You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by or...@apache.org on 2018/04/05 17:25:18 UTC
[17/32] qpid-site git commit: QPID-8148: Update site for Qpid
Broker-J release 7.0.3
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security-Group-Providers.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security-Group-Providers.html b/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security-Group-Providers.html
new file mode 100644
index 0000000..17ea815
--- /dev/null
+++ b/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security-Group-Providers.html
@@ -0,0 +1,179 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>8.2. Group Providers - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-broker-j-7.0.3/index.html">Qpid Broker-J 7.0.3</a></li><li><a href="/releases/qpid-broker-j-7.0.3/book/index.html">Apache Qpid Broker-J</a></li><li>8.2. Group Providers</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">8.2. Group Providers</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="Java-Broker-Security.html">Prev</a> </td><th align="center" width="60%">Chapter 8. Security</th><td align="right" width="20%"> <a accesskey="n" href="Java-Broker-Security-AccessControlProviders.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="Java-Broker-Security-Group-Providers"></a>8.2. Group Providers</h2></div></div></div><p>
+ The Apache Qpid Broker-J utilises GroupProviders to allow assigning users to groups for use in <a class="link" href="Java-Broker-Security-AccessControlProviders.html" title="8.3. Access Control Providers">ACLs</a>.
+ Following authentication by a given <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-Authentication-Providers" title="8.1. Authentication Providers">Authentication Provider</a>,
+ the configured Group Providers are consulted allowing the assignment of GroupPrincipals for a given authenticated user. Any number of
+ Group Providers can be added into the Broker. All of them will be checked for the presence of the groups for a given authenticated user.
+ </p><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="File-Group-Manager"></a>8.2.1. GroupFile Provider</h3></div></div></div><p>
+ The <span class="emphasis"><em>GroupFile</em></span> Provider allows specifying group membership in a flat file on disk.
+ On adding a new GroupFile Provider the path to the groups file is required to be specified.
+ If file does not exist an empty file is created automatically. On deletion of GroupFile Provider
+ the groups file is deleted as well. Only one instance of "GroupFile" Provider per groups file location can be created.
+ On attempt to create another GroupFile Provider pointing to the same location the error will be displayed and
+ the creation will be aborted.
+ </p><div class="section"><div class="titlepage"><div><div><h4 class="title"><a id="File-Group-Manager-FileFormat"></a>8.2.1.1. File Format</h4></div></div></div><p>
+ The groups file has the following format:
+ </p><pre class="programlisting">
+ # <GroupName>.users = <comma delimited user list>
+ # For example:
+
+ administrators.users = admin,manager
+</pre><p>
+ Only users can be added to a group currently, not other groups. Usernames can't contain commas.
+ </p><p>
+ Lines starting with a '#' are treated as comments when opening the file, but these are not preserved when the broker updates the file due to changes made through the management interface.
+ </p></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Group-Providers-ManagedGroupProvider"></a>8.2.2. ManagedGroupProvider</h3></div></div></div><p>
+ The <span class="emphasis"><em>ManagedGroupProvider</em></span> allows specifying group membership as part of broker configuration.
+ In future version of Brokers GroupFile Provider will be replaced by this one.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Group-Providers-CloudFoundry"></a>8.2.3. CloudFoundryDashboardManagementGroupProvider</h3></div></div></div><p>
+ The <span class="emphasis"><em>CloudFoundryDashboardManagementGroupProvider</em></span>
+ allows mapping of service instance ids to qpid management groups.
+ </p><p>
+ One use case is restricting management capabilities of a OAuth2 authenticated user to certain virtual
+ hosts. For this, one would associate a cloudfoundry service id with each virtual host and have an ACL with a
+ separate management group for each virtual host. Given the correct service instance id to
+ management group mapping the GroupProvider will then associate the user with each management group the user
+ is provisioned to manage the associated service instance in the <a class="link" href="http://docs.cloudfoundry.org/services/dashboard-sso.html#checking-user-permissions" target="_top">CloudFoundry dashboard</a>.
