JNDI Connection Properties

This section discusses JMS properties associated with a JNDI connection.

Authentication Scheme

This property specifies the authentication scheme and applies to both the JNDI and data connection.

  • Supported by: For basic and client certificate authentication schemes, message brokers running Solace PubSub+ version 6.1 and higher. For a Kerberos authentication scheme, message brokers running Solace PubSub+ version 7.0 and higher.
  • Type: String
  • Format must be one of the following:
  • Default: SupportedProperty.AUTHENTICATION_SCHEME_BASIC

When AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE is used then at least one of these properties have to be set:

  • SSL_KEY_STORE_PASSWORD
  • SSL_PRIVATE_KEY_PASSWORD

The SSL_KEY_STORE property becomes mandatory when AUTHENTICATION_SCHEME is set to AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE. For more information, refer to the Class JCSMPProperties page in the JAVA API Reference guide.

Authentication Scheme Property

Property Source (in descending priority)

Example

Initial Context

The example below shows how to enable Client Certificate authentication.

env.put(SupportedProperty.SOLACE_JMS_AUTHENTICATION_SCHEME, SupportedProperty.AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE);

JNDI Properties File

Solace_JMS_Authentication_Scheme=AUTHENTICATION_SCHEME_BASIC

Solace_JMS_Authentication_Scheme=AUTHENTICATION_SCHEME_GSS_KRB

Solace_JMS_Authentication_Scheme=AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE

Allow Duplicate Client ID Enabled

The property specifies whether new JMS connections can use the same Client identifier (ID) as an existing connection. If the property is enabled and the JMS client did not provide a client ID, the API could just use the autogenerated unique client-id used for the initial connection.

  • Supported by: Version 8.6.0 or higher on the Solace PubSub+ software message broker and version 8.3.0 or higher on the Solace appliance. Also, JMS API 10.2.0 or higher is required.
  • Type: Boolean
  • Format: [true|false]
  • Default: false

Allow Duplicate Client ID Enabled Property

Property Source (in descending priority)

Example

JNDI Connection Factory

CLI/SEMP - Set through the property list "client-properties", Property "allow-duplicate-client-id"

Client Description

This property specifies the application description.

  • Supported by: Solace PubSub+ version 5.0 and higher
  • Type: String
  • Format: A maximum of 254 ASCII characters.
  • Default: “JNDI”

Client Description Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_CLIENT_DESCRIPTION, “My JNDI Client Description”);

JNDI Properties File

Solace_JMS_JNDI_ClientDescription=My JNDI Client Description

Client ID

This property specifies the client name. If not specified, the API generates a unique client ID.

  • Supported by: Solace PubSub+ version 5.0 and higher
  • Type: String
  • Format: Must be a valid topic name; a maximum of 160 bytes is supported when encoded in UTF-8.
  • Default: A generated client ID

Client ID Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_CLIENT_ID, “My JNDI Client”);

JNDI Properties File

Solace_JMS_JNDI_ClientID=My JNDI Client

Compression Level

This property is used to enable and specify the ZLIB compression level.

  • Type: Integer
  • Format: Valid values for the compression level are 0 (no compression), or 1 through 9 (where 1 offers the least amount of compression and fastest data throughput, and 9 offers the most compression and slowest data throughput). The default value is 0.
  • Default: 0

Compression Level Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_COMPRESSION_LEVEL, 6);

JNDI Properties File

Solace_JMS_CompressionLevel=6

Connect Retries

This property specifies the maximum number of times to attempt a JNDI Connection if the first connect fails. If this value is -1 or greater than 1, and a host list is used, each connect retry will traverse the host list according to the value set for the Connect Retries property.

  • Type: Integer
  • Format: Valid values are -1 through 2147483647. 0 means do not perform any automatic connection retries (that is, try once and give up); –1 means retry forever.
  • Default: 0

Connect Retries Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_CONNECT_RETRIES, 5);

JNDI Properties File

Solace_JMS_JNDI_ConnectRetries=3

System

-DJNDI_Connect_Retries=3

Connection Retries Per Host

When using a list of hosts for the URL property (refer to URL), this property defines the maximum number of times to retry a JNDI connection attempt to a single host before moving on to the next host in the list.

