SSL in HermesJMS - queue

I am trying to connect to a messaging provider over secure connection using a trust store but am unable to do so.
I can connect unsecurely and post messages without an issue, but the moment i am connecting over secure protocol it is not working.
I received an error retrieving JNDI
javax.jms.JMSException: Could not create InitialContext: JNDI setup failed on RNAME=nsps://server1.domain.internal:9001
at hermes.JNDIContextFactory.createContext(JNDIContextFactory.java:282)
at hermes.ext.HermesAdminSupport.discoverDestinationConfigs(HermesAdminSupport.java:441)
at hermes.impl.HermesAdminAdapter.discoverDestinationConfigs(HermesAdminAdapter.java:82)
at hermes.impl.DefaultHermesImpl.discoverDestinationConfigs(DefaultHermesImpl.java:1126)
at hermes.browser.tasks.DiscoverDestinationsTask.invoke(DiscoverDestinationsTask.java:77)
at hermes.browser.tasks.TaskSupport.run(TaskSupport.java:175)
at hermes.browser.tasks.ThreadPool.run(ThreadPool.java:170)
at java.lang.Thread.run(Thread.java:745)
It works via Jmeter using the same trust store and password so that is all valid and correct.
It seems that when initiating Hermes through hermes.bat it is not detecting parameters I have added to the start up and therefore it isn't using the truststore
I have updated the script and the line that starts the program is:
"C:\Program Files (x86)\Java\jdk1.7.0_75\bin\javaw" -XX:NewSize=256m -Xmx1024m -Dhermes.home="%HERMES_HOME%" %HERMES_OPTS% -Dlog4j.configuration="file:%HERMES_HOME%\bin\log4j.props" -Dsun.java2d.noddraw=true -Dhermes="%HERMES_CONFIG%\hermes-config.xml" -Dhermes.libs="%HERMES_LIBS%"\ext hermes.browser.HermesBrowser -Djavax.net.ssl.trustStore="file:%HERMES_LIBS%\alexTruststore.jks" -Djavax.net.ssl.trustStorePassword=manage
I have tried all sorts of combinations with the javax.net.ssl.trustStore(Password) parameters but none of them have worked
Thanks!


It's kind of easy to miss; you need to pass truststore parameters before main class declaration. Essentialy you have invoked HermesBrowser class with two arguments passed to its main method.
What you wanted is invoke javaw.exe with proper jks arguments.
For example this should work:
"C:\Program Files (x86)\Java\jdk1.7.0_75\bin\javaw" ^
-Djavax.net.ssl.trustStore="file:%HERMES_LIBS%\alexTruststore.jks" ^
-Djavax.net.ssl.trustStorePassword=manage ^
-XX:NewSize=256m ^
-Xmx1024m ^
-Dhermes.home="%HERMES_HOME%" ^
%HERMES_OPTS% ^
-Dlog4j.configuration="file:%HERMES_HOME%\bin\log4j.props" ^
-Dsun.java2d.noddraw=true ^
-Dhermes="%HERMES_CONFIG%\hermes-config.xml" ^
-Dhermes.libs="%HERMES_LIBS%"\ext ^
hermes.browser.HermesBrowser

Related

wsadmin script timing out when executing against DMGR via SOAP

I'm attempting to start and stop an application on a single JVM via the wsadmin console since the Web UI for IBM BPM PS Adv. doesn't allow for that kind of operation. So, I have the following script:
https://gist.github.com/predatorian3/b8661c949617727630152cbe04f78d7e
and when I run it against the DMGR from the Cell Host, I receive the following errors.
[wasadmin#server01 ~]$ cat /usr/local/bin/Run_wsadmin.sh
#!/bin/bash
#
#
#
/opt/IBM/WebSphere/AppServer/bin/wsadmin.sh -lang jython -user serviceAccount -password password $*
[wasadmin#cessoapscrt00 ~]$ time Run_wsadmin.sh -f /opt/IBM/wsadmin/wsadmin_Restart_Application.py WPS00 CRT00WPS01 redirectResource_war
WASX7209I: Connected to process "dmgr" on node CRTDMGR using SOAP connector; The type of process is: DeploymentManager
WASX7303I: The following options are passed to the scripting environment and are available as arguments that are stored in the argv variable: "[WPS00, CRT00WPS01, redirectResource_war]"
WASX7017E: Exception received while running file "/opt/IBM/wsadmin/wsadmin_Restart_Application.py"; exception information: com.ibm.websphere.management.exception.ConnectorException
org.apache.soap.SOAPException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Read timed out; targetException=java.net.SocketTimeoutException: Read timed out]
real 3m21.275s
user 0m17.411s
sys 0m0.796s
So, I'm not specifying the connection types, and using the default, which is SOAP. However, upon reading about the other Connection Types, none of them seem any better, but I attribute that to IBM Documentation vagueness. Is there an option to increase the timeout wait periods, or turn it off, or is there a better connection type?
Also running this directly on the wsadmin console, it seems that it is hanging up on gathering the application manager string.
[wasadmin#server01 ~]$ Run_wsadmin.sh
WASX7209I: Connected to process "dmgr" on node CRTDMGR using SOAP connector; The type of process is: DeploymentManager WASX7031I: For help, enter: "print Help.help()"
wsadmin>appManager = AdminControl.queryNames('cell=CRTCELL,node=WPS00,type=ApplicatoinManager,process=CRT00WPS01,*')
WASX7015E: Exception running command: "appManager = AdminControl.queryNames('cell=CRTCELL,node=WPS00,type=ApplicationManager,process=CRT00WPS01,*')"; exception information:
com.ibm.websphere.management.exception.ConnectorException
org.apache.soap.SOAPException: [SOAPException: faultCode=SOAP-ENV:Client; msg=Read timed out; targetException=java.net.SocketTimeoutException: Read timed out]
wsadmin>

