encryption scheme on top of a JMS API. For convenience the Client
+ provides a built in mechanism for encryption and decrypting messages. This mechanism is currently only
+ implemented in the Client for AMQP 0-8/0-9/0-9-1/0-10. If you use a different client you will be
+ unable to read encrypted messages.
+ </p><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="JMS-Client-Message-Encryption-Overview"></a>9.1. Overview</h2></div></div></div><p>
+ For each encrypted message which the client sends, a new message-specific secret key is generated. This
+ secret key is used encrypt the message contents using symmetric encryption (currently only AES-256 is
+ supported, although other algorithms may be added at a later date). For each intended recipient of the
+ message, the client encrypts the secret key using the public key associated with the recipient, and adds
+ this as a message header. On receipt of an encrypted message, the client looks to see if it has a private
+ key which can decrypt the secret key. If the client is unable to decrypt the message (for instance, because
+ they were not one of the intended recipients) then the message will be presented to the application as a
+ BytesMessage containing the encrypted data.
+ </p><p>
+ In order to send an encrypted message it is necessary to know the Certificates of the intended recipients.
+ Certificates can be distributed either through out-of-band mechanisms, or the Apache Qpid Broker-J can be used
+ to distribute them to clients.
+ </p><p>
+ In order to receive an encrypted message it is necessary to have a Certificate (which needs to be
+ distributed to those who you wish to send messages to you) and to have the private key associated with the
+ certificate so that you can decrypt messages sent to you.
+ </p><p>
+ This feature requires the Java Cryptography Extension (JCE) Unlimited Strength policy files are installed
+ in the JVM.
+ </p></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="JMS-Client-0-8-Binding-URL.html">Prev</a> </td><td align="center" width="20%"> </td><td align="right" width="40%"> <a accesskey="n" href="JMS-Client-Message-Encryption-Sending.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">Chapter 8. Binding URL </td><td align="center" width="20%"><a accesskey="h" href="JMS-Client-Book.html">Home</a></td><td align="right" valign="top" width="40%"> 9.2. Sending an Encrypted Message</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/css/style.css
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/css/style.css b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/css/style.css
new file mode 100644
index 0000000..8179bf4
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/css/style.css
@@ -0,0 +1,131 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+ul {
+ list-style-type:square;
+}
+
+th {
+ font-weight: bold;
+}
+
+.navfooter td {
+ font-size:10pt;
+}
+
+.navheader td {
+ font-size:10pt;
+}
+
+body {
+ margin:0;
+ background:#FFFFFF;
+ font-family:"Verdana", sans-serif;
+ font-size:10pt;
+}
+
+.container {
+ width:950px;
+ margin:0 auto;
+}
+
+body a {
+ color:#000000;
+}
+
+
+div.book {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.preface {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.chapter {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.section {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.titlepage {
+ margin-left:-10pt;
+ margin-right:-10pt;
+}
+
+.calloutlist td {
+ font-size:10pt;
+}
+
+.table-contents table {
+ border-spacing: 0px;
+}
+
+.table-contents td {
+ font-size:10pt;
+ padding-left:6px;
+ padding-right:6px;
+}
+
+.chapter h2.title {
+ font-size:20pt;
+ color:#0c3b82;
+}
+
+.chapter .section h2.title {
+ font-size:18pt;
+ color:#0c3b82;
+}
+
+.section h2.title {
+ font-size:16pt;
+ color:#0c3b82;
+}
+
+.section h3.title {
+ font-size:14pt;
+ color:#0c3b82;
+}
+
+.section h4.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.section h5.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.section h6.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.toc a {