+ </p></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="Java-Broker-Security.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="Java-Broker-Security.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="Java-Broker-Security-AccessControlProviders.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">Chapter 8. Security </td><td align="center" width="20%"><a accesskey="h" href="Apache-Qpid-Broker-J-Book.html">Home</a></td><td align="right" valign="top" width="40%"> 8.3. Access Control Providers</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security.html b/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security.html
new file mode 100644
index 0000000..e45e268
--- /dev/null
+++ b/content/releases/qpid-broker-j-7.0.3/book/Java-Broker-Security.html
@@ -0,0 +1,295 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>Chapter 8. Security - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-broker-j-7.0.3/index.html">Qpid Broker-J 7.0.3</a></li><li><a href="/releases/qpid-broker-j-7.0.3/book/index.html">Apache Qpid Broker-J</a></li><li>Chapter 8. Security</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">Chapter 8. Security</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="Java-Broker-Management-Managing-Plugin-HTTP.html">Prev</a> </td><th align="center" width="60%"> </th><td align="right" width="20%"> <a accesskey="n" href="Java-Broker-Security-Group-Providers.html">Next</a></td></tr></table><hr /></div><div class="chapter"><div class="titlepage"><div><div><h1 class="title"><a id="Java-Broker-Security"></a>Chapter 8. Security</h1></div></div></div><div class="toc"><p><strong>Table of Contents</strong></p><dl class="toc"><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-Authentication-Providers">8.1. Authentication Providers</a></span></dt><dd><dl><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-LDAP-Provider">8.1.1. Simple LDAP</a></s
pan></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-Kerberos-Provider">8.1.2. Kerberos</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-OAuth2-Provider">8.1.3. OAuth2</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-External-Provider">8.1.4. External (SSL Client Certificates)</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-Anonymous-Provider">8.1.5. Anonymous</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-ScramSha-Providers">8.1.6. SCRAM SHA</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-Plain-Provider">8.1.7. Plain</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-PlainPasswordFile-Provider">8.1.8. Plain Password File <span class="emphasis"><em>(Deprecated)
</em></span></a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-MD5-Provider">8.1.9. MD5 Provider</a></span></dt><dt><span class="section"><a href="Java-Broker-Security.html#Java-Broker-Security-Base64MD5PasswordFile-Provider">8.1.10. Base64MD5 Password File <span class="emphasis"><em>(Deprecated)</em></span></a></span></dt></dl></dd><dt><span class="section"><a href="Java-Broker-Security-Group-Providers.html">8.2. Group Providers</a></span></dt><dd><dl><dt><span class="section"><a href="Java-Broker-Security-Group-Providers.html#File-Group-Manager">8.2.1. GroupFile Provider</a></span></dt><dt><span class="section"><a href="Java-Broker-Security-Group-Providers.html#Java-Broker-Security-Group-Providers-ManagedGroupProvider">8.2.2. ManagedGroupProvider</a></span></dt><dt><span class="section"><a href="Java-Broker-Security-Group-Providers.html#Java-Broker-Security-Group-Providers-CloudFoundry">8.2.3. CloudFoundryDashboardManagementGroupProvi
der</a></span></dt></dl></dd><dt><span class="section"><a href="Java-Broker-Security-AccessControlProviders.html">8.3. Access Control Providers</a></span></dt><dd><dl><dt><span class="section"><a href="Java-Broker-Security-AccessControlProviders.html#Java-Broker-Security-AccessControlProviders-Types">8.3.1. Types</a></span></dt><dt><span class="section"><a href="Java-Broker-Security-AccessControlProviders.html#Java-Broker-Security-AccessControlProviders-ACLRules">8.3.2.
+ ACL Rules
+ </a></span></dt><dt><span class="section"><a href="Java-Broker-Security-AccessControlProviders.html#Java-Broker-Security-AccessControlProviders-Syntax">8.3.3.
+ Syntax
+ </a></span></dt><dt><span class="section"><a href="Java-Broker-Security-AccessControlProviders.html#Java-Broker-Security-AccessControlProviders-WorkedExamples">8.3.4.
+ Worked Examples
+ </a></span></dt></dl></dd><dt><span class="section"><a href="Java-Broker-Security-Configuration-Encryption.html">8.4. Configuration Encryption</a></span></dt><dd><dl><dt><span class="section"><a href="Java-Broker-Security-Configuration-Encryption.html#Java-Broker-Security-Configuration-Encryption-Configuration">8.4.1. Configuration</a></span></dt><dt><span class="section"><a href="Java-Broker-Security-Configuration-Encryption.html#Java-Broker-Security-Configuration-Encryption-Alternate-Implementations">8.4.2. Alternate Implementations</a></span></dt></dl></dd></dl></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="Java-Broker-Security-Authentication-Providers"></a>8.1. Authentication Providers</h2></div></div></div><p> In order to successfully establish a connection to the Broker, the connection must be
+ authenticated. The Broker supports a number of different authentication schemes, each with
+ its own "authentication provider". Any number of Authentication Providers can be configured on
+ the Broker at the same time. </p><div class="important" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Important</h3><p> Only unused Authentication Provider can be deleted. For delete requests attempting to
+ delete Authentication Provider associated with the Ports, the errors will be returned and
+ delete operations will be aborted. It is possible to change the Authentication Provider on
+ Port at runtime. However, the Broker restart is required for changes on Port to take effect.
+ </p></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>
+ Authentication Providers may choose to selectively disable certain authentication mechanisms
+ depending on whether an encrypted transport is being used or not. This is to avoid insecure
+ configurations. Notably, by default the PLAIN mechanism will be disabled on non-SSL
+ connections. This security feature can be overwritten by setting
+ </p><pre class="programlisting">secureOnlyMechanisms = []</pre><p> in the authentication provider
+ section of the config.json.
+ </p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>
+ Changing the secureOnlyMechanism is a breach of security and might cause passwords to be
+ transfered in the clear. Use at your own risk!
