JMS Connection

Copyright © Cloud Software Group, Inc. All Rights Reserved

JMS Connection

Shared Configuration

The JMS Connection resource describes a JMS connection. This resource is used to specify activities on the JMS palette.

Configuration

The Configuration tab has the following fields.

Field

Global Var?

Description

Name

No

This name appears as the label for the resource.

Description

No

Short description of the shared resource.

User Name

Yes

User name to use when logging into the JMS server.

If the JMS provider does not require access control, this field can be empty.

Not all JMS servers require user names and passwords. Refer to your JMS provider documentation and consult your system administrator to determine if your JMS server requires a user name and password.

Password

Yes

Password to use when logging into the JMS server.

If the JMS provider does not require access control, this field can be empty.

Auto-Generate Client ID

Yes

Checking this field specifies that you want to automatically generate the client ID if no client ID is specified or if the specified ID is already in use. When this field is checked, if a value is specified in the Client ID field, an attempt is made to use the specified value. However, if the specified value is already in use, a new client ID is generated.

When an automatically generated client ID is required, the following format is used for the client ID:

BW-<projectName>-<topic or queue>-<engineName>-<timestamp>

If this field is not checked, then the value specified in the Client ID field is used. If no value is specified in the Client ID field, then no client ID is set. If the value specified in the Client ID field is already in use, an exception is thrown.

Client ID

Yes

Client ID for the connection. Typically JMS providers have a provider-specific format for client IDs. See your JMS provider’s documentation for more information about client IDs. Each connection must use a unique Client ID. If you do not specify a value in this field, TIBCO ActiveMatrix BusinessWorks ensures the uniqueness of the client ID for each connection.

SSL

No

Specifies whether you want to use SSL for the connection to the JMS server. SSL is used when the Use SSL? check box is selected. Click the Configure SSL button to configure the SSL connection parameters.

Note: SSL is supported only when using TIBCO Enterprise Message Service.

See SSL Configuration for more information.

Use JNDI for Connection Factory

Yes

Specifies whether JNDI should be used to look up the ConnectionFactory object. If this field is unchecked, the Provider URL and Use XA Connection Factory fields appear. If this field is checked, JNDI configuration fields appear.

Provider URL

Yes

This field is only available when the Use JNDI for Connection Factory field is unchecked.

This is the URL to use to connect to the JMS server.

Use XA Connection Factory

No

When checked, this field specifies that an XA connection factory is to be used. This is useful if you want activities that use this connection to participate in an XA transaction.

Note: This field appears only when the Use JNDI for Connection Factory field is unchecked.

See TIBCO ActiveMatrix BusinessWorks Process Design for more information about transactions.

Note: If this field is selected, the "Use UFO Connection Factory" field cannot be used.

Use UFO Connection Factory

Yes

Use this check box when using EMS Unshared State Failover factories. Refer to TIBCO Enterprise Message Service User’s Guide for details on Unshared State Failover.

This field appears only when the Use JNDI for Connection Factory field is unchecked.

Note: If this field is selected, the Use XA Connection Factory field cannot be used.

When using Unshared Failover setup, if a connection loss is detected to server (A), TIBCO ActiveMatrix BusinessWorks will try to connect to server (B) as defined in the connection factory configuration. For more information on Unshared Failover, refer to TIBCO Enterprise Message Service User’s Guide.

After enabling this check box you can pass the provider URL in the form of UFO. For example: "tcp://serverA:7222+tcp://serverB:7222" where serverA and serverB are two EMS servers configured for the Unshared State Failover.

Unsupported Features and Activities

•

JMS Palette

−

JMS Queue Requestor

−

JMS Topic Requestor

−

Any other Requestor activity

•

SOAP Palette

−

All activities

•

Service Palette

−

All activities

•

AE Adaptor

−

All activities

Looking up factories using JNDI is not supported because:

•

UFO factories cannot be retrieved through JNDI directly.

Use Shared JNDI Configuration

No

When this field is checked, the JNDI Configuration field appears that allows you to choose a JNDI Configuration shared configuration resource.

When this field is unchecked, the JNDI Context Factory, JNDI Context URL, JNDI User Name, and JNDI Password fields appear.

JNDI Configuration

No

This field only appears when the Use Shared JNDI Configuration field is checked.

