TIBCO Enterprise Message Service™

User’s Guide
Software Release 6.0
July 2010
Important Information
SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE. USE OF SUCH EMBEDDED
OR BUNDLED TIBCO SOFTWARE IS SOLELY TO ENABLE THE FUNCTIONALITY (OR PROVIDE LIMITED
ADD-ON FUNCTIONALITY) OF THE LICENSED TIBCO SOFTWARE. THE EMBEDDED OR BUNDLED
SOFTWARE IS NOT LICENSED TO BE USED OR ACCESSED BY ANY OTHER TIBCO SOFTWARE OR FOR
ANY OTHER PURPOSE.
USE OF TIBCO SOFTWARE AND THIS DOCUMENT IS SUBJECT TO THE TERMS AND CONDITIONS OF A
LICENSE AGREEMENT FOUND IN EITHER A SEPARATELY EXECUTED SOFTWARE LICENSE
AGREEMENT, OR, IF THERE IS NO SUCH SEPARATE AGREEMENT, THE CLICKWRAP END USER
LICENSE AGREEMENT WHICH IS DISPLAYED DURING DOWNLOAD OR INSTALLATION OF THE
SOFTWARE (AND WHICH IS DUPLICATED IN LICENSE.PDF) OR IF THERE IS NO SUCH SOFTWARE
LICENSE AGREEMENT OR CLICKWRAP END USER LICENSE AGREEMENT, THE LICENSE(S) LOCATED
IN THE “LICENSE” FILE(S) OF THE SOFTWARE. USE OF THIS DOCUMENT IS SUBJECT TO THOSE TERMS
AND CONDITIONS, AND YOUR USE HEREOF SHALL CONSTITUTE ACCEPTANCE OF AND AN
AGREEMENT TO BE BOUND BY THE SAME.
This document contains confidential information that is subject to U.S. and international copyright laws and
treaties. No part of this document may be reproduced in any form without the written authorization of TIBCO
Software Inc.
TIB, TIBCO, TIBCO Adapter, Predictive Business, Information Bus, The Power of Now, TIBCO ActiveEnterprise,
TIBCO Hawk, TIBCO Rendezvous, TIBCO Enterprise, TIBCO Enterprise Message Service, TIBCO SmartSockets
and the TIBCO logo are either registered trademarks or trademarks of TIBCO Software Inc. in the United States
and/or other countries.
EJB, JAVA EE, J2EE, and all Java-based trademarks and logos are trademarks or registered trademarks of Sun
Microsystems, Inc. in the U.S. and other countries.
All other product and company names and marks mentioned in this document are the property of their
respective owners and are mentioned for identification purposes only.
THIS SOFTWARE MAY BE AVAILABLE ON MULTIPLE OPERATING SYSTEMS. HOWEVER, NOT ALL
OPERATING SYSTEM PLATFORMS FOR A SPECIFIC SOFTWARE VERSION ARE RELEASED AT THE SAME
TIME. SEE THE README.TXT FILE FOR THE AVAILABILITY OF THIS SOFTWARE VERSION ON A
SPECIFIC OPERATING SYSTEM PLATFORM.
THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR
IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
THIS DOCUMENT COULD INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS.
CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN; THESE CHANGES WILL BE
INCORPORATED IN NEW EDITIONS OF THIS DOCUMENT. TIBCO SOFTWARE INC. MAY MAKE
IMPROVEMENTS AND/OR CHANGES IN THE PRODUCT(S) AND/OR THE PROGRAM(S) DESCRIBED IN
THIS DOCUMENT AT ANY TIME.
THE CONTENTS OF THIS DOCUMENT MAY BE MODIFIED AND/OR QUALIFIED, DIRECTLY OR
INDIRECTLY, BY OTHER DOCUMENTATION WHICH ACCOMPANIES THIS SOFTWARE, INCLUDING
BUT NOT LIMITED TO ANY RELEASE NOTES AND "READ ME" FILES.
Copyright © 1997-2010 TIBCO Software Inc. ALL RIGHTS RESERVED.
TIBCO Software Inc. Confidential Information
 | iii

Contents

Figures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxv
Changes from the Previous Release of this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi
Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii
TIBCO Enterprise Message Service Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii
Other TIBCO Product Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvii
Third Party Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxviii
Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix
How to Contact TIBCO Customer Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxii

Chapter 1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
JMS Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
JMS Message Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Point-to-Point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Publish and Subscribe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
EMS Destination Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Client APIs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Sample Code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
TIBCO Rendezvous Java Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Administering the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
User and Group Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Using TIBCO Hawk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Fault Tolerance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Integrating With Third-Party Products . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Transaction Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

TIBCO Enterprise Message Service User’s Guide

iv
| Contents

Chapter 2 Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
EMS Extensions to JMS Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
JMS Message Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
JMS Message Header Fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
EMS Message Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
JMS Message Bodies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Maximum Message Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Message Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Message Delivery Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
PERSISTENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
NON_PERSISTENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
RELIABLE_DELIVERY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
How EMS Manages Persistent Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Persistent Messages Sent to Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Persistent Messages Published to Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Persistent Messages and Synchronous File Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Store Messages in Multiple Stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Store Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Default Store Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Configuring Multiple Stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Understanding mstore Intervals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Character Encoding in Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Supported Character Encodings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Sending Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Message Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
About Message Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Setting Message Compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Message Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
NO_ACKNOWLEDGE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
EXPLICIT_CLIENT_ACKNOWLEDGE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
EXPLICIT_CLIENT_DUPS_OK_ACKNOWLEDGE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Message Selectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Data Type Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Synchronous and Asynchronous Message Consumption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Chapter 3 Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Destination Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Destination Names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Static Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Dynamic Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