+ font-size:9pt;
+}
+
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.png b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.png
new file mode 100755
index 0000000..82f6efd
Binary files /dev/null and b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.png differ
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.svg
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.svg b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.svg
new file mode 100755
index 0000000..a8d1f05
--- /dev/null
+++ b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/JndiOverview.svg
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+-->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xl="http://www.w3.org/1999/xlink" version="1.1" viewBox="61 27 572 361" width="572pt" height="361pt" xmlns:dc="http://purl.org/dc/elements/1.1/"><metadata> Produced by OmniGraffle 6.0.3 <dc:date>2013-12-29 17:48Z</dc:date></metadata><defs><filter id="Shadow" filterUnits="userSpaceOnUse"><feGaussianBlur in="SourceAlpha" result="blur" stdDeviation="1.308"/><feOffset in="blur" result="offset" dx="0" dy="2"/><feFlood flood-color="black" flood-opacity=".5" result="flood"/><feComposite in="flood" in2="offset" operator="in"/></filter><linearGradient x1="0" x2="1" id="Gradient" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#6383ab"/><stop offset="1" stop-color="white"/></linearGradient><linearGradient id="Obj_Gradient" xl:href="#Gradient" gradientTransform="translate(137 97) rotate(90) scale(78)"/><font-face font-family="Helvetica" font-size="12" units-per-em="1000" underline-position="-75.683594" underline-thickness="49.316406" sl
ope="0" x-height="532.22656" cap-height="719.72656" ascent="770.01953" descent="-229.98047" font-weight="bold"><font-face-src><font-face-name name="Helvetica-Bold"/></font-face-src></font-face><linearGradient x1="0" x2="1" id="Gradient_2" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#62a073"/><stop offset="1" stop-color="white"/></linearGradient><linearGradient id="Obj_Gradient_2" xl:href="#Gradient_2" gradientTransform="translate(552 71) rotate(90) scale(250)"/><font-face font-family="Helvetica" font-size="12" units-per-em="1000" underline-position="-75.683594" underline-thickness="49.316406" slope="0" x-height="522.94922" cap-height="717.28516" ascent="770.01953" descent="-229.98047" font-weight="500"><font-face-src><font-face-name name="Helvetica"/></font-face-src></font-face><linearGradient x1="0" x2="1" id="Gradient_3" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#baa6ff"/><stop offset="1" stop-color="#624aba"/></linearGradient><linearGradient id="
Obj_Gradient_3" xl:href="#Gradient_3" gradientTransform="translate(344.1991 155.44433) rotate(101.76829) scale(21.564619)"/><linearGradient x1="0" x2="1" id="Gradient_4" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#ff6"/><stop offset="1" stop-color="#fc6"/></linearGradient><linearGradient id="Obj_Gradient_4" xl:href="#Gradient_4" gradientTransform="translate(149.57673 206.53541) rotate(180) scale(25.153465)"/><font-face font-family="Monaco" font-size="8" units-per-em="1000" underline-position="-37.597656" underline-thickness="75.683594" slope="0" x-height="560.54688" cap-height="780.27344" ascent="1e3" descent="-250" font-weight="500"><font-face-src><font-face-name name="Monaco"/></font-face-src></font-face><font-face font-family="Monaco" font-size="7" units-per-em="1000" underline-position="-37.597656" underline-thickness="75.683594" slope="0" x-height="560.54688" cap-height="780.27344" ascent="1e3" descent="-250" font-weight="500"><font-face-src><font-face-name nam