This field allows you to choose a JNDI Configuration shared configuration object that specifies the JNDI connection information. See JNDI Configuration for more information.

JNDI Context Factory

Yes

This field appears only when the Use Shared JNDI Configuration field is unchecked. It is the initial context factory class for accessing JNDI. (javax.naming.Context.INITIAL_CONTEXT_
FACTORY). You can choose from the drop-down list of supported classes, or you can type in a different InitialContextFactory class name.

When using IBM WebSphere, you should use the JNDI Configuration resource instead of specifying the JNDI configuration on this resource. See IBM WebSphere and JNDI Context Caching for more information.

Note: TIBCO ActiveMatrix BusinessWorks attempts to find the class. However, you may need to add the Java file supplied by your JNDI service provider to the CLASSPATH environment variable to use JNDI.

JNDI Context URL

Yes

This field only appears when the Use Shared JNDI Configuration field is unchecked. This is the URL to the JNDI service provider (javax.naming.Context.PROVIDER_URL). An example URL is provided when one of the supported JNDI context factory classes is selected.

See your JNDI provider documentation for the syntax of the URL.

JNDI User Name

Yes

This field only appears when the Use Shared JNDI Configuration field is unchecked. User name to use when logging into the JNDI server (javax.naming.Context.SECURITY_
PRINCIPAL). If the JNDI provider does not require access control, this field can be empty.

JNDI Password

Yes

This field only appears when the Use Shared JNDI Configuration field is unchecked. Password to use when logging into the JNDI server (javax.naming.Context.SECURITY_
CREDENTIALS). If the JNDI provider does not require access control, this field can be empty.

Connection Factory SSL Password

Yes

This field is only available when the SSL and the Use JNDI for Connection Factory fields are checked and the Use Shared JNDI Configuration field is unchecked.

The SSL configuration is specified in the ConnectionFactory object, except for the client SSL password.

You can specify your client SSL password in this field, or you can leave this field empty. If your password is not specified, the private key password is used.

Test Connection Button

Allows you to test the connection specified in the configuration of this resource. This button is only enabled if JNDI is not used (that is, the Use JNDI for Connection Factory field is unchecked) or if the required JNDI fields on the Configuration and Advanced tab are supplied when JNDI is used.

Advanced

The Advanced tab has the following fields.

Field

Global Var?

Description

Topic Connection Factory

Yes

This field is only available when the Use JNDI for Connection Factory field on the Configuration tab is checked.

The TopicConnectionFactory object stored in JNDI. This object is used to create a topic connection with a JMS application.

See your JNDI provider documentation for more information about creating and storing TopicConnectionFactory objects.

Queue Connection Factory

Yes

This field is only available when the Use JNDI for Connection Factory field on the Configuration tab is checked.

The QueueConnectionFactory object stored in JNDI. This object is used to create a queue connection with a JMS application.

See your JNDI provider documentation for more information about creating and storing QueueConnectionFactory objects.

JNDI Properties

No

Any additional properties to supply for the connection. You specify a name, datatype, and value for each property.

These properties are typically vendor-specific. See your JNDI provider documentation for more information about the available properties.

SSL Configuration

The SSL Configuration button allows you to configure the SSL connection parameters. The SSL Configuration dialog specifies the basic and advanced SSL parameters you can set for the JMS server you are connecting to.

When using JNDI to lookup the JMS Connection factory, the parameters ssl_identity and ssl_verify_host must be specified in the factories.conf file of the Enterprise Message Service server.

The following sections describe the SSL Configuration dialog.

Basic

The Basic tab of the SSL Configuration dialog allows you to specify the simplest required SSL configuration parameters for the connection.

Field

Description

Trusted Certificates Folder

Location of the trusted certificates on this machine. The trusted certificates are a collection of certificates from servers to whom you will establish connections. If the server you want to establish a connection presents a certificate that does not match one of your trusted certificates, the connection is refused.

This prevents connections to unauthorized servers.

Trusted certificates must be imported into a folder, and then you can select the folder in this field.

Identity

The location of the client certificate. This is a resource contained in the General palette.

Specify the client certificate and Identity field when the JMS server requires client authentication.

See TIBCO Designer Palette Reference for more information.

Advanced

The Advanced tab of the SSL Configuration dialog allows you to specify more advanced SSL configuration parameters for the connection.