+ </p></div><p>
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-LDAP-Provider"></a>8.1.1. Simple LDAP</h3></div></div></div><p> The Simple LDAP authenticates connections against a Directory (LDAP). </p><p> To create a SimpleLDAPAuthenticationProvider the following mandatory fields are required: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p><span class="emphasis"><em>LDAP server URL</em></span> is the URL of the server, for example,
+ <code class="literal">ldaps://example.com:636</code></p></li><li class="listitem"><p><span class="emphasis"><em>Search context</em></span> is the distinguished name of the search base
+ object. It defines the location from which the search for users begins, for example,
+ <code class="literal">dc=users,dc=example,dc=com</code></p></li><li class="listitem"><p><span class="emphasis"><em>Search filter</em></span> is a DN template to find an LDAP user entry by
+ provided user name, for example, <code class="literal">(uid={0})</code></p></li></ul></div><p> Additionally, the following optional fields can be specified: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p><span class="emphasis"><em>LDAP context factory</em></span> is a fully qualified class name for the
+ JNDI LDAP context factory. This class must implement the <a class="link" href="http://docs.oracle.com/javase/7/docs/api/javax/naming/spi/InitialContextFactory.html" target="_top">InitialContextFactory</a> interface and produce instances of <a class="link" href="http://docs.oracle.com/javase/7/docs/api/javax/naming/directory/DirContext.html" target="_top">DirContext</a>. If
+ not specified a default value of <code class="literal">com.sun.jndi.ldap.LdapCtxFactory</code> is
+ used.</p></li><li class="listitem"><p><span class="emphasis"><em>LDAP authentication URL</em></span> is the URL of LDAP server for
+ performing "ldap bind". If not specified, the <span class="emphasis"><em>LDAP server URL</em></span> will
+ be used for both searches and authentications.</p></li><li class="listitem"><p><span class="emphasis"><em>Truststore name</em></span> is a name of <a class="link" href="Java-Broker-Management-Managing-Truststores.html#Java-Broker-Management-Managing-Truststores-Attributes" title="7.12.2. Attributes">configured
+ truststore</a>. Use this if connecting to a Directory over SSL (i.e. ldaps://)
+ which is protected by a certificate signed by a private CA (or utilising a self-signed
+ certificate).</p></li><li class="listitem"><p>Additional group information can be obtained from LDAP.
+ There are two common ways of representing group membership in LDAP.
+ </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: circle; "><li class="listitem">
+ User entries can hold membership information as attribute.
+ To use this the <span class="emphasis"><em>attribute name</em></span> that holds the group information must be specified.
+ </li><li class="listitem">
+ Group entries can hold a list of their members as attribute.
+ This can be used by specifying a <span class="emphasis"><em>search context</em></span> and <span class="emphasis"><em>search filter</em></span> to find all groups that the user should be considered a member of.
+ Typically this involves filtering groups by looking for the user's DN on a group attribute.
+ The <span class="emphasis"><em>subtree search scope</em></span> determines whether the search should include the subtree extending from the <span class="emphasis"><em>search context</em></span>.
+ </li></ul></div><p>
+ </p></li></ul></div><p>
+ </p><div class="important" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Important</h3><p>In order to protect the security of the user's password, when using LDAP authentication,
+ you must: </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>Use SSL on the broker's AMQP and HTTP ports to protect the password during
+ transmission to the Broker. The Broker enforces this restriction automatically on AMQP
+ and HTTP ports.</p></li><li class="listitem"><p>Authenticate to the Directory using SSL (i.e. ldaps://) to protect the password
+ during transmission from the Broker to the Directory.</p></li></ul></div></div><p> The LDAP Authentication Provider works in the following manner. If not in <code class="literal">bind
+ without search</code> mode, it first connects to the Directory and searches for the ldap
+ entity which is identified by the username. The search begins at the distinguished name
+ identified by <code class="literal">Search Context</code> and uses the username as a filter. The search
+ scope is sub-tree meaning the search will include the base object and the subtree extending
+ beneath it. </p><p> If the search returns a match, or is configured in <code class="literal">bind without search</code>
+ mode, the Authentication Provider then attempts to bind to the LDAP server with the given name
+ and the password. Note that <a class="link" href="http://docs.oracle.com/javase/7/docs/api/javax/naming/Context.html#SECURITY_AUTHENTICATION" target="_top">simple security
+ authentication</a> is used so the Directory receives the password in the clear.
+ </p><p>
+ By default, this authentication provider caches the result of an authentication for a short period of time. This
+ reduces the load on the Directory service if the same credentials are presented frequently within a short
+ period of time. The length of time a result will be cached is defined by context variable
+ <code class="literal">qpid.auth.cache.expiration_time</code> (default to 600 seconds). The cache can be disabled by
+ setting the context variable <code class="literal">qpid.auth.cache.size</code> to 0.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Kerberos-Provider"></a>8.1.2. Kerberos</h3></div></div></div><p> Kereberos Authentication Provider uses java GSS-API SASL mechanism to authenticate the
+ connections. </p><p> Configuration of kerberos is done through system properties (there doesn't seem to be a
+ way around this unfortunately). </p><pre class="programlisting">
+ export JAVA_OPTS=-Djavax.security.auth.useSubjectCredsOnly=false -Djava.security.auth.login.config=qpid.conf
+ ${QPID_HOME}/bin/qpid-server
+ </pre><p>Where qpid.conf would look something like this:</p><pre class="programlisting">
+com.sun.security.jgss.accept {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ storeKey=true
+ doNotPrompt=true
+ realm="EXAMPLE.COM"
+ useSubjectCredsOnly=false
+ kdc="kerberos.example.com"
+ keyTab="/path/to/keytab-file"
+ principal="<name>/<host>";
+};</pre><p> Where realm, kdc, keyTab and principal should obviously be set correctly for the
+ environment where you are running (see the existing documentation for the C++ broker about
+ creating a keytab file). </p><p> Note: You may need to install the "Java Cryptography Extension (JCE) Unlimited Strength
+ Jurisdiction Policy Files" appropriate for your JDK in order to get Kerberos support working. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-OAuth2-Provider"></a>8.1.3. OAuth2</h3></div></div></div><p> This authentication provider allows users to login to the broker using credentials from a different service supporting OAuth2.