e="Monaco"/></font-face-src></font-face><linearGradient id="Obj_Gradient_5" xl:href="#Gradient_4" gradientTransform="translate(209.73909 266.2009) rotate(99.75359) scale(20.210732)"/><font-face font-family="Helvetica Neue" font-size="12" panose-1="2 0 5 3 0 0 0 9 0 4" units-per-em="1000" underline-position="-100" underline-thickness="50" slope="-1e3" x-height="517" cap-height="714" ascent="957.00194" descent="-213.00043" font-style="italic" font-weight="500"><font-face-src><font-face-name name="HelveticaNeue-Italic"/></font-face-src></font-face><font-face font-family="Helvetica Neue" font-size="12" panose-1="2 0 8 3 0 0 0 9 0 4" units-per-em="1000" underline-position="-100" underline-thickness="50" slope="0" x-height="517" cap-height="714" ascent="975.002" descent="-217.00044" font-weight="bold"><font-face-src><font-face-name name="HelveticaNeue-Bold"/></font-face-src></font-face><font-face font-family="Helvetica Neue" font-size="11" panose-1="2 0 5 3 0 0 0 2 0 4" units-per-em="1000
" underline-position="-100" underline-thickness="50" slope="0" x-height="517" cap-height="714" ascent="952.00193" descent="-213.00043" font-weight="500"><font-face-src><font-face-name name="HelveticaNeue"/></font-face-src></font-face><linearGradient id="Obj_Gradient_6" xl:href="#Gradient_4" gradientTransform="translate(220.71163 202) rotate(140.077054) scale(25.153465)"/></defs><g stroke="none" stroke-opacity="1" stroke-dasharray="none" fill="none" fill-opacity="1"><title>JNDI overview</title><rect fill="white" width="960" height="1172"/><g><title>Layer 1</title><g><xl:use xl:href="#id26_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id570_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id10_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id594_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id19_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id599_Graphic" filter="url(#Shadow)"/><xl:use xl:href="#id600_Graphic" filter="url(#Shadow)"/></g><line x1="443.50465" y1="38.5322
98" x2="437.70354" y2="370.8774" fill="white"/><line x1="443.50465" y1="38.532298" x2="437.70354" y2="370.8774" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1" stroke-dasharray="1,4"/><g id="id26_Graphic"><path d="M 76 175 L 76 104.8 L 88.2 97 L 198 97 L 198 167.2 L 185.8 175 Z" fill="url(#Obj_Gradient)"/><path d="M 76 175 L 76 104.8 L 88.2 97 L 198 97 L 198 167.2 L 185.8 175 L 76 175 M 76 104.8 L 185.8 104.8 L 198 97 M 185.8 104.8 L 185.8 175" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(81 104.8)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="bold" x="17.233984" y="11" textLength="65.33203">Application</tspan></text></g><g id="id570_Graphic"><path d="M 486 321 L 486 96 L 499.2 71 L 618 71 L 618 296 L 604.8 321 Z" fill="url(#Obj_Gradient_2)"/><path d="M 486 321 L 486 96 L 499.2 71 L 618 71 L 618 296 L 604.8 321 L 486 321 M 486 96 L 604.8 96 L 618 71 M 604.8 96 L 60
4.8 321" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(491 96)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="bold" x="35.058203" y="11" textLength="38.683594">Broker</tspan></text></g><path d="M 107.4296 270.77631 C 94.5 267.5 99.656 239.91885 120.2816 244.625 C 122.1952 235.45121 146.18 236.94022 146.0232 244.625 C 161.0624 234.79607 180.2816 254.39476 167.3904 264.22369 C 182.8592 268.98901 167.1952 294.66391 154.5 290.375 C 153.484 297.52359 130.7888 300.0252 128.7968 290.375 C 115.9456 300.68095 89.1488 284.83498 107.4296 270.77631 Z" fill="white"/><path d="M 107.4296 270.77631 C 94.5 267.5 99.656 239.91885 120.2816 244.625 C 122.1952 235.45121 146.18 236.94022 146.0232 244.625 C 161.0624 234.79607 180.2816 254.39476 167.3904 264.22369 C 182.8592 268.98901 167.1952 294.66391 154.5 290.375 C 153.484 297.52359 130.7888 300.0252 128.7968 290.375 C 115.9456 300.68095 89.1488 284.83498 107.4296 27
0.77631 Z" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(114 260.5)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="500" x="9.666992" y="11" textLength="26.666016">JNDI</tspan></text><path d="M 198 136 L 224.69935 130.54855 L 223.59255 135.86122 L 462.59204 185.65278 L 463.69884 180.34011 L 486 196 L 459.30065 201.45145 L 460.40745 196.13878 L 221.40796 146.34722 L 220.30116 151.65989 Z" fill="url(#Obj_Gradient_3)"/><path d="M 198 136 L 224.69935 130.54855 L 223.59255 135.86122 L 462.59204 185.65278 L 463.69884 180.34011 L 486 196 L 459.30065 201.45145 L 460.40745 196.13878 L 221.40796 146.34722 L 220.30116 151.65989 Z" stroke="#513d99" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><path d="M 130.71163 175 L 143.28837 175 L 143.28837 218.07082 L 149.57673 218.07082 L 137 238.07083 L 124.42327 218.07082 L 130.71163 218.07082 Z" fill="url(#Obj_Gradient_4)"/><path d="M 130.71163 175