TIBCO Enterprise Message Service User’s Guide

 Contents v
|
Temporary Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Destination Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Destination Name Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Destination Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
exclusive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
expiration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
flowControl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
maxbytes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
maxmsgs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
maxRedelivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
overflowPolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
prefetch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
redeliverydelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
secure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
sender_name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
sender_name_enforced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
store . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Creating and Modifying Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Creating Secure Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Wildcards * and > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Overlapping Wildcards and Disjoint Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Wildcards in Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Wildcards in Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Wildcards and Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Wildcards and Dynamically Created Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Inheritance of Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Inheritance of Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Destination Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Creating a Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Access Control and Bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Flow Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Enabling Flow Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Enforcing Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Multicast and Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

TIBCO Enterprise Message Service User’s Guide

vi
| Contents
Routes and Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Destination Bridges and Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Flow Control, Threads and Deadlock. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Chapter 4 Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

About the Sample Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Compiling the Sample Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
Creating Users with the EMS Administration Tool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Start the EMS Server and EMS Administration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Create Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Point-to-Point Messaging Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Create a Queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Start the Sender and Receiver Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Publish and Subscribe Messaging Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Create a Topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Start the Subscriber Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Start the Publisher Client and Send Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Create a Secure Topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Create a Durable Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Multicast Messaging Example. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Stop the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Enable the EMS Server for Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Create a Multicast Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Start the EMS Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Enable a Topic for Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Start the Multicast Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Start the Subscriber Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Start the Publisher Client and Send Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Chapter 5 Running the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Starting and Stopping the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Starting the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Stopping the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
Running the EMS Server as a Windows Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
emsntsrg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Error Recovery Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Security Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Secure Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Destination Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Authorization Parameter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Admin Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Connection Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

TIBCO Enterprise Message Service User’s Guide

 Contents vii
|
Communication Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Sources of Authentication Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Timestamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Audit Trace Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
How EMS Manages Access to Shared Store Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Chapter 6 Using the EMS Administration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Starting the EMS Administration Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
When You First Start tibemsadmin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Naming Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Name Length Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Command Listing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
add member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
addprop factory. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
addprop queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
addprop route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
addprop topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
autocommit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
compact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
connect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
create bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
create durable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
create factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
create group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
create jndiname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
create queue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
create route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
create rvcmlistener . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
create topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
create user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
delete all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
delete bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
delete connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
delete durable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
delete factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete jndiname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
delete rvcmlistener . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

TIBCO Enterprise Message Service User’s Guide

viii
| Contents
delete topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
delete user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
disconnect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
echo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
grant queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
grant topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
grant admin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
jaci clear. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
jaci resetstats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
jaci showstats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
purge all queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
purge all topics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
purge durable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
purge queue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
purge topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
remove member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
removeprop factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
removeprop queue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
removeprop route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
removeprop topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
resume route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
revoke admin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
revoke queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
revoke topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
rotatelog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
set password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
set server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
setprop factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
setprop queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
setprop route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
setprop topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
show bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
show bridges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
show channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
show channels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
show config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
show consumer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
show consumers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
show connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
show db . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
show durable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
show durables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

TIBCO Enterprise Message Service User’s Guide

 Contents ix
|
show factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
show factories. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
show jndiname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
show jndinames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
show group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
show groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
show members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
show message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
show messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
show parents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
show queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
show queues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
show route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
show routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
show rvcmtransportledger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
show rvcmlisteners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
show server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
show stat. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
show store . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
show stores. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
show topic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
show topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
show transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
show transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
show transports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
show user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
showacl admin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
showacl group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
showacl queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
showacl topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
showacl user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
suspend route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
transaction commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
transaction rollback. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
updatecrl. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
whoami . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

Chapter 7 Using the Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171

Location of Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Mechanics of Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

TIBCO Enterprise Message Service User’s Guide

x
| Contents
tibemsd.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Global System Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Storage File Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Connection and Memory Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Detecting Network Connection Failure Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Fault Tolerance Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Message Tracking Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Multicast Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
TIBCO Rendezvous Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
TIBCO SmartSockets Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Tracing and Log File Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Statistic Gathering Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
SSL Server Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
LDAP Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Extensible Security Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
JVM Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Using Other Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
acl.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
bridges.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
channels.conf. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
durables.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
factories.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
groups.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
jaas.conf. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
queues.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
routes.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
stores.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
tibrvcm.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
topics.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
transports.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
users.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245

Chapter 8 Authentication and Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

EMS Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
Administrator Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Predefined Administrative User and Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Granting and Revoking Administration Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Enforcement of Administrator Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Global Administrator Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Destination-Level Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Protection Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

TIBCO Enterprise Message Service User’s Guide

 Contents xi
|
Enabling Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Server Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Destination Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Configuring an External Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
User Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Example of Setting User Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Inheritance of User Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Revoking User Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
When Permissions Are Checked . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Example of Permission Checking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