When traversing the list, each entry may be attempted the number of times set for the connection retries per host property plus 1.

  • Type: Integer
  • Format: Valid values are -1 through 2147483647. 0 means no retries (that is, try once and give up); –1 means retry forever (that is, the API only tries to connect or reconnect to first host listed.)
  • Default: 0

Note:  This property works in conjunction with the connect and reconnect retries settings; it does not replace them.

Connection Retries Per Host Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_CONNECT_RETRIES_PER_HOST, 5);

JNDI Properties File

Solace_JMS_JNDI_ConnectRetriesPerHost=10

System

-DJNDI_Connection_Retries_Per_Host=10

Connect Timeout

This property specifies the maximum amount of time (in milliseconds) permitted for a JNDI connection attempt.

  • Type: Integer
  • Format: In milliseconds; valid values are 0 through 2147483647. 0 means wait forever.
  • Default: 30000 (that is, 30 seconds)

Connection Timeout Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_CONNECT_TIMEOUT, 50000);

JNDI Properties File

Solace_JMS_JNDI_ConnectTimeout=60000

System

-DJNDI_Connect_Timeout=60000

JAAS Login Context

This property specifies a name that applications use to refer to the entry in a login configuration file when they instantiate a LoginContext.

  • Type: String
  • Format: The name that refers to the entry in the login configuration file.
  • Default: SolaceGSS

JAAS Login Context Property

Property Source (in highest priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JAAS_LOGIN_CONTEXT, “SolaceGSS”);

JAAS Configuration File Reload Enabled

This property, when true, indicates the login configuration file is reloaded before connect or reconnect to the message broker.

  • Type: Boolean
  • Format: [true | false]
  • Default: false (disabled)

JAAS Configuration File Reload Enabled Property

Property Source (in highest priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JAAS_CONFIG_FILE_RELOAD_ENABLED, true);

JMSX User ID Enabled

This property specifies if the identity of the user is included in the messages it sends.

  • Supported by: Solace PubSub+ 7.2 and higher
  • Type: Boolean
  • Format: [true|false]
  • Default: false

JMSX UserID Property

Property Source (in descending priority)

Example

JNDI Connection Factory

SolAdmin—Set through the Messaging Properties tab of the New JMS Connection Factory or Edit JMS Connection Factory dialog box.

CLI/SEMP—Set through Property List “messaging‑properties”, Property “jmsx-user-id-enabled”.

Kerberos Mutual Authentication

This property specifies that mutual authentication is to be used when the Kerberos authentication scheme is enabled.

  • Supported by: Solace PubSub+ 7.0 and higher
  • Type: Boolean
  • Format: [true|false]
  • Default: true

This property applies to both the JNDI and data connections.

Kerberos Mutual Authentication Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_KRB_MUTUAL_AUTHENTICATION, false);

JNDI Properties File

Solace_JMS_KRB_Mutual_Authentication=false

Kerberos Service Name

This property specifies that mutual authentication is to be used when the Kerberos authentication scheme is enabled.

  • Supported by: Solace PubSub+ 7.0 and higher
  • Type: String
  • Format: Any string. The total SPN value must not exceed 190 characters, including Service Name, Host FQDN, ‘@’ symbol, and ‘REALM’ name.
  • Default: “solace” (SupportedProperty.DEFALUT_KRB_SERVICE_NAME)

This property applies to both the JNDI and data connections.

Kerberos Service Name Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_KRB_SERVICE_NAME, "solace");

JNDI Properties File

Solace_JMS_KRB_Service_Name=KRBName

Local Host

This property specifies the IP address of the local interface to use. By default, the operating system picks the interface. This property applies to both the JNDI and data connections.

  • Type: String
  • Format: IP address
  • Default: none

Local Host Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_LOCALHOST, "192.168.1.1");

JNDI Properties File

Solace_JMS_Localhost=192.168.1.1

System

-DJMS_Solace_localhost=192.168.1.1

Password

This property specifies a password to connect to the message broker with. By default, no password is specified. This password applies to both the JNDI and JMS (that is, data) connections, but it can be overridden when creating a JMS connection. For more information, refer to Managing Sessions.