L 143.28837 175 L 143.28837 218.07082 L 149.57673 218.07082 L 137 238.07083 L 124.42327 218.07082 L 130.71163 218.07082 Z" stroke="#e97b00" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(144 187.88385) rotate(90)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="500" x="0" y="11" textLength="35.361328">lookup</tspan></text><path d="M 413 266.0802 C 413 258.69126 410.8283 257.7771 394.96463 250.4646 L 394.79705 250.38894 C 378.8496 243 378.68372 243 362.3173 243 C 340.52507 243 242 243 242 243 L 242 321 L 413 321 L 413 266.0802 Z" fill="white"/><path d="M 413 266.0802 C 413 258.69126 410.8283 257.7771 394.96463 250.4646 L 394.79705 250.38894 C 378.8496 243 378.68372 243 362.3173 243 C 340.52507 243 242 243 242 243 L 242 321 L 413 321 L 413 266.0802 Z M 413 265.69956 C 413 258.69126 412.83242 258.69126 378.68372 258.69126 L 378.68372 258.69126 C 378.68372 243.07644 378.68372 243 363.31937 243" stroke="black" stroke-l
inecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(247 260)" fill="black"><tspan font-family="Monaco" font-size="8" font-weight="500" x="0" y="8" textLength="139.22266">java.naming.factory.initial=…</tspan><tspan font-family="Monaco" font-size="7" font-weight="500" x="0" y="19" textLength="100.816406">connectionfactory.qpidCF</tspan><tspan font-family="Monaco" font-size="8" font-weight="500" x="100.816406" y="19" textLength="9.6015625">=…</tspan><tspan font-family="Monaco" font-size="8" font-weight="500" x="0" y="30" textLength="100.816406">queue.mytrades=trades</tspan><tspan font-family="Monaco" font-size="8" font-weight="500" x="0" y="41" textLength="148.82422">queue.myinstruments=instruments</tspan></text><path d="M 173.19828 275.30005 L 174.91024 265.34075 L 223.14507 273.63212 L 224.00105 268.65248 L 242 282 L 220.57713 288.57107 L 221.43311 283.59142 Z" fill="url(#Obj_Gradient_5)"/><path d="M 173.19828 275.30005 L 174.91024 265.34075 L 223.
14507 273.63212 L 224.00105 268.65248 L 242 282 L 220.57713 288.57107 L 221.43311 283.59142 Z" stroke="#e97b00" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(189.84696 258.82977) rotate(9.75359)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="500" fill="black" x="1.16878206" y="11" textLength="19.347656">defi</tspan><tspan font-family="Helvetica" font-size="12" font-weight="500" fill="black" x="20.516438" y="11" textLength="23.355469">ned </tspan><tspan font-family="Helvetica" font-size="12" font-weight="500" fill="black" x="14.516438" y="25" textLength="12.673828">by</tspan></text><g id="id10_Graphic"><path d="M 551.4536 133.07864 L 587.49484 133.70774 C 589.9817 133.75115 591.785 146.1045 591.52006 161.28219 C 591.25513 176.45988 589.0218 188.74277 586.53496 188.69936 L 550.49372 188.07026 C 548.00687 188.02685 546.20358 175.6735 546.4685 160.49581 C 546.73343 145.31812 548.96675 133.03523 551.4536 133.07864" f
ill="#218041"/><path d="M 551.4536 133.07864 L 587.49484 133.70774 C 589.9817 133.75115 591.785 146.1045 591.52006 161.28219 C 591.25513 176.45988 589.0218 188.74277 586.53496 188.69936 L 550.49372 188.07026 C 548.00687 188.02685 546.20358 175.6735 546.4685 160.49581 C 546.73343 145.31812 548.96675 133.03523 551.4536 133.07864 M 587.49484 133.70774 C 585.008 133.66433 582.77468 145.94723 582.50975 161.12491 C 582.24482 176.3026 584.0481 188.65596 586.53496 188.69936" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/></g><text transform="translate(201.5625 332)" fill="#7e7e7e"><tspan font-family="Helvetica Neue" font-size="12" font-style="italic" font-weight="500" fill="#7e7e7e" x="18.36675" y="11" textLength="21.12">Defi</tspan><tspan font-family="Helvetica Neue" font-size="12" font-style="italic" font-weight="500" fill="#7e7e7e" x="39.48675" y="11" textLength="125.796">nes the JMS administer</tspan><tspan font-family="Helvetica Neue" font-size="12" fon