Chapter 9 Extensible Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271

Overview of Extensible Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Extensible Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Enabling Extensible Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Writing an Authentication Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Extensible Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
Cached Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
How Permissions are Granted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Implications of Wildcards on Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Enabling Extensible Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Writing a Permissions Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
The JVM in the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Enabling the JVM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

Chapter 10 Using Database Stores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

Database Store Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Configuring Database Stores. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Configuration in tibemsd.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Configuration in stores.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Configuration for the Oracle RAC Database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
EMS Schema Export Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

Chapter 11 Developing an EMS Client Application. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297

JMS Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
JMS 1.1 Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
JMS 1.0.2b Specification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Summary of JMS 1.1 and 1.0.2b Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300

TIBCO Enterprise Message Service User’s Guide

xii
| Contents
Sample Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Programmer Checklists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
Java Programmer’s Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
C Programmer’s Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
C# Programmer’s Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Connection Factories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
Looking up Connection Factories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
Dynamically Creating Connection Factories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
Setting Connection Attempts, Timeout and Delay Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Connecting to the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
Starting, Stopping and Closing a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
Creating a Session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Setting an Exception Listener . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
Dynamically Creating Topics and Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320
Creating a Message Producer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
Configuring a Message Producer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
Creating a Message Consumer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Creating a Message Listener for Asynchronous Message Consumption . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Working with Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Creating Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Setting and Getting Message Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Sending Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
Receiving Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

Chapter 12 Using the EMS Implementation of JNDI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

Creating and Modifying Administered Objects in EMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336
Creating Connection Factories for Secure Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336
Creating Connection Factories for Fault-Tolerant Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
Looking up Administered Objects Stored in EMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
Looking Up Objects Using Full URL Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
Performing Secure Lookups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Performing Fault-Tolerant Lookups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342

Chapter 13 Using Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345

Overview of Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
When to Use Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
Configuring Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Configuring Multicast Dynamically. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Configuring the Multicast Daemon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
Controlling Access to Multicast-Enabled Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

TIBCO Enterprise Message Service User’s Guide

 Contents xiii
|
Running Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Starting the Multicast Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Creating a Multicast Consumer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Monitoring and Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356

Chapter 14 Multicast Deployment and Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357

Deployment Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Restricting Multicast Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Managing Bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Walking Through a Multicast Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Step 1: Design the Multicast Network Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Step 2: Install and Set Up EMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
Step 3: Determine Network and Application Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Troubleshooting EMS Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Troubleshooting Tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Application and Multicast Daemon Errors and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Server Errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376

Chapter 15 Working With TIBCO Rendezvous . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Message Translation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Configuring Transports for Rendezvous. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
Transport Definitions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Topics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
Import Only when Subscribers Exist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
Certified Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Import—Start and Stop. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
Import Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Field Identifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
JMSDestination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
JMSReplyTo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
JMSExpiration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
JMSTimestamp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Guaranteed Delivery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391

TIBCO Enterprise Message Service User’s Guide

xiv
| Contents
Export Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
JMSReplyTo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Certified Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Guaranteed Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Message Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
JMS Header Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
JMS Property Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Message Body . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Pure Java Rendezvous Programs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399

Chapter 16 Working With TIBCO SmartSockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Message Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Starting the Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Configuring Transports for SmartSockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Transport Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
Destination Name—Syntax and Semantics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Import Only when Subscribers Exist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Import—Start and Stop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Import Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Import Destination Names Must be Unique . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
JMSReplyTo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Guaranteed Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Export Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
JMSReplyTo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Wildcard Subscriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Guaranteed Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Message Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
JMS Header Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
JMS Property Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
SmartSockets Message Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Message Body . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Destination Names. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419

TIBCO Enterprise Message Service User’s Guide

 Contents xv
|

Chapter 17 Monitoring Server Activity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .421

Log Files and Tracing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Configuring the Log File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Tracing on the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
Message Tracing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
Enabling Message Tracing for a Destination. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
Enabling Message Tracing on a Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429
Monitoring Server Events. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
System Monitor Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Monitoring Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
Viewing Monitor Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
Performance Implications of Monitor Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434
Working with Server Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
Overall Server Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
Enabling Statistic Gathering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
Displaying Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439

Chapter 18 Using the SSL Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .441

SSL Support in TIBCO Enterprise Message Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442
Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Digital Certificate File Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
Private Key Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
File Names for Certificates and Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Configuring SSL in the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
SSL Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
Command Line Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
Configuring SSL in EMS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448
Client Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448
Configuring SSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
Specifying Cipher Suites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452
Syntax for Cipher Suites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452
Supported Cipher Suites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
SSL Authentication Only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
Enabling FIPS Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Enabling the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Enabling EMS Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460

TIBCO Enterprise Message Service User’s Guide

xvi
| Contents

Chapter 19 Fault Tolerance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461

Fault Tolerance Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
Unshared State Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Shared State Failover Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Role Reversal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Client Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Message Redelivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466
Heartbeat Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Unshared State Failover Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Dual State Failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Implementing Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Messages Stored in Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Storage Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Storage Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Configuring Fault-Tolerant Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Unshared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
Configuring Clients for Fault-Tolerant Connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Specifying More Than Two URLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Setting Reconnection Failure Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479
Configuring Clients for Unshared State Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Include the tibjmsufo JAR File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Create an Unshared State Connection Factory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Specify Server URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483

Chapter 20 Working With Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

Overview of Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
Global Destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Unique Routing Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Eliminating Redundant Paths with a One-Hop Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Overlapping Zones. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Active and Passive Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493