+ Unfortunately, the <a class="link" href="https://www.rfc-editor.org/rfc/rfc6749.txt" target="_top">OAuth2 specification</a> does not define a standard why to get the identity of a subject from an access token.
+ However, most OAuth2 implementations provide such functionality, although in different ways. Qpid handles this by providing so called IdentityResolvers.
+ Currently the following services are supported:
+ </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>CloudFoundry</p></li><li class="listitem"><p>Facebook</p></li><li class="listitem"><p>GitHub</p></li><li class="listitem"><p>Google</p></li><li class="listitem"><p>Microsoft Live</p></li></ul></div><p>
+ Since all of these, with the exception of CloudFoundry, are tied to a specific service they come with defaults for the Scope, Authorization-, Token-, and IdentityResolverEndpoint.
+ </p><p>
+ By default, this authentication provider caches the result of an authentication for a short period of time. This
+ reduces the load on the OAuth2 service if the same token is presented frequently within a short
+ period of time. The length of time a result will be cached is defined by context variable
+ <code class="literal">qpid.auth.cache.expiration_time</code> (default to 600 seconds). The cache can be disabled by
+ setting the context variable <code class="literal">qpid.auth.cache.size</code> to 0.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-External-Provider"></a>8.1.4. External (SSL Client Certificates)</h3></div></div></div><p> When <a class="link" href="Java-Broker-Management-Managing-Truststores.html" title="7.12. Truststores"> requiring SSL Client
+ Certificates</a> be presented the External Authentication Provider can be used, such that
+ the user is authenticated based on trust of their certificate alone, and the X500Principal
+ from the SSL session is then used as the username for the connection, instead of also
+ requiring the user to present a valid username and password. </p><p>
+ <span class="bold"><strong>Note:</strong></span> The External Authentication Provider should typically
+ only be used on the AMQP/HTTP ports, in conjunction with <a class="link" href="Java-Broker-Management-Managing-Ports.html" title="7.9. Ports">SSL client certificate
+ authentication</a>. It is not intended for other uses and
+ will treat any non-sasl authentication processes on these ports as successful with the given
+ username.</p><p>On creation of External Provider the use of full DN or username CN as a principal name can
+ be configured. If attribute "Use the full DN as the Username" is set to "true" the full DN is
+ used as an authenticated principal name. If attribute "Use the full DN as the Username" is set
+ to "false" the user name CN part is used as the authenticated principal name. Setting the
+ field to "false" is particular useful when <a class="link" href="Java-Broker-Security-AccessControlProviders.html" title="8.3. Access Control Providers">ACL</a> is required, as at the moment, ACL does not support commas in the user name.
+ </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Anonymous-Provider"></a>8.1.5. Anonymous</h3></div></div></div><p> The Anonymous Authentication Provider will allow users to connect with or without
+ credentials and result in their identification on the broker as the user ANONYMOUS. This
+ Provider does not require specification of any additional attributes on creation. </p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-ScramSha-Providers"></a>8.1.6. SCRAM SHA</h3></div></div></div><p>The SCRAM SHA Providers uses the Broker configuration itself to store the database of
+ users. The users'
+ passwords are stored as salted SHA digested password. This can be further encrypted using the
+ facilities described in <a class="xref" href="Java-Broker-Security-Configuration-Encryption.html" title="8.4. Configuration Encryption">Section 8.4, “Configuration Encryption”</a>.</p><p>There are two variants of this provider, SHA1 and SHA256. SHA256 is recommended whenever
+ possible. SHA1 is provided with compatibility with clients utilising JDK 1.6 (which does not
+ support SHA256).</p><p>For these providers user credentials can be added, removed or changed using
+ Management.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Plain-Provider"></a>8.1.7. Plain</h3></div></div></div><p>The Plain Provider uses the Broker configuration itself to store the database of users
+ (unlike the <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-PlainPasswordFile-Provider" title="8.1.8. Plain Password File (Deprecated)">PlainPasswordFile</a>, there is no separate password file). As the name suggests,
+ the user data (including password) is not hashed in any way. In order to provide encryption,
+ the facilities described in <a class="xref" href="Java-Broker-Security-Configuration-Encryption.html" title="8.4. Configuration Encryption">Section 8.4, “Configuration Encryption”</a>
+ must be used.</p><p>For this provider user credentials can be added, removed or changed using
+ Management.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-PlainPasswordFile-Provider"></a>8.1.8. Plain Password File <span class="emphasis"><em>(Deprecated)</em></span></h3></div></div></div><p><span class="emphasis"><em>This provider is deprecated and will be removed in a future release. The <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-Plain-Provider" title="8.1.7. Plain">Plain</a> provider should be used