You can increase timeout value in {profile}/properties/soap.client.props
com.ibm.SOAP.requestTimeout=180

If you want to turn off timeout, modify com.ibm.SOAP.requestTimeout=0
Or if you want longer timeout you can modify the value 180 to something else.
Also about your query command, I noticed that you have a typo on the MBean type, you had type=ApplicatoinManager, it should be type=ApplicationManager

HERE YOU GO -- I had the same issue. I want to override the timeout prop temporarily. This worked like a champ. Make sure you follow below steps exactly.I did some mistakes and the prop did not passed, I figured out and it works.
Copy the soap.client.props file from /properties and give it a new name such as mysoap.client.props.
Edit mysoap.client.props and update the value of com.ibm.SOAP.requestTimeout as required
Create a new Java properties file soap_override.props and enter the following line:
com.ibm.SOAP.ConfigURL=file:/mysoap.client.props
Pass soap_override.props into wsadmin using the -p option: wsadmin -p soap_override.props...
REFERENCE:
https://www.ibm.com/developerworks/community/blogs/timdp/entry/avoiding_wsadmin_request_timeouts_the_neat_way32?lang=en

How to resolve undef error in ejabberd hook

I have added a customized module named mod_confirm_delivery in ejabberd which has compiled and added successfully but when i am sending a message an error is coming in my ejabberd error log file, That is:
2016-03-15 17:03:38.306 [error] <0.2653.0>#ejabberd_hooks:run_fold1:368 {undef,[{mod_confirm_delivery,send_packet,[{xmlel,<<"iq">>,[{<<"xml:lang">>,<<"en">>},{<<"type">>,<<"get">>},{<<"id">>,<<"aacfa">>}],[{xmlcdata,<<"\n">>},{xmlel,<<"query">>,[{<<"xmlns">>,<<"jabber:iq:roster">>}],[]},{xmlcdata,<<"\n">>}]},{state,{socket_state,gen_tcp,#Port<0.58993>,<0.2652.0>},ejabberd_socket,#Ref<0.0.1.25301>,false,<<"12664578908237388886">>,undefined,c2s,c2s_shaper,false,false,false,false,[verify_none,compression_none],true,{jid,<<"test1">>,<<"localhost">>,<<"D-5">>,<<"test1">>,<<"localhost">>,<<"D-5">>},<<"test1">>,<<"localhost">>,<<"D-5">>,{{1458,41617,630679},<0.2653.0>},{2,{{<<"test2">>,<<"localhost">>,<<>>},{{<<"test1">>,<<"localhost">>,<<>>},nil,nil},nil}},{2,{{<<"test2">>,<<"localhost">>,<<>>},{{<<"test1">>,<<"localhost">>,<<>>},nil,nil},nil}},{0,nil},undefined,undefined,{userlist,none,[],false},c2s,ejabberd_auth_internal,{{127,0,0,1},41928},[],active,[],inactive,undefined,undefined,1000,undefined,300,300,false,0,0,true,<<"en">>},{jid,<<"test1">>,<<"localhost">>,<<"D-5">>,<<"test1">>,<<"localhost">>,<<"D-5">>},{jid,<<"test1">>,<<"localhost">>,<<>>,<<"test1">>,<<"localhost">>,<<>>}],[]},{ejabberd_hooks,safe_apply,3,[{file,"src/ejabberd_hooks.erl"},{line,382}]},{ejabberd_hooks,run_fold1,4,[{file,"src/ejabberd_hooks.erl"},{line,365}]},{ejabberd_c2s,session_established2,2,[{file,"src/ejabberd_c2s.erl"},{line,1268}]},{p1_fsm,handle_msg,10,[{file,"src/p1_fsm.erl"},{line,582}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,240}]}]}
I have ejabberd 16.02.26 and my module code is:
mod_confirm_delivery.erl
This module is working fine with ejabberd 2.1.13 but i want to upgraded my ejabberd. I can't understand what is the problem and how can I resolve this error.

undef error means the function or module is not found. The most likely error is that the mod_confirm_delivery.beam file is not in Erlang VM path.
You should try moving the compiled beam file with other ejabberd beam files or try setting the path used to launch Erlang to the directory where your mod_confirm_delivery.beam file is located. This is the -pa option of the Erlang VM.
If your code if in right place, other option is that the function is undefined. The hook tries to call mod_confirm_delivery:send_packet/4. Your code is wrong as it indeed does not defined send_packet/4 but only send_packet/3. You need to update your code to match new signature for user_send_packet hook:
user_send_packet(Packet, C2SState, From, To) -> Packet
In case of doubt, you can refer to official hook list in ejabberd documentation: https://docs.ejabberd.im/developer/hooks/