TIBCO Enterprise Message Service User’s Guide

 Contents xvii
|
Configuring Routes and Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Routes to Fault-Tolerant Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
Routing and SSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
Routed Topic Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
Propagating Registered Interest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
Selectors for Routing Topic Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Routed Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Routing and Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507

Appendix A Using TIBCO Hawk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509

Overview of Server Management With TIBCO Hawk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
Installing the Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
Windows Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
UNIX Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512
Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Method Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

Appendix B Monitor Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .519

Description of Monitor Topics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520
Description of Topic Message Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523

Appendix C Error and Status Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .533

Error and Status Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .593

TIBCO Enterprise Message Service User’s Guide

xviii Contents
|

TIBCO Enterprise Message Service User’s Guide

 Figures xix
|

Figures

Figure 1 Message Delivery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Figure 2 Point-to-point messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Figure 3 Publish and subscribe messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Figure 4 Multicast messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Figure 5 Persistent Message Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Figure 6 Non-Persistent Message Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 7 Reliable Message Delivery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Figure 8 Persistent Messages Sent to a Queue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Figure 9 Persistent Messages Published to a Topic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Figure 10 Message Delivery and Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Figure 11 Bridging a topic to a queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Figure 12 Bridging a topic to multiple destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Figure 13 Bridging a queue to multiple destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Figure 14 Flow Control Deadlock across Two Threads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Figure 15 Users, groups, and permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Figure 16 Methods for authenticating users and checking permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Figure 17 The Permissions Decision Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Figure 18 JMS 1.1 Programming Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
Figure 19 JMS 1.0.2b Programming Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Figure 20 Multicast message consumer creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Figure 21 The benefits of multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Figure 22 Sample Multicast Deployment Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Figure 23 Rendezvous Transports in the EMS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Figure 24 SmartSockets Transports in the EMS Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Figure 25 Primary and Backup Servers with Shared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
Figure 26 Current and Second Servers with Unshared State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Figure 27 Failed Primary Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Figure 28 Recovered Server Becomes Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465

TIBCO Enterprise Message Service User’s Guide

xx
| Figures
Figure 29 Unshared State Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Figure 30 Dual State Failover Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Figure 31 Routes: bidirectionality and corresponding destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
Figure 32 Routes: global destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Figure 33 Routes: Unique Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Figure 34 Zones: multi-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Figure 35 Zones: one-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Figure 36 Zones: overlap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
Figure 37 Routing: Propagating Subscribers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
Figure 38 Routing: Topic Selectors, example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Figure 39 Routing: Queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Figure 40 Routing: Authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507

TIBCO Enterprise Message Service User’s Guide

 Tables xxi
|

Tables

Table 1 General Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxix

Table 2 Syntax Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxi
Table 3 Summary of administration features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Table 4 JMS Message Headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Table 5 Summary of message properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Table 6 JMS Message Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Table 7 Data Type Conversion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Table 8 Destination Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Table 9 Characters with Special Meaning in Destination Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Table 10 Valid Destination Name Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Table 11 Invalid Destination Name Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Table 12 Destination properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Table 13 Prefetch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Table 14 tibemsd Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Table 15 tibemsadmin Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Table 16 Set server parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Table 17 Description of output fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Table 18 Description of output fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Table 19 show connections: type Parameter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Table 20 Description of output fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
Table 21 show durable Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Table 22 show durables Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Table 23 show queue Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Table 24 show queues Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Table 25 show routes Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Table 26 show store Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Table 27 show topic Table Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Table 28 Show topics table information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

TIBCO Enterprise Message Service User’s Guide

xxii
| Tables
Table 29 Show transactions table information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Table 30 tibemsd.conf Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Table 31 Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
Table 32 Channel Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Table 33 Connection Factory Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Table 34 Store File Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Table 35 Global administrator permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Table 36 Destination-level administration permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Table 37 Default configuration for popular LDAP servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Table 38 Queue Permission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Table 39 Topic Permission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Table 40 Database Store File Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Table 41 EMS Schema Export Tool options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Table 42 JMS API object summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
Table 43 Linker Flags for 32-Bit UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
Table 44 Linker Flags for 64-Bit UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Table 45 Dynamic Library Files for Microsoft Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
Table 46 Static Library Files for Microsoft Windows. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
Table 47 Shareable Image Library Files for OpenVMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Table 48 Static Library Files for OpenVMS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Table 49 EMS Assembly DLL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Table 50 EMS Policy Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
Table 51 .NET Feature Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Table 52 tibemsmcd Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Table 53 Rendezvous: Transport Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Table 54 Rendezvous: Mapping JMS Header Fields to RV Datatypes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Table 55 Rendezvous Mapping Message Properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Table 56 Rendezvous: Mapping Message Types (Import). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Table 57 Rendezvous: Mapping Message Types (Export). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
Table 58 Rendezvous: Mapping Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Table 59 SmartSockets: Transport Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
Table 60 SmartSockets Mapping Message Properties (Import & Export) . . . . . . . . . . . . . . . . . . . . . . . . . . 415

