2
votes

I have configured JBoss EAP 7.0 which is behind NAT gateway. My JMS client can successfully connect to JMS queues from same server or another server from the same network, but when the same JMS client is moved out of that network and tries to connect to JMS through NAT gateway it can't connect to the queue. The same behavior is encountered in both development environment and AWS EC2 in VPC. Development environment has a NAT gateway and I presume VPC also uses same or similar thing.

I started with the code found in How to configure JMS in JBoss EAP 7?. This works well connecting from same server or from same network, but not via NAT gateway.

Later the code was modified based on https://developer.jboss.org/message/933327#933327. But still no luck with JMS client ending up with

14:13:58.205 [Remoting "config-based-naming-client-endpoint" task-2] DEBUG org.jboss.remoting.remote.client - Client authentication failed for mechanism JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Failed to read server challenge [Caused by java.io.FileNotFoundException: \home\xxxx\jboss-eap-7.0\standalone\tmp\auth\local4810015721206975876.challenge (The system cannot find the path specified)]

and

ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ119007: Cannot connect to server(s). Tried with all available servers.]

Please find the server configuration, JMS client code, and client console log. What might be the issue here? Server is started with below startup parameters

./standalone.sh -c standalone-full.xml -b 192.168.1.154**

standalone-full.xml

<subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0">
    <server name="default">
        <security-setting name="#">
            <role name="guest" delete-non-durable-queue="true" create-non-durable-queue="true" consume="true" send="true"/>
        </security-setting>
        <address-setting name="#" message-counter-history-day-limit="10" page-size-bytes="2097152" max-size-bytes="10485760" expiry-address="jms.queue.ExpiryQueue" dead-letter-address="jms.queue.DLQ"/>
        <http-connector name="http-connector" endpoint="http-acceptor" socket-binding="http"/>
        <http-connector name="http-connector-throughput" endpoint="http-acceptor-throughput" socket-binding="http">
            <param name="batch-delay" value="50"/>
        </http-connector>
        <in-vm-connector name="in-vm" server-id="0"/>
        <http-acceptor name="http-acceptor" http-listener="default"/>
        <http-acceptor name="http-acceptor-throughput" http-listener="default">
            <param name="batch-delay" value="50"/>
            <param name="direct-deliver" value="false"/>
        </http-acceptor>
        <in-vm-acceptor name="in-vm" server-id="0"/>
        <jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>
        <jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>
        <jms-queue name="fromNGSQueue" entries="java:/jboss/exported/jms/queue/fromNGS"/>
        <jms-queue name="toNGSQueue" entries="java:/jboss/exported/jms/queue/toNGS"/>
        <connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
        <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector"/>
        <pooled-connection-factory name="activemq-ra" transaction="xa" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm"/>
    </server>
</subsystem>

JMS client code

private static final String DEFAULT_CONNECTION_FACTORY = "jms/RemoteConnectionFactory";
private static final String DEFAULT_DESTINATION = "jms/queue/toNGS";
private static final String DEFAULT_USERNAME = "user01";
private static final String DEFAULT_PASSWORD = "password01";
private static final String INITIAL_CONTEXT_FACTORY = "org.jboss.naming.remote.client.InitialContextFactory";
private static final String PROVIDER_URL = "http-remoting://<pubic ip>:<public port>";

public static void main(String[] args) throws JMSException, NamingException {
    Context namingContext = null;
    // Set up the namingContext for the JNDI lookup
    final Properties env = new Properties();
    env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
    env.put(Context.PROVIDER_URL, PROVIDER_URL);
    env.put(Context.SECURITY_PRINCIPAL, DEFAULT_USERNAME);
    env.put(Context.SECURITY_CREDENTIALS, DEFAULT_PASSWORD);

    namingContext = new InitialContext(env);
    Map<String, Object> connectionParams = new HashMap<String, Object>();
    connectionParams.put(TransportConstants.HOST_PROP_NAME, "192.168.1.154");// <-- PUT THE NATTED IP HERE!
    connectionParams.put(TransportConstants.PORT_PROP_NAME, "8080");
    connectionParams.put(TransportConstants.HTTP_UPGRADE_ENABLED_PROP_NAME, "true");
    connectionParams.put(TransportConstants.HTTP_UPGRADE_ENDPOINT_PROP_NAME, "http-acceptor");

    TransportConfiguration transportConfiguration = new TransportConfiguration(
            "org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory", connectionParams);

    ConnectionFactory connectionFactory = ActiveMQJMSClient
            .createConnectionFactoryWithoutHA(JMSFactoryType.QUEUE_CF, transportConfiguration);

    Destination destination = (Destination) namingContext.lookup(DEFAULT_DESTINATION);
    JMSContext context = connectionFactory.createContext();
    JMSConsumer consumer = context.createConsumer(destination);
    for (int i = 0; i < 2; i++) {
        TextMessage text = (TextMessage) consumer.receive();
        System.out.println(text.getText());