Field

Description

Trace

Specifies whether SSL tracing should be enabled during the connection. If checked, the SSL connection messages are logged and sent to the console.

Debug Trace

Specifies whether SSL debug tracing should be enabled during the connection. Debug tracing provides more detailed messages than standard tracing.

Verify Host Name

Specifies whether you want to verify that the host you are connecting to is the expected host. The host name in the host’s digital certificate is compared against the value you supply in the Expected Host Name field. If the host name does not match the expected host name, the connection is refused.

Note: The default context factories for TIBCO Enterprise Message Service automatically determine if host name verification is necessary. If you are using a custom implementation of the context factories, your custom implementation must explicitly set the verify host property to the correct value. For example:

com.tibco.tibjms.TibjmsSSL.setVerifyHost(false)

Expected Host Name

Specifies the name of the host you are expecting to connect to. This field is only relevant if the Verify Host Name field is also checked.

If the name of the host in the host’s digital certificate does not match the value specified in this field, the connection is refused.

This prevents hosts from attempting to impersonate the host you are expecting to connect to.

Strong Cipher Suites Only

When checked, this field specifies that the minimum strength of the cipher suites used can be specified with the bw.plugin.security.strongcipher.minstrength custom engine property. See TIBCO ActiveMatrix BusinessWorks Administration for more information about this property. The default value of the property disables cipher suites with an effective key length below 128 bits.

When this field is unchecked, only cipher suites with an effective key length of up to 128 bits can be used.

Field	Global Var?	Description
Topic Connection Factory	Yes	This field is only available when the Use JNDI for Connection Factory field on the Configuration tab is checked. The TopicConnectionFactory object stored in JNDI. This object is used to create a topic connection with a JMS application. See your JNDI provider documentation for more information about creating and storing TopicConnectionFactory objects.
Queue Connection Factory	Yes	This field is only available when the Use JNDI for Connection Factory field on the Configuration tab is checked. The QueueConnectionFactory object stored in JNDI. This object is used to create a queue connection with a JMS application. See your JNDI provider documentation for more information about creating and storing QueueConnectionFactory objects.
JNDI Properties	No	Any additional properties to supply for the connection. You specify a name, datatype, and value for each property. These properties are typically vendor-specific. See your JNDI provider documentation for more information about the available properties.

Field	Description
Trusted Certificates Folder	Location of the trusted certificates on this machine. The trusted certificates are a collection of certificates from servers to whom you will establish connections. If the server you want to establish a connection presents a certificate that does not match one of your trusted certificates, the connection is refused. This prevents connections to unauthorized servers. Trusted certificates must be imported into a folder, and then you can select the folder in this field.
Identity	The location of the client certificate. This is a resource contained in the General palette. Specify the client certificate and Identity field when the JMS server requires client authentication. See TIBCO Designer Palette Reference for more information.

Field	Description
Trace	Specifies whether SSL tracing should be enabled during the connection. If checked, the SSL connection messages are logged and sent to the console.
Debug Trace	Specifies whether SSL debug tracing should be enabled during the connection. Debug tracing provides more detailed messages than standard tracing.
Verify Host Name	Specifies whether you want to verify that the host you are connecting to is the expected host. The host name in the host’s digital certificate is compared against the value you supply in the Expected Host Name field. If the host name does not match the expected host name, the connection is refused. Note: The default context factories for TIBCO Enterprise Message Service automatically determine if host name verification is necessary. If you are using a custom implementation of the context factories, your custom implementation must explicitly set the verify host property to the correct value. For example: com.tibco.tibjms.TibjmsSSL.setVerifyHost(false)
Expected Host Name	Specifies the name of the host you are expecting to connect to. This field is only relevant if the Verify Host Name field is also checked. If the name of the host in the host’s digital certificate does not match the value specified in this field, the connection is refused. This prevents hosts from attempting to impersonate the host you are expecting to connect to.
Strong Cipher Suites Only	When checked, this field specifies that the minimum strength of the cipher suites used can be specified with the bw.plugin.security.strongcipher.minstrength custom engine property. See TIBCO ActiveMatrix BusinessWorks Administration for more information about this property. The default value of the property disables cipher suites with an effective key length below 128 bits. When this field is unchecked, only cipher suites with an effective key length of up to 128 bits can be used.