TIBCO Enterprise Message Service User’s Guide

 Tables xxiii
|
Table 61 SmartSockets: Mapping Message Types (Export) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
Table 62 SmartSockets: Mapping Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Table 63 Server Tracing Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Table 64 Message monitoring qualifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431
Table 65 File types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
Table 66 ConnectionFactory SSL parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
Table 67 Qualifiers for Cipher Suites in Java Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452
Table 68 OpenSSL Qualifiers for Cipher Suites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
Table 69 Supported Cipher Suites in Java API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
Table 70 Shared Storage Criteria for Fault Tolerance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Table 71 SSL Parameters for Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
Table 72 TIBCO Enterprise Message Service classes in TIBCO Hawk . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
Table 73 TIBCO Hawk MicroAgent Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Table 74 TIBCO Hawk Agent methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515
Table 75 Monitor topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520
Table 76 Message properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523
Table 77 Event Action Property Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528
Table 78 Event Reason Property Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530

TIBCO Enterprise Message Service User’s Guide

xxiv Tables
|

TIBCO Enterprise Message Service User’s Guide

 | xxv

Preface

TIBCO Enterprise Message Service™ software lets application programs send and
receive messages according to the Java Message Service (JMS) protocol. It also
integrates with TIBCO Rendezvous and TIBCO SmartSockets messaging
products.

Topics

• Changes from the Previous Release of this Guide, page xxvi

• Related Documentation, page xxvii
• Typographical Conventions, page xxix
• How to Contact TIBCO Customer Support, page xxxii

TIBCO Enterprise Message Service User’s Guide

xxvi Changes from the Previous Release of this Guide
|

Changes from the Previous Release of this Guide

This section itemizes the major changes from the previous release of this guide.

mstores
TIBCO Enterprise Message Service now offers a new type of message store, called
mstore. This store type is designed to recover quickly after a failover. For details
on the mstore feature, see mstores on page 30.

.NET Assembly Versioning

This release of TIBCO Enterprise Message Service introduces versioning in the
.NET assembly files. Prior to TIBCO Enterprise Message Service release 6.0.0, all
EMS .NET assemblies showed an assembly version number 1 . 0 . 0 . 0 , which
allowed client applicaitons to upgrade to the latest version of EMS without
rebuilding.
This same functionality is now available through the introduction of p o l i c y DLL
files, which are included for each EMS assembly. For more information, see
Assembly Versioning on page 309.

Redelivery Delay
A new destination property has been added to this release of TIBCO Enterprise
Message Service. The r e d e l i v e r y d e l a y property can be used to determine how
long the EMS server waits before retuning an unacknowledged message to the
message queue. For details about the new property, see r e d e l i v e r y d e l a y on
page 67.

Feature Enhancements
The following enhancements are documented in the sections shown:
• It is now possible to cursor through the list returned by the s h o w t o p i c s and
s h o w q u e u e s commands. For more information, see the command
descriptions for s h o w q u e u e s and s h o w t o p i c s .
• You can now quickly start the EMS server with the default configuration
using scripts. See Start Using the Default Configuration on page 102.

TIBCO Enterprise Message Service User’s Guide

 Preface xxvii
|

Related Documentation

This section lists documentation resources you may find useful.

TIBCO Enterprise Message Service Documentation

The following documents form the TIBCO Enterprise Message Service
documentation set:
• TIBCO Enterprise Message Service User’s Guide Read this manual to gain an
overall understanding of the product, its features, and configuration.
• TIBCO Enterprise Message Service Installation Read the relevant sections of this
manual before installing this product.
• TIBCO Enterprise Message Service Application Integration Guide This manual
presents detailed instructions for integrating TIBCO Enterprise Message
Service with third-party products.
• TIBCO Enterprise Message Service C & COBOL API Reference The C API
reference is available in HTML and PDF formats.
• TIBCO Enterprise Message Service Java API Reference The Java API reference can
be accessed only through the HTML documentation interface.
• TIBCO Enterprise Message Service .NET API Reference The .NET API reference
can be accessed only through the HTML documentation interface.
• TIBCO Enterprise Message Service Release Notes Read the release notes for a list
of new and changed features. This document also contains lists of known
issues and closed issues for this release. This document is available only in
PDF format.

Other TIBCO Product Documentation

You may find it useful to read the documentation for the following TIBCO
products:
• TIBCO Rendezvous®
• TIBCO SmartSockets®
• TIBCO Hawk®
• TIBCO EMS® Client for z/OS (CICS)
• TIBCO EMS® Client for z/OS (MVS)
• TIBCO EMS® Client for i5/OS

TIBCO Enterprise Message Service User’s Guide

xxviii Related Documentation
|

Third Party Documentation

• Java™ Message Service specification, available through
http://java.sun.com/products/jms/index.html.
• Java™ Message Service by Richard Monson-Haefel and David A. Chappell,
O’Reilly and Associates, Sebastopol, California, 2001.
• Java™ Authentication and Authorization Service (JAAS) LoginModule
Developer's Guide and Reference Guide, available through
http://java.sun.com/products/jaas/.

TIBCO Enterprise Message Service User’s Guide

 Preface xxix
|

Typographical Conventions

The following typographical conventions are used in this manual.