  • Type: String
  • Format: The maximum length is 128 characters.
  • Default: “”

Password Property

Property Source (in descending priority)

Example

 

System

-Djava.naming.security.credentials=pwd

Initial Context

env.put(Context. SECURITY_CREDENTIALS, pwd);

JNDI Properties File

java.naming.security.credentials=pwd

URL

smf://user1:pwd@192.168.1.1:55555

Note:  With host lists there is the capability to specify a username or password with every URL. In this case, the chosen username and password are the first ones found in the URL list.

Read Timeout

This property specifies the maximum amount of time (in milliseconds) permitted for reading a JNDI lookup reply from the host.

  • Type: Integer
  • Format: Valid values are 0 through 2147483647. 0 means wait forever.
  • Default: 10000 (that is, ten seconds)

Read Timeout Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_READ_TIMEOUT, 60000);

JNDI Properties File

Solace_JMS_JNDI_ReadTimeout=60000

System

-DJNDI_Read_Timeout=60000

Reconnect Retries

This property specifies the number of times to attempt to reconnect to a host once an established JNDI connection has been lost. The JNDI connection to the host will not be reestablished if there is no JNDI lookup that needs to be performed.

When using a list of hosts for the URL property (refer to URL), and no connection is reestablished to any of the hosts, the API can reattempt connecting to the listed hosts again starting with the first host in the list. Each time the API works through the host list without establishing a reconnection is considered an reconnect retry. For example, if a Reconnect Retries value of two is used, the API could possibly work through all of the listed hosts without reconnecting to them three times: one time through for the initial connect attempt, and then two times through for reconnect retries.

After each unsuccessful attempt to reconnect to a host, the API waits for the amount of time set for Reconnect Retry Wait property (refer to Reconnect Retry Wait) before attempting another reconnection to a host. It should be noted that the number times to attempt to reconnect to one host before moving on to the next listed host is determined by the value set for the Connection Retries Per Host property (refer to Connection Retries Per Host).

  • Type: Integer
  • Format: Valid values are -1 through 2147483647. 0 means no automatic reconnect retries (that is, try once and give up); –1 means retry forever.
  • Default: 20

Reconnect Retries Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_RECONNECT_RETRIES, 100);

JNDI Properties File

Solace_JMS_JNDI_ReconnectRetries=100

System

-DJNDI_Reconnect_Retries=100

Reconnect Retry Wait

If a connect or reconnect attempt to a host is not successful, the API waits the amount of time (in milliseconds) set for this property, and then makes another connect or reconnect attempt.

When using a list of hosts for the URL property (refer to URL), the Connect Retries Per Host property (refer to Connection Retries Per Host) sets how many connection or reconnection attempts can be made before moving on to the next host in the list.

  • Type: Integer
  • Format: Valid values are 0 through 60000. 0 means do not wait.
  • Default 3000 (that is, three seconds)

Reconnect Retry Wait Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_JNDI_RECONNECT_RETRY_WAIT, 10000);

JNDI Properties File

Solace_JMS_JNDI_ReconnectRetryWait=10000

System

-DJNDI_Reconnect_Retry_Wait=3000

SSL Certificate Date Validation

Indicates whether the connection should fail when an expired certificate or a certificate not yet in use is received. No date validation is performed (overriding this property) if SSL certificate validation is set to false.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: Boolean
  • Format: [true|false]
  • Default: true

This property applies to both the JNDI and data connections.

SSL Certificate Date Validation Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_SSL_VALIDATE_CERTIFICATE_DATE, false);

JNDI Properties File

Solace_JMS_SSL_ValidateCertificateDate=false

SSL Certificate Validation

Indicates whether the API should validate server certificates with the trusted certificates in the trust store. A Java KeyStore (JKS) or PKCS12 certificate file is used for the trust store. No certificate date or common name validation is performed (overriding this property) if SSL certificate validation is set to false.

  • Type: Boolean
  • Format: [true|false]
  • Default: true

This property applies to both the JNDI and data connections.

SSL Certificate Validation Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_VALIDATE_CERTIFICATE, true);

JNDI Properties File

Solace_JMS_SSL_ValidateCertificate=false

SSL Cipher Suite

The TLS/ SSL cipher suites to use to negotiate a secure client connection with the JNDI store.