+ instead.</em></span></p><p> The PlainPasswordFile Provider uses local file to store and manage user credentials. When
+ creating an authentication provider the path to the file needs to be specified. If specified
+ file does not exist an empty file is created automatically on Authentication Provider
+ creation. On Provider deletion the password file is deleted as well.</p><p>For this provider user credentials can be added, removed or changed using
+ Management.</p><div class="section"><div class="titlepage"><div><div><h4 class="title"><a id="d0e4440"></a>8.1.8.1. Plain Password File Format</h4></div></div></div><p> The user credentials are stored on the single file line as user name and user
+ password pairs separated by colon character. This file must not be modified externally
+ whilst the Broker is running.</p><pre class="programlisting">
+# password file format
+# <user name>: <user password>
+guest:guest
+ </pre></div></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-MD5-Provider"></a>8.1.9. MD5 Provider</h3></div></div></div><p> MD5 Provider uses the Broker configuration itself to store the database of
+ users (unlike the <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-Base64MD5PasswordFile-Provider" title="8.1.10. Base64MD5 Password File (Deprecated)">Base64MD5 Password File</a>, there is no separate password file). Rather than store the
+ unencrypted user password (as the Plain provider does) it instead stores the MD5 password
+ digest. This can be further encrypted using the
+ facilities described in <a class="xref" href="Java-Broker-Security-Configuration-Encryption.html" title="8.4. Configuration Encryption">Section 8.4, “Configuration Encryption”</a>.</p><p>For this provider user credentials can be added, removed or changed using
+ Management.</p></div><div class="section"><div class="titlepage"><div><div><h3 class="title"><a id="Java-Broker-Security-Base64MD5PasswordFile-Provider"></a>8.1.10. Base64MD5 Password File <span class="emphasis"><em>(Deprecated)</em></span></h3></div></div></div><p><span class="emphasis"><em>This provider is deprecated and will be removed in a future release. The
+ <a class="link" href="Java-Broker-Security.html#Java-Broker-Security-MD5-Provider" title="8.1.9. MD5 Provider">MD5</a> provider should be used
+ instead.</em></span></p><p> Base64MD5PasswordFile Provider uses local file to store and manage user credentials
+ similar to PlainPasswordFile but instead of storing a password the MD5 password digest encoded
+ with Base64 encoding is stored in the file. When creating an authentication provider the path
+ to the file needs to be specified. If specified file does not exist an empty file is created
+ automatically on Authentication Provider creation. On Base64MD5PasswordFile Provider deletion
+ the password file is deleted as well.</p><p>For this provider user credentials can be added, removed or changed using
+ Management.</p><div class="section"><div class="titlepage"><div><div><h4 class="title"><a id="d0e4476"></a>8.1.10.1. Base64MD5 File Format</h4></div></div></div><p> The user credentials are stored on the single file line as user name and user password
+ pairs separated by colon character. The password is stored MD5 digest/Base64 encoded. This
+ file must not be modified externally whilst the Broker is running.</p></div></div></div></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="Java-Broker-Management-Managing-Plugin-HTTP.html">Prev</a> </td><td align="center" width="20%"> </td><td align="right" width="40%"> <a accesskey="n" href="Java-Broker-Security-Group-Providers.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">7.15. HTTP Plugin </td><td align="center" width="20%"><a accesskey="h" href="Apache-Qpid-Broker-J-Book.html">Home</a></td><td align="right" valign="top" width="40%"> 8.2. Group Providers</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/apds02.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/apds02.html b/content/releases/qpid-broker-j-7.0.3/book/apds02.html
new file mode 100644
index 0000000..b7bd2e0
--- /dev/null
+++ b/content/releases/qpid-broker-j-7.0.3/book/apds02.html
@@ -0,0 +1,160 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>D.2. Statistic Report Patterns - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-broker-j-7.0.3/index.html">Qpid Broker-J 7.0.3</a></li><li><a href="/releases/qpid-broker-j-7.0.3/book/index.html">Apache Qpid Broker-J</a></li><li>D.2. Statistic Report Patterns</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">D.2. Statistic Report Patterns</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="Java-Broker-Appendix-Statistics-Reporting.html">Prev</a> </td><th align="center" width="60%">Appendix D. Statistics Reporting</th><td align="right" width="20%"> <a accesskey="n" href="apds03.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="d0e9483"></a>D.2. Statistic Report Patterns</h2></div></div></div><p>The statistic report pattern defines the format of a statistic report written to the log.</p><p>Statistic report patterns are defined by <a class="link" href="Java-Broker-Management-Managing-Entities.html#Java-Broker-Management-Managing-Entities-General" title="7.1. General Description">