Table 1 General Typographical Conventions

Convention Use
TIBCO_HOME Many TIBCO products must be installed within the same home directory. This
directory is referenced in documentation as TIBCO_HOME. The value of
ENV_HOME
TIBCO_HOME depends on the operating system. For example, on Windows
EMS_HOME systems, the default value is C : \ t i b c o .
Other TIBCO products are installed into an installation environment.
Incompatible products and multiple instances of the same product are installed
into different installation environments. The directory into which such products
are installed is referenced in documentation as ENV_HOME. The value of
ENV_HOME depends on the operating system. For example, on Windows
systems the default value is C:\tibco.
TIBCO Enterprise Message Service installs into a directory within TIBCO_HOME.
This directory is referenced in documentation as EMS_HOME. The value of
EMS_HOME depends on the operating system. For example on Windows
systems, the default value is C : \ t i b c o \ e m s \ 6 . 0 .

code font Code font identifies commands, code examples, filenames, pathnames, and
output displayed in a command window. For example:
Use M y C o m m a n d to start the TIBCO foo process.

bold code Bold code font is used in the following ways:

font
• In procedures, to indicate what a user types. For example: Type the username
admin.

• In large code samples, to indicate the parts of the sample that are of
particular interest.
• In command syntax, to indicate the default value. For example, if no
parameter is specified, M y C o m m a n d is enabled:
MyCommand [enable | disable]

TIBCO Enterprise Message Service User’s Guide

xxx
| Typographical Conventions

Table 1 General Typographical Conventions

Convention Use
italic font Italic font is used in the following ways:
• To indicate a document title. For example: See TIBCO BusinessWorks Concepts
for more details.
• To introduce new terms For example: A portal page may contain several
portlets. Portlets are mini-applications that run in a portal.
• To indicate a variable in a command or code syntax that you must replace.
For example: M y C o m m a n d pathname

Key Key name separated by a plus sign indicate keys pressed simultaneously. For
combinations example: Ctrl+C.
Key names separated by a comma and space indicate keys pressed one after the
other. For example: Esc, Ctrl+Q.

TIBCO Enterprise Message Service User’s Guide

 Preface xxxi
|

Table 2 Syntax Typographical Conventions

Convention Use
[ ] An optional item in a command or code syntax.
For example:
MyCommand [optional_parameter] required_parameter

| A logical ’OR’ that separates multiple items of which only one may be chosen.
For example, you can select only one of the following parameters:
MyCommand para1 | param2 | param3

{ } A logical group of items. Other syntax notations may appear within each logical
group.
For example, the following command requires two parameters, which can be
either p a r a m 1 and p a r a m 2 or p a r a m 3 and p a r a m 4 :
MyCommand {param1 param2} | {param3 param4}

In the next example, the command requires two parameters. The first parameter
can be either p a r a m 1 or p a r a m 2 and the second can be either p a r a m 3 or p a r a m 4 :
MyCommand {param1 | param2} {param3 | param4}

In the next example, the command can accept either two or three parameters.
The first parameter must be p a r a m 1 . You can optionally include p a r a m 2 as the
second parameter. And the last parameter is either p a r a m 3 or p a r a m 4 .
MyCommand param1 [param2] {param3 | param4}

TIBCO Enterprise Message Service User’s Guide

xxxii How to Contact TIBCO Customer Support
|

How to Contact TIBCO Customer Support

For comments or problems with this manual or the software it addresses, please
contact TIBCO Support Services as follows.
• For an overview of TIBCO Support Services, and information about getting
started with TIBCO Product Support, visit this site:
http://www.tibco.com/services/support
• If you already have a valid maintenance or support contract, visit this site:
http://support.tibco.com
Entry to this site requires a username and password. If you do not have a
username, you can request one.

TIBCO Enterprise Message Service User’s Guide

 |1

Chapter 1 Overview

This chapter contains a general overview of Java Message Service (JMS) and
TIBCO Enterprise Message Service concepts.

Topics

• JMS Overview, page 2

• JMS Message Models, page 3
• EMS Destination Features, page 7
• Client APIs, page 9
• Administration, page 10
• Security, page 12
• Fault Tolerance, page 12
• Routing, page 13
• Integrating With Third-Party Products, page 13

TIBCO Enterprise Message Service User’s Guide

2
| Chapter 1 Overview

JMS Overview

Java Message Service 1.1 (JMS) is a Java framework specification for messaging
between applications. Sun Microsystems developed this specification, in
conjunction with TIBCO and others, to supply a uniform messaging interface
among enterprise applications.
Using a message service allows you to integrate the applications within an
enterprise. For example, you may have several applications: one for customer
relations, one for product inventory, and another for raw materials tracking. Each
application is crucial to the operation of the enterprise, but even more crucial is
communication between the applications to ensure the smooth flow of business
processes. Message-oriented-middleware (MOM) creates a common
communication protocol between these applications and allows you to easily
integrate new and existing applications in your enterprise computing
environment.
The JMS framework (an interface specification, not an implementation) is
designed to supply a basis for MOM development. TIBCO Enterprise Message
Service implements JMS and integrates support for connecting other message
services, such as TIBCO Rendezvous and TIBCO SmartSockets. This chapter
describes the concepts of JMS and its implementation in TIBCO Enterprise
Message Service. For more information on JMS requirements and features, see the
following sources:
• Java Message Service specification, available through
http://java.sun.com/products/jms/index.html.
• Java Message Service by Richard Monson-Haefel and David A. Chappell,
O’Reilly and Associates, Sebastopol, California, 2001.