A cipher suite is a combination of cryptographic parameters that define the security algorithms and key sizes used for authentication, key agreement, encryption, and integrity protection. Cipher suites can be specified using their JSSE name or OpenSSL name.

The following cipher suites (showing the JSSE name with the OpenSSL name in brackets) are supported:

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (ECDHE-RSA-AES256-SHA384)

    This cipher suite requires Java 7 or higher and the installation of the JCE Unlimited Strength Jurisdiction Policy Files.

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (ECDHE-RSA-AES256-SHA)

    This cipher suite requires Java 7 or higher and the installation of the JCE Unlimited Strength Jurisdiction Policy Files.

  • TLS_RSA_WITH_AES_256_CBC_SHA256 (AES256-SHA256)

    This cipher suite requires Java 7 or higher and the installation of the JCE Unlimited Strength Jurisdiction Policy Files.

  • TLS_RSA_WITH_AES_256_CBC_SHA (AES256-SHA)

    This cipher suite requires installation of the JCE Unlimited Strength Jurisdiction Policy Files.

  • TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (ECDHE-RSA-DES-CBC3-SHA)

    This cipher suite requires Java 7 or higher.

  • SSL_RSA_WITH_3DES_EDE_CBC_SHA (DES-CBC3-SHA)
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (ECDHE-RSA-AES128-SHA)

    This cipher suite requires Java 7 or higher.

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (ECDHE-RSA-AES128-SHA256)

    This cipher suite requires Java 7 or higher.

  • TLS_RSA_WITH_AES_128_CBC_SHA256 (AES128-SHA256)

    This cipher suite requires Java 7 or higher.

  • TLS_RSA_WITH_AES_128_CBC_SHA (AES128-SHA)

This property applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: Comma-separated list of ciphers
  • Default: All supported ciphers

SSL Cipher Suite Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_SSL_CIPHER_SUITE, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA");

JNDI Properties File

Solace_JMS_SSL_CipherSuites=SSL_RSA_WITH_RC4_128_SHA

SSL Excluded Protocols

A comma-separated list of encryption protocols that should not be used. SSL v3.0 (sslv3), TLS v1.0 (tlsv1), TLS v1.1 (tlsv1.1) and TLS v1.2 (tlsv1.2) are valid entries. When specifying multiple protocols, the order is not important.

  • Supported by: Solace PubSub+ 7.1 and higher
  • Type: String
  • Format: Comma-separated list of protocol names
  • Default: “”

Note:  TLS v1.1 (tlsv1.1) and TLS v1.2 (tlsv1.2) require Java 7 or greater.

SSL Excluded Protocols Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_EXCLUDED_PROTOCOLS, "tlsv1");

JNDI Properties File

Solace_JMS_SSL_ExcludedProtocols=tlsv1

SSL Key Store

This property specifies the keystore to use in the URL or path format. The keystore holds the client’s private key and certificate required to authenticate a client during the TLS/SSL handshake. This property is required if the authentication scheme is client certificate authentication (refer Authentication Scheme).

This property applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.1 and higher
  • Type: String
  • Format: URL or path of the keystore file
  • Default: “”

SSL Key Store Property

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_SSL_KEY_STORE, "mykeystore.jks");

JNDI Properties File

Solace_JMS_SSL_KeyStore=myKeyStore.jks

System

-Djavax.net.ssl.keyStore=myKeyStore.jks

SSL Key Store Format

This property specifies the format of the given keystore. It applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.1 and higher
  • Type: String
  • Format: JKS or PKCS12
  • Default: “”

SSL Key Store Format

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_SSL_KEY_STORE_FORMAT, "pkcs12");

JNDI Properties File

Solace_JMS_SSL_KeyStoreFormat=pkcs12

System

-Djavax.net.ssl.keyStoreType=PKCS12

SSL Internal Normalized Key Store Format

This property specifies the format of the internal normalized key store. It allows you to override the type of the internal normalized keystore used for processing the keys from the SSL Key Store if there are issues with the default format.

This property applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 7.2.1 and higher
  • Type: String
  • Format: Typically one of the standard built-in formats, like “jks” or “pkcs12”
  • Default: “”. If not specified then the type of SSL Key Store is used.

