Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL message relay support between spring <> broker #35

Open
kibibyte opened this issue Apr 14, 2014 · 5 comments
Open

SSL message relay support between spring <> broker #35

kibibyte opened this issue Apr 14, 2014 · 5 comments

Comments

@kibibyte
Copy link

Hi Rossen

1.) First of all thanks for great websocket support for spring.
2.) Is it possible to use SSL between spring app and broker ? I mean im able to use https between webclient and spring, but message relay from spring to broker goes with plain text..

SSL support for message relay would be great . Can you give me some advices how to implement it ?
@rstoyanchev
Copy link
Owner

hi, sorry I missed this question. The StompBrokerRelayMessageHandler can be configrued with a TcpClient and the ReactorTcpClient allows setting SSL options. I haven't tried it but it should work.

@mason105
Copy link

Hi,
i have the same problem,but i don't quit sure waht u mean "configrued with a TcpClient and the ReactorTcpClient",can you give a more detial,i like to try

@rstoyanchev
Copy link
Owner

You'll need to fill in all the arguments to the TcpClient constructor but roughly it means what's shown below (note that the config is in advanced mode, i.e. @EnableWebSocketMessageBroker is removed and we're extending directly from WebSocketMessageBrokerConfigurationSupport):

@Configuration
public class WebSocketConfig extends WebSocketMessageBrokerConfigurationSupport {

    @Override
    public AbstractBrokerMessageHandler stompBrokerRelayMessageHandler() {

        Reactor11StompCodec codec = new Reactor11StompCodec(new StompEncoder(), new StompDecoder());
        TcpClient<Message<byte[]>, Message<byte[]>> tcpClient = new NettyTcpClient<>(...);

        StompBrokerRelayMessageHandler handler = (StompBrokerRelayMessageHandler) super.stompBrokerRelayMessageHandler();
        handler.setTcpClient(new Reactor11TcpClient<byte[]>(tcpClient));
        return handler;
    }
}

@krm1312
Copy link

krm1312 commented May 19, 2016

Any chance this could be made a bit easier in the future? Took 15 minutes to enable TLS for our AMQP connection factory. Stomp is taking much longer and I have a feeling future compatibility of the overrides being put in will be questionable.

This and the stack overflow answer at http://stackoverflow.com/questions/34334629/spring-boot-ssl-tcpclient-stompbrokerrelaymessagehandler-activemq-undertow are no longer current, though, I suspect the approach is still valid.

@krm1312
Copy link

krm1312 commented May 20, 2016

Ended up doing something ugly, but, the approach in this ticket didn't work well for me on 4.2.6. The constructor in Reactor2TcpClient that takes a TcpClientFactory does not set eventLoopGroup or environment.

I ended up "unfinalizing" Reactor2TcpClient.REACTOR_TCP_CLIENT_TYPE and changing it to a custom sub-class of NettyTcpClient and overrode getSslOptions() and addSecureHandler().

Fragile, but, works. Maybe add a setter for it?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rstoyanchev @krm1312 @mason105 @kibibyte