Running Play 2.4.x Locally Yields: java.lang.IllegalArgumentException: port out of range:-1

While trying to start my Play app locally I am getting a
java.lang.IllegalArgumentException: port out of range:-1
exception followed by a
(*:playRun) java.lang.reflect.InvocationTargetException
message. I can see in the trace the invalid port arg being sent (..../Scala/launcher/sbt-launch.jar" xsbt.boot.Boot "~run -1") but cannot find where to update this argument. There has to be somewhere to override default values. And... No matter what is in the application.conf (http.port) or what I pass on the command line -Dhttp.port I still get the same error. Any info would be enormously appreciated.

I had the same exception and I was in touch with the IntelliJ support team, and got the message it was a bug, because of the https protocol in the open browser field. The url parser cannot handle https and thus not extract the port number.
Bug report here: https://youtrack.jetbrains.com/issue/SCL-9971

Exception while creating sp.xml using ssoadmin

I am facing this exception when I trying to create the sp.xml using the ssoadmin :
com.sun.identity.cli.CLIException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
at com.sun.identity.cli.LogWriter.log(LogWriter.java:109)
at com.sun.identity.cli.Authenticator.ldapLogin(Authenticator.java:170)
at com.sun.identity.cli.AuthenticatedCommand.ldapLogin(AuthenticatedCommand.java:144)
at com.sun.identity.federation.cli.CreateMetaDataTemplate.handleRequest(CreateMetaDataTemplate.java:113)
at com.sun.identity.cli.SubCommand.execute(SubCommand.java:291)
at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:212)
at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:134)
at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:573)
at com.sun.identity.cli.CommandManager.(CommandManager.java:171)
at com.sun.identity.cli.CommandManager.main(CommandManager.java:148)
And I also tried adding something like this in the ssoamdin.bat :
-D"com.iplanet.am.naming.map.site.to.server=https://lb.example.com:443/openam=http://server1.example.com:8080/openam"
But the same exception...
How to fix it?
Thanks in advance,

The 'map-to-site' property is only needed if you have a site configured an the host where you run ssoadm is not able to talk to the siteURL.
You may set -Dcom.iplanet.services.debug.level=message -Dcom.iplanet.services.debug.directory=WRITABLE_EXISTING_DIRECTORY' as JVM options within ssoadm.bat.
You may then look into the debug directory you should find a pointer what's wrong.

The above got sorted in my case when i went to the ssoadmin folder openam/bin and found the ssoadm.bat file and opened it in the edit mode and added the following two lines in the java comaand :
-D"javax.net.ssl.trustStore=F:\tomcatsslkeystore" (tomcat keystore path)
-D"javax.net.ssl.trustStorePassword=tomcatsslkeystore" (tomcat keystore password)

FATAL org.apache.hadoop.conf.Configuration - error parsing conf file: org.xml.sax.SAXParseException

I'm trying to run pig locally, installed using homebrew, to test a script. However, I get the following error when I attempt to run a simple dump from the interactive prompt pig -x local:
2012-07-16 23:20:40,447 [Thread-7] INFO org.apache.pig.backend.hadoop.executionengine.util.MapRedUtil - Total input paths (combined) to process : 1
[Fatal Error] :63:85: Character reference "&#2" is an invalid XML character.
2012-07-16 23:20:40,688 [Thread-7] FATAL org.apache.hadoop.conf.Configuration - error parsing conf file: org.xml.sax.SAXParseException: Character reference "&#2" is an invalid XML character.
The same load/dump works fine on Elastic MapReduce.
I can't find any XML config files, and I've tried with both version 0.9.2 and 0.10.0
What am I missing?
Edit: Just checked a direct download (vs. homebrew) and it doesn't seem to work either

You should check that your Hadoop configuration files have correct configuration data.
Have a look in your hadoop/conf directory.
Have a look inside:
hdfs-site.xml
mapred-site.xml
core-site.xml

Finally worked out what the problem was. I ended up having to use dtruss -p on the pig/java process. This revealed a temporary directory and dynamically generated xml files. Once the temporary directory was discovered, it all fell quickly into place.
It was picking up the proxy excludes from my network connections, which had, as far as I can tell, &#2 (http://www.fileformat.info/info/unicode/char/02/index.htm) embedded in it. How this invalid value came to be in my network preferences in the first place, I haven't the faintest clue.
The value was then being pulled into dynamically generated files, for example /tmp/hadoop-vertis/mapred/staging/vertis-1005847898/.staging/job_local_0001/job.xml.
The offending lines:
<property><name>ftp.nonProxyHosts</name><value>localhost|*.localhost|127.0.0.1|h|*.h</value></property>
<property><name>socksNonProxyHosts</name><value>localhost|*.localhost|127.0.0.1|h|*.h</value></property>
<property><name>http.nonProxyHosts</name><value>localhost|*.localhost|127.0.0.1|h|*.h</value></property>