JMS Compliance
TIBCO Enterprise Message Service 6.0 has passed Sun Microsystem Technology
Compatibility Kit (TCK) for Java Message Service 1.1 (JMS 1.1). Therefore, EMS
6.0 is compliant with the JMS 1.1 specification.

TIBCO Enterprise Message Service User’s Guide

 JMS Message Models 3
|

JMS Message Models

JMS is based on creation and delivery of messages. Messages are structured data
that one application sends to another. The creator of the message is known as the
producer and the receiver of the message is known as the consumer. The TIBCO
EMS server acts as an intermediary for the message and manages its delivery to
the correct destination. The server also provides enterprise-class functionality
such as fault-tolerance, message routing, and communication with other
messaging systems, such as TIBCO Rendezvous® and TIBCO SmartSockets®.
Figure 1 illustrates an application producing a message, sending it by way of the
server, and a different application receiving the message.

Figure 1 Message Delivery

Message Message TIBCO EMS Message Message

Producer Server Consumer

EMS Client EMS Client

JMS supports these messaging models:

• Point-to-Point (queues)
• Publish and Subscribe (topics)
• Multicast (topics)

Point-to-Point
Point-to-point messaging has one producer and one consumer per message. This
style of messaging uses a queue to store messages until they are received. The
message producer sends the message to the queue; the message consumer
retrieves messages from the queue and sends acknowledgement that the message
was received.
More than one producer can send messages to the same queue, and more than
one consumer can retrieve messages from the same queue. The queue can be
configured to be exclusive, if desired. If the queue is exclusive, then all queue
messages can only be retrieved by the first consumer specified for the queue.
Exclusive queues are useful when you want only one application to receive
messages for a specific queue. If the queue is not exclusive, any number of

TIBCO Enterprise Message Service User’s Guide

4
| Chapter 1 Overview

receivers can retrieve messages from the queue. Non-exclusive queues are useful
for balancing the load of incoming messages across multiple receivers. Regardless
of whether the queue is exclusive or not, only one consumer can ever consume
each message that is placed on the queue.
Figure 2 illustrates point-to-point messaging using a non-exclusive queue. Each
message consumer receives a message from the queue and acknowledges receipt
of the message. The message is taken off the queue so that no other consumer can
receive it.

Figure 2 Point-to-point messages

TIBCO EMS
Server

Message Send Message Queue Receive Message Message

Producer Consumers
Acknowledge

EMS Client EMS Clients

Publish and Subscribe

In a publish and subscribe message system, producers address messages to a
topic. In this model, the producer is known as a publisher and the consumer is
known as a subscriber.
Many publishers can publish to the same topic, and a message from a single
publisher can be received by many subscribers. Subscribers subscribe to topics,
and all messages published to the topic are received by all subscribers to the topic.
This type of message protocol is also known as broadcast messaging because
messages are sent over the network and received by all interested subscribers,
similar to how radio or television signals are broadcast and received.
Figure 3 illustrates publish and subscribe messaging. Each message consumer
subscribes to a topic. When a message is published to that topic, all subscribed
consumers receive the message.

TIBCO Enterprise Message Service User’s Guide

 JMS Message Models 5
|

Figure 3 Publish and subscribe messages

TIBCO EMS
Server Subsecribe to
Topic
Message Send Message Message
Producer Topic Consumers
Deliver Message
Acknowledge
(if necessary)
EMS Client EMS Clients

Durable Subscribers for Topics

By default, subscribers only receive messages when they are active. If messages
arrive on the topic when the subscriber is not available, the subscriber does not
receive those messages.
The EMS APIs allow you to create durable subscribers to ensure that messages are
received, even if the message consumer is not currently running. Messages for
durable subscriptions are stored on the server as long as durable subscribers exist
for the topic, or until the message expiration time for the message has been
reached, or until the storage limit has been reached for the topic. Durable
subscribers can receive messages from a durable subscription even if the
subscriber was not available when the message was originally delivered.
When an application restarts and recreates a durable subscriber with the same ID,
all messages stored on the server for that topic are delivered to the durable
subscriber.
See Creating a Message Consumer on page 325 for details on how to create
durable subscribers.

Multicast
Multicast messaging allows one message producer to send a message to multiple
subscribed consumers simultaneously. As in the publish and subscribe messaging
models, the message producer addresses the message to a topic. Instead of
delivering a copy of the message to each individual subscriber over TCP,
however, the EMS server broadcasts the message over Pragmatic General
Multicast (PGM). A daemon running on the machine with the subscribed EMS
client receives the multicast message and delivers it to the message consumer.
Multicast is highly scalable because of the reduction in bandwidth used to
broadcast messages, and because of reduced EMS server resources used.
However, multicast does not guarantee message delivery to all subscribers.

TIBCO Enterprise Message Service User’s Guide

6
| Chapter 1 Overview

Figure 4 on page 6 illustrates the multicast messaging model. Each message

consumer subscribes to a multicast-enabled topic. When a message is sent to that
topic, the EMS server broadcasts the message. Listening multicast daemons
receive the message and deliver it to subscribed clients.