+ content variables</a>. The place where the context variable is defined governs the scope i.e. the entities to
+ which the pattern will be applied.</p><p>For instance, to define a statistics reporting pattern for a single queue,
+ <a class="link" href="Java-Broker-Management-Channel-Web-Console.html#Java-Broker-Management-Channel-Web-Console-Managing-Context-Variables" title="6.2.3.4. Context Variables">set the contextvariable
+ </a> on the queue itself. If you want the same statistics report pattern for apply to all queues, set the pattern on a
+ suitable ancestor of the queue. For instance, if set on virtualhost, the pattern will applied to all queues defined
+ on that virtualhost. If set on Broker, the pattern will be applied to all queues on the Broker.</p><p>The context variable name is formed as follows:
+ <code class="literal">qpid.<category-name>.statisticsReportPattern</code>.</p><p>For instance, for queue: <code class="literal">qpid.queue.statisticsReportPattern</code> and virtualhost:
+ <code class="literal">qpid.virtualhost.statisticsReportPattern</code></p><p>The value of the context variable is a free text string containing reference(s) to the statistic names that
+ are to appear in the report. References are made by surrounding the name of the statistic with '$' and curly braces,
+ thus <code class="literal">${<statistic-name>}</code>.</p><p>Statistics references allow an optional formatters. The supported formatters are: <code class="literal">:byteunit</code>
+ (produces a human readable byte value e.g. 3 MiB), <code class="literal">:duration</code> (produces a ISO-8601 duration)and
+ <code class="literal">:datetime</code> (produces a ISO-8601 date/time).</p><p>For example, a statistic report pattern for the <code class="literal">queue</code> category specifying two queue
+ statistic values: <code class="literal">queueDepthMessages=${queueDepthMessages},queueDepthBytes=${queueDepthBytes:byteunit}</code></p><p>Like all context variables, the statistic report pattern can also reference the attributes of the entity
+ or even its ancestors. This feature can be exploited to include things like the name of the entity within the
+ report.</p><p>These points are illustrated in the examples in the next section.</p><p>A catalogue of statistics names and descriptions is available from the REST API documentation available
+ through the <a class="link" href="Java-Broker-Management-Channel-Web-Console.html" title="6.2. Web Management Console">Web Management Console</a>.</p></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="Java-Broker-Appendix-Statistics-Reporting.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="Java-Broker-Appendix-Statistics-Reporting.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="apds03.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">Appendix D. Statistics Reporting </td><td align="center" width="20%"><a accesskey="h" href="Apache-Qpid-Broker-J-Book.html">Home</a></td><td align="right" valign="top" width="40%"> D.3. Examples</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/apds03.html
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/apds03.html b/content/releases/qpid-broker-j-7.0.3/book/apds03.html
new file mode 100644
index 0000000..0fa7b05
--- /dev/null
+++ b/content/releases/qpid-broker-j-7.0.3/book/apds03.html
@@ -0,0 +1,154 @@
+<!DOCTYPE html>
+<!--
+ -
+ - Licensed to the Apache Software Foundation (ASF) under one
+ - or more contributor license agreements. See the NOTICE file
+ - distributed with this work for additional information
+ - regarding copyright ownership. The ASF licenses this file
+ - to you under the Apache License, Version 2.0 (the
+ - "License"); you may not use this file except in compliance
+ - with the License. You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing,
+ - software distributed under the License is distributed on an
+ - "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ - KIND, either express or implied. See the License for the
+ - specific language governing permissions and limitations
+ - under the License.
+ -
+-->
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
+ <head>
+ <title>D.3. Examples - Apache Qpid™</title>
+ <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
+ <link rel="stylesheet" href="/site.css" type="text/css" async="async"/>
+ <link rel="stylesheet" href="/deferred.css" type="text/css" defer="defer"/>
+ <script type="text/javascript">var _deferredFunctions = [];</script>
+ <script type="text/javascript" src="/deferred.js" defer="defer"></script>
+ <!--[if lte IE 8]>
+ <link rel="stylesheet" href="/ie.css" type="text/css"/>
+ <script type="text/javascript" src="/html5shiv.js"></script>
+ <![endif]-->
+
+ <!-- Redirects for `go get` and godoc.org -->
+ <meta name="go-import"
+ content="qpid.apache.org git https://git-wip-us.apache.org/repos/asf/qpid-proton.git"/>
+ <meta name="go-source"
+ content="qpid.apache.org
+https://github.com/apache/qpid-proton/blob/go1/README.md
+https://github.com/apache/qpid-proton/tree/go1{/dir}
+https://github.com/apache/qpid-proton/blob/go1{/dir}/{file}#L{line}"/>
+ </head>
+ <body>
+ <div id="-content">
+ <div id="-top" class="panel">
+ <a id="-menu-link"><img width="16" height="16" src="" alt="Menu"/></a>
+