    }

}

JMS client console log

12:27:55.678 [main] DEBUG org.jboss.logging - Logging Provider: org.jboss.logging.Slf4jLoggerProvider
12:27:55.724 [main] DEBUG org.jboss.naming.remote.client.InitialContextFactory - Looking for jboss-naming-client.properties using classloader sun.misc.Launcher$AppClassLoader@14dad5dc
12:27:55.726 [main] DEBUG org.jboss.naming.remote.client.InitialContextFactory - jboss.naming.client.endpoint.create.options. has the following options {}
12:27:55.728 [main] DEBUG org.jboss.naming.remote.client.InitialContextFactory - jboss.naming.client.remote.connectionprovider.create.options. has the following options {}
12:27:55.755 [main] INFO org.xnio - XNIO version 3.3.6.Final
12:27:55.773 [main] INFO org.xnio.nio - XNIO NIO Implementation Version 3.3.6.Final
12:27:55.952 [Remoting "config-based-naming-client-endpoint" I/O-1] DEBUG org.xnio.nio - Started channel thread 'Remoting "config-based-naming-client-endpoint" I/O-1', selector sun.nio.ch.WindowsSelectorImpl@7c489b29
12:27:55.952 [Remoting "config-based-naming-client-endpoint" Accept] DEBUG org.xnio.nio - Started channel thread 'Remoting "config-based-naming-client-endpoint" Accept', selector sun.nio.ch.WindowsSelectorImpl@5a04f9ae
12:27:55.982 [main] INFO org.jboss.remoting - JBoss Remoting version 4.0.0.Final
12:27:56.004 [main] DEBUG org.jboss.naming.remote.client.InitialContextFactory - jboss.naming.client.connect.options. has the following options {}
12:27:56.118 [main] DEBUG org.apache.activemq.artemis.logs - using dummy address ffffffbf:ffffff8d:3:ffffffdf:fffffff8:118
12:27:57.212 [Remoting "config-based-naming-client-endpoint" task-2] DEBUG org.jboss.remoting.remote.client - Client authentication failed for mechanism JBOSS-LOCAL-USER: javax.security.sasl.SaslException: Failed to read server challenge [Caused by java.io.FileNotFoundException: \home\janaka\jboss-eap-7.0\standalone\tmp\auth\local5820875048219302259.challenge (The system cannot find the path specified)]
12:27:58.444 [main] DEBUG org.apache.activemq.artemis.core.client - Trying reconnection attempt 0/1
12:27:58.444 [main] DEBUG org.apache.activemq.artemis.core.client - Trying to connect with connector = org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory@402c4085, parameters = {httpUpgradeEnabled=true, port=8080, httpPpgradeEndpoint=http-acceptor, host=192.168.1.154} connector = null
12:27:58.458 [main] DEBUG io.netty.util.internal.logging.InternalLoggerFactory - Using SLF4J as the default logging framework
12:27:58.461 [main] DEBUG io.netty.util.internal.PlatformDependent0 - java.nio.Buffer.address: available
12:27:58.461 [main] DEBUG io.netty.util.internal.PlatformDependent0 - sun.misc.Unsafe.theUnsafe: available
12:27:58.462 [main] DEBUG io.netty.util.internal.PlatformDependent0 - sun.misc.Unsafe.copyMemory: available
12:27:58.462 [main] DEBUG io.netty.util.internal.PlatformDependent0 - java.nio.Bits.unaligned: true
12:27:58.463 [main] DEBUG io.netty.util.internal.PlatformDependent - Platform: Windows
12:27:58.464 [main] DEBUG io.netty.util.internal.PlatformDependent - Java version: 8
12:27:58.464 [main] DEBUG io.netty.util.internal.PlatformDependent - -Dio.netty.noUnsafe: false
12:27:58.464 [main] DEBUG io.netty.util.internal.PlatformDependent - sun.misc.Unsafe: available
12:27:58.464 [main] DEBUG io.netty.util.internal.PlatformDependent - -Dio.netty.noJavassist: false
12:27:58.465 [main] DEBUG io.netty.util.internal.PlatformDependent - Javassist: unavailable
12:27:58.465 [main] DEBUG io.netty.util.internal.PlatformDependent - You don't have Javassist in your class path or you don't have enough permission to load dynamically generated classes.  Please check the configuration for better performance.
12:27:58.465 [main] DEBUG io.netty.util.internal.PlatformDependent - -Dio.netty.tmpdir: C:\Users\user\AppData\Local\Temp (java.io.tmpdir)
12:27:58.466 [main] DEBUG io.netty.util.internal.PlatformDependent - -Dio.netty.bitMode: 64 (sun.arch.data.model)
12:27:58.466 [main] DEBUG io.netty.util.internal.PlatformDependent - -Dio.netty.noPreferDirect: false
12:27:58.468 [main] DEBUG io.netty.util.ResourceLeakDetector - -Dio.netty.leakDetectionLevel: simple
12:27:58.486 [main] DEBUG io.netty.channel.MultithreadEventLoopGroup - -Dio.netty.eventLoopThreads: 8
12:27:58.507 [main] DEBUG io.netty.channel.nio.NioEventLoop - -Dio.netty.noKeySetOptimization: false
12:27:58.507 [main] DEBUG io.netty.channel.nio.NioEventLoop - -Dio.netty.selectorAutoRebuildThreshold: 512
12:27:58.533 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.numHeapArenas: 8
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.numDirectArenas: 8
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.pageSize: 8192
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.maxOrder: 11
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.chunkSize: 16777216
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.tinyCacheSize: 512
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.smallCacheSize: 256
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.normalCacheSize: 64
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.maxCachedBufferCapacity: 32768
12:27:58.534 [main] DEBUG io.netty.buffer.PooledByteBufAllocator - -Dio.netty.allocator.cacheTrimInterval: 8192
12:27:58.549 [main] DEBUG org.apache.activemq.artemis.core.client - Started Netty Connector version 4.0.30.Final
12:27:58.549 [main] DEBUG org.apache.activemq.artemis.core.client - Remote destination: /192.168.1.154:8080
12:27:58.563 [main] DEBUG io.netty.util.internal.ThreadLocalRandom - -Dio.netty.initialSeedUniquifier: 0x438dd4a4617cb338 (took 1 ms)
12:27:58.594 [main] DEBUG io.netty.buffer.ByteBufUtil - -Dio.netty.allocator.type: unpooled
12:27:58.594 [main] DEBUG io.netty.buffer.ByteBufUtil - -Dio.netty.threadLocalDirectBufferSize: 65536
12:28:19.630 [main] DEBUG org.apache.activemq.artemis.core.client - Connector towards NettyConnector [host=192.168.1.154, port=8080, httpEnabled=false, httpUpgradeEnabled=true, useServlet=false, servletPath=/messaging/ActiveMQServlet, sslEnabled=false, useNio=true] failed
12:28:19.672 [Remoting "config-based-naming-client-endpoint" task-9] DEBUG org.jboss.naming.remote.protocol.v1.RemoteNamingStoreV1 - Channel end notification received, closing channel Channel ID d05ad3fd (outbound) of Remoting connection 69856e6c to vishuo.ddns.net/203.116.141.46:1800
Exception in thread "main" javax.jms.JMSRuntimeException: Failed to create session factory
    at org.apache.activemq.artemis.jms.client.JmsExceptionUtils.convertToRuntimeException(JmsExceptionUtils.java:88)
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createContext(ActiveMQConnectionFactory.java:262)
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createContext(ActiveMQConnectionFactory.java:248)
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createContext(ActiveMQConnectionFactory.java:238)
    at com.vishuo.icmdb.ngs.jms.HelloWorldJMSConsumer2.main(HelloWorldJMSConsumer2.java:68)
Caused by: javax.jms.JMSException: Failed to create session factory
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:727)
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createContext(ActiveMQConnectionFactory.java:255)
    ... 3 more
Caused by: ActiveMQNotConnectedException[errorType=NOT_CONNECTED message=AMQ119007: Cannot connect to server(s). Tried with all available servers.]
    at org.apache.activemq.artemis.core.client.impl.ServerLocatorImpl.createSessionFactory(ServerLocatorImpl.java:775)
    at org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory.createConnectionInternal(ActiveMQConnectionFactory.java:724)
    ... 4 more
2