SSL Key Store Format

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_KEY_STORE_NORMALIZED_FORMAT, “pkcs12”);

JNDI Properties File

Solace_JMS_SSL_KeyStoreNormalizedFormat =pkcs12

System

System Property -Djavax.net.ssl.keyStoreNormalizedType=PKCS12

SSL Key Store Password

This property specifies keystore password to use. This password allows JMS to verify the integrity of the keystore. It applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.1 and higher
  • Type: String
  • Format: String
  • Default: “”

SSL Key Store Password

Property Source (in descending priority)

Example

Initial Context

env.put(SupportedProperty.SOLACE_JMS_SSL_KEY_STORE_PASSWORD, "password");

JNDI Properties File

Solace_JMS_SSL_KeyStorePassword=mypass

System

-Djavax.net.ssl.keyStorePassword=mypass

SSL Private Key Alias

This property specifies which private key in the keystore to use for authentication. This property is necessary when a keystore with multiple private key entries is used.

This property applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.1 and higher
  • Type: String
  • Format: String
  • Default: “”

SSL Private Key Alias

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_PRIVATE_KEY_ALIAS, "alias");

JNDI Properties File

Solace_JMS_SSL_PrivateKeyAlias=alias

SSL Private Key Password

This property specifies the password to use to recover the private key from the keystore. If this is not specified, then the SSL Key Store Password will be used to recover the private key. This property applies to both the JNDI and data connections.

  • Supported by: Solace PubSub+ 6.1 and higher
  • Type: String
  • Format: String
  • Default: “”

SSL Private Key Password Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_PRIVATE_KEY_PASSWORD, "password");

JNDI Properties File

Solace_JMS_SSL_PrivateKeyPassword=password

SSL Protocol

A comma-separated list of the encryption protocols to use. SSL v3.0 (sslv3), TLS v1.0 (tlsv1), TLS v1.1 (tlsv1.1) and TLS v1.2 (tlsv1.2) are supported. When specifying multiple protocols, the order is not important.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: Comma-separated list of protocol names
  • Default: “sslv3,tlsv1,tlsv1.1,tlsv1.2”
Note  
  • As of Solace PubSub+ 7.1, use of the SSL Excluded Protocols property is recommended instead. You may not use both “SSL Protocol” and “SSL Excluded Protocols”.
  • TLS v1.1 (tlsv1.1) and TLS v1.2 (tlsv1.2) require Java 7 or greater.

SSL Protocol Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_PROTOCOL, "tlsv1");

JNDI Properties File

Solace_JMS_SSL_Protocol=tlsv1

SSL Trust Store

The trust store file to use. This property is mandatory if the SSL Certificate Validation property is set to true.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: URL or path of the trust store file
  • Default: “”

This property applies to both the JNDI and data connections.

SSL Trust Store Property

Property Source (in descending priority)

Example

 

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_TRUST_STORE, "mytruststore.jks");

JNDI Properties File

Solace_JMS_SSL_TrustStore=myTrustStore.jks

System

-Djavax.net.ssl.trustStore=myTrustStore.jks

SSL Trust Store Format

Indicates the format used by the trust store provided for the SSL Trust Store property.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: “jks” or “pkcs12”
  • Default: “”

This property applies to both the JNDI and data connections.

SSL Trust Store Format Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_TRUST_STORE_FORMAT, "pkcs12");

JNDI Properties File

Solace_JMS_SSL_TrustStoreFormat=pkcs12

System

-Djavax.net.ssl.trustStoreType=PKCS12

SSL Trust Store Password

The trust store password for the trust store provided for the SSL Trust Store property. This property is mandatory if the SSL Certificate Validation property is set to true.

  • Supported by: Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: String
  • Default: “”

This property applies to both the JNDI and data connections.

SSL Trust Store Password Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_TRUST_STORE_PASSWORD, "password");

JNDI Properties File

Solace_JMS_SSL_TrustStorePassword=mypass

System

-Djavax.net.ssl.trustStorePassword=mypass

SSL Trusted Common Name List

A list of up to 16 acceptable common names for matching in server certificates. If no common names are provided (the default), it means that there is no common name verification and all common names are acceptable.