+ <a id="-search-link"><img width="22" height="16" src="" alt="Search"/></a>
+
+ <ul id="-global-navigation">
+ <li><a id="-logotype" href="/index.html">Apache Qpid<sup>™</sup></a></li>
+ <li><a href="/documentation.html">Documentation</a></li>
+ <li><a href="/download.html">Download</a></li>
+ <li><a href="/discussion.html">Discussion</a></li>
+ </ul>
+ </div>
+
+ <div id="-menu" class="panel" style="display: none;">
+ <div class="flex">
+ <section>
+ <h3>Project</h3>
+
+ <ul>
+ <li><a href="/overview.html">Overview</a></li>
+ <li><a href="/components/index.html">Components</a></li>
+ <li><a href="/releases/index.html">Releases</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Messaging APIs</h3>
+
+ <ul>
+ <li><a href="/proton/index.html">Qpid Proton</a></li>
+ <li><a href="/components/jms/index.html">Qpid JMS</a></li>
+ <li><a href="/components/messaging-api/index.html">Qpid Messaging API</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Servers and tools</h3>
+
+ <ul>
+ <li><a href="/components/broker-j/index.html">Broker-J</a></li>
+ <li><a href="/components/cpp-broker/index.html">C++ broker</a></li>
+ <li><a href="/components/dispatch-router/index.html">Dispatch router</a></li>
+ </ul>
+ </section>
+
+ <section>
+ <h3>Resources</h3>
+
+ <ul>
+ <li><a href="/dashboard.html">Dashboard</a></li>
+ <li><a href="https://cwiki.apache.org/confluence/display/qpid/Index">Wiki</a></li>
+ <li><a href="/resources.html">More resources</a></li>
+ </ul>
+ </section>
+ </div>
+ </div>
+
+ <div id="-search" class="panel" style="display: none;">
+ <form action="http://www.google.com/search" method="get">
+ <input type="hidden" name="sitesearch" value="qpid.apache.org"/>
+ <input type="text" name="q" maxlength="255" autofocus="autofocus" tabindex="1"/>
+ <button type="submit">Search</button>
+ <a href="/search.html">More ways to search</a>
+ </form>
+ </div>
+
+ <div id="-middle" class="panel">
+ <ul id="-path-navigation"><li><a href="/index.html">Home</a></li><li><a href="/releases/index.html">Releases</a></li><li><a href="/releases/qpid-broker-j-7.0.3/index.html">Qpid Broker-J 7.0.3</a></li><li><a href="/releases/qpid-broker-j-7.0.3/book/index.html">Apache Qpid Broker-J</a></li><li>D.3. Examples</li></ul>
+
+ <div id="-middle-content">
+ <div class="docbook"><div class="navheader"><table summary="Navigation header" width="100%"><tr><th align="center" colspan="3">D.3. Examples</th></tr><tr><td align="left" width="20%"><a accesskey="p" href="apds02.html">Prev</a> </td><th align="center" width="60%">Appendix D. Statistics Reporting</th><td align="right" width="20%"> <a accesskey="n" href="Java-Broker-Appendix-Queue-Alerts.html">Next</a></td></tr></table><hr /></div><div class="section"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="d0e9542"></a>D.3. Examples</h2></div></div></div><p>Adding a statistic reporting pattern to a single queue, called <code class="literal">myqueue</code> using the REST API and
+ cURL. This example uses <code class="literal">ancestor</code> references to include entity names:</p><div class="example"><a id="d0e9553"></a><p class="title"><strong>Example D.1. Enabling statistics for a single queue using the REST API and cURL</strong></p><div class="example-contents"><pre class="screen">curl --user admin --data '{"name" : "qpid.queue.statisticsReportPattern", "value" : "${ancestor:virtualhost:name}/${ancestor:queue:name}: queueDepthMessages=${queueDepthMessages}, queueDepthBytes=${queueDepthBytes:byteunit}"}' https://localhost:8080/api/latest/queue/default/default/myqueue/setContextVariable</pre></div></div><br class="example-break" /><p>
+ Once enabled, an example statistic report output written to the log might look like this:
+ </p><pre class="screen">2017-10-15 13:03:12,993 INFO [virtualhost-default-pool-0] (q.s.Queue) - Statistics: default/myqueue: queueDepthMessages=0, queueDepthBytes=0 B
+2017-10-15 13:03:22,979 INFO [virtualhost-default-pool-2] (q.s.Queue) - Statistics: default/myqueue: queueDepthMessages=3, queueDepthBytes=345 B
+2017-10-15 13:03:32,981 INFO [virtualhost-default-pool-2] (q.s.Queue) - Statistics: default/myqueue: queueDepthMessages=3, queueDepthBytes=345 B</pre><p>
+ </p><p>Removing a statistic report pattern from the same queue:</p><div class="example"><a id="d0e9565"></a><p class="title"><strong>Example D.2. Disabling statistics for a single queue using the REST API and cURL</strong></p><div class="example-contents"><pre class="screen">curl --user admin --data '{"name" : "qpid.queue.statisticsReportPattern"}' https://localhost:8080/api/latest/queue/default/default/myqueue/setContextVariable</pre></div></div><br class="example-break" /><p>Adding a statistic reporting pattern to all queues:</p><div class="example"><a id="d0e9572"></a><p class="title"><strong>Example D.3. Enabling statistics for all queues using the REST API and cURL</strong></p><div class="example-contents"><pre class="screen">curl --user admin --data '{"name" : "qpid.queue.statisticsReportPattern", "value" : "${ancestor:virtualhost:name}/${ancestor:queue:name}: oldestMessageAge=${oldestMessageAge:duration}"}' https://localhost:8080/api/latest/virtualhost
/default/default/setContextVariable</pre></div></div><br class="example-break" /><p>
+ Once enabled, an example statistic report for a virtualhost with two queues might look like this:
+ </p><pre class="screen">2017-10-15 13:17:42,918 INFO [virtualhost-default-pool-1] (q.s.Queue) - Statistics: default/myqueue1: oldestMessageAge=PT1M24S
+2017-10-15 13:17:42,918 INFO [virtualhost-default-pool-1] (q.s.Queue) - Statistics: default/myqueue2: oldestMessageAge=PT0S</pre><p>
+ </p></div><div class="navfooter"><hr /><table summary="Navigation footer" width="100%"><tr><td align="left" width="40%"><a accesskey="p" href="apds02.html">Prev</a> </td><td align="center" width="20%"><a accesskey="u" href="Java-Broker-Appendix-Statistics-Reporting.html">Up</a></td><td align="right" width="40%"> <a accesskey="n" href="Java-Broker-Appendix-Queue-Alerts.html">Next</a></td></tr><tr><td align="left" valign="top" width="40%">D.2. Statistic Report Patterns </td><td align="center" width="20%"><a accesskey="h" href="Apache-Qpid-Broker-J-Book.html">Home</a></td><td align="right" valign="top" width="40%"> Appendix E. Queue Alerts</td></tr></table></div></div>
+
+ <hr/>
+
+ <ul id="-apache-navigation">
+ <li><a href="http://www.apache.org/">Apache</a></li>
+ <li><a href="http://www.apache.org/licenses/">License</a></li>
+ <li><a href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a></li>
+ <li><a href="http://www.apache.org/foundation/thanks.html">Thanks!</a></li>
+ <li><a href="/security.html">Security</a></li>
+ <li><a href="http://www.apache.org/"><img id="-apache-feather" width="48" height="14" src="" alt="Apache"/></a></li>
+ </ul>
+
+ <p id="-legal">
+ Apache Qpid, Messaging built on AMQP; Copyright © 2015
+ The Apache Software Foundation; Licensed under
+ the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache
+ License, Version 2.0</a>; Apache Qpid, Qpid, Qpid Proton,
+ Proton, Apache, the Apache feather logo, and the Apache Qpid
+ project logo are trademarks of The Apache Software
+ Foundation; All other marks mentioned may be trademarks or
+ registered trademarks of their respective owners
+ </p>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/css/style.css
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/css/style.css b/content/releases/qpid-broker-j-7.0.3/book/css/style.css
new file mode 100644
index 0000000..8179bf4
--- /dev/null
+++ b/content/releases/qpid-broker-j-7.0.3/book/css/style.css
@@ -0,0 +1,131 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+ul {
+ list-style-type:square;
+}
+
+th {
+ font-weight: bold;
+}
+
+.navfooter td {
+ font-size:10pt;
+}
+
+.navheader td {
+ font-size:10pt;
+}
+
+body {
+ margin:0;
+ background:#FFFFFF;
+ font-family:"Verdana", sans-serif;
+ font-size:10pt;
+}
+
+.container {
+ width:950px;
+ margin:0 auto;
+}
+
+body a {
+ color:#000000;
+}
+
+
+div.book {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.preface {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.chapter {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.section {
+ margin-left:10pt;
+ margin-right:10pt;
+}
+
+div.titlepage {
+ margin-left:-10pt;
+ margin-right:-10pt;
+}
+
+.calloutlist td {
+ font-size:10pt;
+}
+
+.table-contents table {
+ border-spacing: 0px;
+}
+
+.table-contents td {
+ font-size:10pt;
+ padding-left:6px;
+ padding-right:6px;
+}
+
+.chapter h2.title {
+ font-size:20pt;
+ color:#0c3b82;
+}
+
+.chapter .section h2.title {
+ font-size:18pt;
+ color:#0c3b82;
+}
+
+.section h2.title {
+ font-size:16pt;
+ color:#0c3b82;
+}
+
+.section h3.title {
+ font-size:14pt;
+ color:#0c3b82;
+}
+
+.section h4.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.section h5.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.section h6.title {
+ font-size:12pt;
+ color:#0c3b82;
+}
+
+.toc a {
+ font-size:9pt;
+}
+
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/images/Broker-MessageFlow.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/images/Broker-MessageFlow.png b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-MessageFlow.png
new file mode 100755
index 0000000..4902c46
Binary files /dev/null and b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-MessageFlow.png differ
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/images/Broker-Model.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/images/Broker-Model.png b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-Model.png
new file mode 100755
index 0000000..a254565
Binary files /dev/null and b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-Model.png differ
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/images/Broker-PortAuthFlow.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/images/Broker-PortAuthFlow.png b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-PortAuthFlow.png
new file mode 100755
index 0000000..4df2fa1
Binary files /dev/null and b/content/releases/qpid-broker-j-7.0.3/book/images/Broker-PortAuthFlow.png differ
http://git-wip-us.apache.org/repos/asf/qpid-site/blob/082a5541/content/releases/qpid-broker-j-7.0.3/book/images/Exchange-Direct.png
----------------------------------------------------------------------
diff --git a/content/releases/qpid-broker-j-7.0.3/book/images/Exchange-Direct.png b/content/releases/qpid-broker-j-7.0.3/book/images/Exchange-Direct.png
new file mode 100755
index 0000000..184fb80
Binary files /dev/null and b/content/releases/qpid-broker-j-7.0.3/book/images/Exchange-Direct.png differ
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org