2 Answers

2
votes

Introduce outbound socket binding and change the reference:

<socket-binding-group ...>
    ...
    <outbound-socket-binding name="http-external-jms">
        <remote-destination host="${env.EXTERNAL_HOST}" port="${env.EXTERNAL_PORT}"/>
    </outbound-socket-binding>
    <outbound-socket-binding name="https-external-jms">
        <remote-destination host="${env.EXTERNAL_HOST}" port="${env.EXTERNAL_PORT_SSL}"/>
    </outbound-socket-binding>
</socket-binding-group>

<http-connector name="http-connector" endpoint="http-acceptor" socket-binding="http-external-jms"/>
<http-connector name="https-connector" endpoint="https-acceptor" socket-binding="https-external-jms">
    <param name="ssl-enabled" value="true"/>
</http-connector>
0
votes

Setup the outbound-socket-binding to external IP.
Add following lines under the "socket-binding-group" tag:

<outbound-socket-binding name="jms-http">
    <remote-destination host="220.110.33.69" port="8080"/>
</outbound-socket-binding>

And assign http-connector socket-binding to "jms-http" under the "subsystem xmlns=urn:jboss:domain:messaging-activemq:1.0" tag:

<http-connector name="http-connector" endpoint="http-acceptor" socket-binding="jms-http"/>