t-style="italic" font-weight="500" fill="#7e7e7e" x="165.06675" y="11" textLength="59.34">ed objects </tspan><tspan font-family="Helvetica Neue" font-size="12" font-style="italic" font-weight="500" fill="#7e7e7e" x="19.71075" y="25" textLength="200.016">(connection factories, queues, topics)</tspan><tspan font-family="Helvetica Neue" font-size="12" font-style="italic" font-weight="500" fill="#7e7e7e" x="57.58875" y="39" textLength="124.26">used by the application</tspan></text><text transform="translate(247 223)" fill="black"><tspan font-family="Helvetica Neue" font-size="12" font-weight="bold" x=".064" y="12" textLength="36.216">jndi.pr</tspan><tspan font-family="Helvetica Neue" font-size="12" font-weight="bold" x="36.064" y="12" textLength="46.872">operties</tspan></text><text transform="translate(548 159.778)" fill="black"><tspan font-family="Helvetica Neue" font-size="11" font-weight="500" x=".0175" y="10" textLength="30.965">trades</tspan></text><g id="id594_Graphic"><path d="M
550.24356 203.85664 L 586.2848 204.48574 C 588.77165 204.52915 590.57495 216.8825 590.31002 232.06019 C 590.0451 247.23788 587.81177 259.52077 585.32492 259.47736 L 549.28368 258.84826 C 546.79683 258.80485 544.99354 246.4515 545.25846 231.27381 C 545.5234 216.09612 547.7567 203.81323 550.24356 203.85664" fill="#218041"/><path d="M 550.24356 203.85664 L 586.2848 204.48574 C 588.77165 204.52915 590.57495 216.8825 590.31002 232.06019 C 590.0451 247.23788 587.81177 259.52077 585.32492 259.47736 L 549.28368 258.84826 C 546.79683 258.80485 544.99354 246.4515 545.25846 231.27381 C 545.5234 216.09612 547.7567 203.81323 550.24356 203.85664 M 586.2848 204.48574 C 583.79796 204.44233 581.56464 216.72523 581.2997 231.90291 C 581.03478 247.0806 582.83808 259.43396 585.32492 259.47736" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/></g><text transform="translate(540 224)" fill="black"><tspan font-family="Helvetica Neue" font-size="11" font-weight="500" x=".1635"
y="10" textLength="57.673">instruments</tspan></text><path d="M 176.95547 179.10681 L 186.60067 171.0356 L 232.34226 225.69743 L 237.16486 221.66183 L 240.3548 245.0712 L 217.87446 237.80424 L 222.69706 233.76864 Z" fill="url(#Obj_Gradient_6)"/><path d="M 176.95547 179.10681 L 186.60067 171.0356 L 232.34226 225.69743 L 237.16486 221.66183 L 240.3548 245.0712 L 217.87446 237.80424 L 222.69706 233.76864 Z" stroke="#e97b00" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/><text transform="translate(197.6773 183.16345) rotate(50.077054)" fill="black"><tspan font-family="Helvetica" font-size="12" font-weight="500" x="0" y="11" textLength="30.017578">reads</tspan></text><g id="id19_Graphic"><rect x="499" y="152" width="31" height="32" fill="#218041"/><rect x="499" y="152" width="31" height="32" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/></g><g id="id599_Graphic"><rect x="499" y="195" width="31" height="32" fill="#218041"/><rect x="499"
y="195" width="31" height="32" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/></g><g id="id600_Graphic"><rect x="499" y="238" width="31" height="32" fill="#218041"/><rect x="499" y="238" width="31" height="32" stroke="black" stroke-linecap="round" stroke-linejoin="round" stroke-width="1"/></g></g></g></svg>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/02e60e87/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/QpidJmsOverview.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/QpidJmsOverview.png b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/QpidJmsOverview.png
new file mode 100755
index 0000000..1f90905
Binary files /dev/null and b/content/releases/qpid-jms-amqp-0-x-6.3.3/jms-amqp-0-8-book/images/QpidJmsOverview.png differ
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org