No common name validation is performed if certificate validation is set to false.

  • Supported by: message brokers running Solace PubSub+ 6.0 and higher
  • Type: String
  • Format: Comma-separated list of common names

    Note:  Leading and trailing white spaces are considered to be part of the common names and are not ignored.

  • Default: “”

This property applies to both the JNDI and data connections.

SSL Trusted Common Name List Property

Property Source (in descending priority)

Example

Initial Context

env.put(

SupportedProperty.SOLACE_JMS_SSL_TRUSTED_COMMON_NAME_LIST, "acme.com,www.acme.com");

JNDI Properties File

Solace_JMS_SSL_TrustedCommonNameList= acme.com,www.acme.com

URL

This property specifies the IP address and port (optional) of the host (LDAP server or message broker) to connect to for a JNDI lookup. A host entry uses the following format:

<URI Scheme>://[username]:[password]@<IP address>[:port]

Where:

URI Scheme is the uniform resource identifier (URI) scheme used for the JNDI lookup. The valid values are:

  • smf—use plain-text over SMF for communications between the application and the host. SMF is the default.
  • smfs—use TLS/ SSL protocols over SMF for secure communications between the application and the host

username is the user name that is required to authenticate a client connecting to the host. A client username can be used by a single or by multiple JMS clients.

password is the username password for the connection when authentication is required.

IP address is the IP address (or hostname) of the host. To specify a prioritized list of hosts that a client can attempt to connect to, list each IP address, in order of importance, separated by a comma.

port is the port number to use to establish the connection. A value is only required when the client needs to use a port other than the automatically‑assigned default port number. The default port number for is 55555 when compression is not in use, or 55003 when compression is in use. The default port for TLS/SSL connections (with or without compression) is 55443.

  • Type: String
  • Format: smf://username:password@ipaddress:port
  • Default: None

Note:  The provided URL parameters are used for both a JNDI connection and a JMS data connection. This is useful when both the JNDI and JMS data connections are for a message broker that provides JNDI and JMS service. However, when the JNDI store to be used is hosted on an LDAP server, and the message broker is only used for the JMS broker, the specified URL parameters, which are used for the JNDI connection, can be overridden by parameters specified in the Connection Factory when creating a JMS connection.

URL Property

Property Source (in descending priority)

Example

Initial Context

env.put(

InitialContext.PROVIDER_URL, “smf://user:pwd@192.168.1.1:55555”);

System

-Djava.naming.provider.url=smf://192.168.1.1

JNDI Properties File

java.naming.provider.url=smf://192.168.1.1,smf://192.168.2.1

Host=smf://192.168.1.1,smf://192.168.2.1

Note: This example shows a prioritized list of message brokers.

Username

This property specifies the username to connect to the message broker with. By default, this username property applies to both the JNDI connection and JMS data connections, but it can be overridden when creating a JMS connection.

  • Type: String
  • Format: The maximum length is 32 characters.
  • Default: None

Username Property

Property Source (in descending priority)

Example

System

-Djava.naming.security.principal=user1

Initial Context

env.put(Context.SECURITY_PRINCIPAL, user1);

JNDI Properties File

java.naming.security.principal=user1

URL

smf://user1:pwd@192.168.1.1:55555

Note:  With host lists there is the capability to specify a username or password with every URL. In this case, the chosen username and password are the first ones found in the URL list.

VPN

This property specifies the Message VPN to use when connecting to the message broker. This property applies to both the JNDI and data connections. The default value is “” which means connect to the default Message VPN.

  • Type: String
  • Format: The maximum length is 32 bytes when encoded in UTF-8.
  • Default: “”

Message VPN Property

Property Source (in descending priority)

Example

System

-DSolace_JMS_VPN=myVPN

Initial Context

env.put(SupportedProperty.SOLACE_JMS_VPN, “myVPN”);

JNDI Properties File

Solace_JMS_VPN=myVPN

Username

env.put(Context.SECURITY_PRINCIPAL, user1@myVPN);

Note:  

  • Applies to both the JNDI and Data connections.
  • The Message VPN can be set as part of the username. This is useful in application servers that only understand the standard properties.