Figure 4 Multicast messages

local hosts

Multicast Daemon

tibemsmcd
TIBCO EMS
Server Broadcast
Message
Deliver
Message Send Message Multicast Message
Producer Topic
Subscribe to
Topic
EMS Client
Message
Consumer

EMS Client

For more information about multicast, see Chapter 13, Using Multicast, on
page 345.

TIBCO Enterprise Message Service User’s Guide

 EMS Destination Features 7
|

EMS Destination Features

TIBCO Enterprise Message Service allows you to configure destinations to

enhance the functionality of each messaging model.
The EMS destination features allow you to:
• Set a s e c u r e mode for access control at the queue or topic level, so that some
destinations may require permission and others may not. See Destination
Control on page 258.
• Set threshold limits for the amount of memory used by the EMS server to store
messages for a topic or a queue and fine-tune the server’s response to when
the threshold is exceeded. See f l o w C o n t r o l on page 58 and o v e r f l o w P o l i c y
on page 62.
• Route messages sent to destinations to other servers. See Working With
Routes on page 485.
• Create bridges between destinations of the same or different types to create a
hybrid messaging model for your application. This can be useful if your
application requires that you send the same message to both a topic and a
queue. For more information on creating bridges between destinations and
situations where this may be useful, see Destination Bridges on page 79.
• Control the flow of messages to a destination. This is useful when message
producers send messages much faster than message consumers can receive
them. For more information on flow control, see Flow Control on page 84.
• Exchange messages with other message services. Queues can receive TIBCO
Rendezvous and TIBCO SmartSockets messages. Topics can either receive or
send Rendezvous and TIBCO SmartSockets messages. See Working With
TIBCO Rendezvous on page 377 and Working With TIBCO SmartSockets on
page 401.
• Set queues to be exclusive or non-exclusive. Only one receiver can receive
messages from an exclusive queue. More than one receiver can receive
messages from non-exclusive queues. See e x c l u s i v e on page 56.
• Specify a redelivery policy for queues. When messages must be redelivered,
you can specify a property on the queue that determines the maximum
number of times a message should be redelivered. See m a x R e d e l i v e r y on
page 61.
• Trace and log all messages passing through a destination. See t r a c e on
page 71.
• Include the user name of the message producer in the message. See
sender_name on page 69 and s e n d e r _ n a m e _ e n f o r c e d on page 69.

TIBCO Enterprise Message Service User’s Guide

8
| Chapter 1 Overview

• Administrator operations can use wildcards in destination names. The

wildcard destination name is the parent, and any names that match the
wildcard destination name inherit the properties of the parent. See Wildcards
on page 74.
• Use the s t o r e property to cause messages sent to a destination to be written
to a store file. Set the destination store to s t o r e = $ s y s . f a i l s a f e to direct the
server to write messages to the file synchronously and guarantee that
messages are not lost under any circumstances. See s t o r e on page 70 for more
information.
• Specify that a consumer is to receive batches of messages in the background to
improve performance. Alternatively, you can specify that queue receivers are
to only receive one message at a time. See p r e f e t c h on page 65 for more
information.

TIBCO Enterprise Message Service User’s Guide

 Client APIs 9
|

Client APIs

Java applications use the j a v a x . j m s package to send or receive JMS messages.

This is a standard set of interfaces, specified by the JMS specification, for creating
the connection to the EMS server, specifying the type of message to send, and
creating the destination (topic or queue) on which to send or receive messages.
You can find a description of the j a v a x . j m s package in TIBCO Enterprise Message
Service Java API Reference included in the online documentation. Because EMS
implements the JMS standard, you can also view the documentation on these
interfaces along with the JMS specification at
java.sun.com/products/jms/index.html.
TIBCO Enterprise Message Service includes parallel APIs for other development
environments. See the following for more information:
• TIBCO Enterprise Message Service C & COBOL API Reference
• TIBCO Enterprise Message Service .NET API Reference (online documentation)

Sample Code
EMS includes several example programs. These examples illustrate various
features of EMS. You may wish to view these example programs when reading
about the corresponding features in this manual. The examples are included in
the s a m p l e s subdirectory of the EMS installation directory.
For more information about running the examples, see Chapter 4, Getting Started,
on page 87.

TIBCO Rendezvous Java Applications

EMS includes a Java class that allows pure Java TIBCO Rendezvous applications
to connect directly with the EMS server; see Pure Java Rendezvous Programs on
page 399.

TIBCO Enterprise Message Service User’s Guide

10
| Chapter 1 Overview

Administration

EMS provides mechanisms for administering server operations and creating

objects that are managed by the server, such as ConnectionFactories and
Destinations.
Administration functions can be issued either using the command-line
administration tool or by creating an application that uses the administration API
(either Java or .NET). The command-line administration tool is described in
Chapter 6, Using the EMS Administration Tool, on page 115. The administration
APIs are described in the online documentation.
The administration interfaces allow you to create and manage administered
objects such as ConnectionFactories, Topics, and Queues. EMS clients can retrieve
references to these administered objects by using Java Naming and Directory
Interface (JNDI). Creating static administered objects allows clients to use these
objects without having to implement the objects within the client.

Administering the Server

EMS has several administration features that allow you to monitor and manage
the server. The following table provides a summary of administration features
and details where in the documentation you can find more information.

Table 3 Summary of administration features (Sheet 1 of 2)

Feature More Information

Configuration files allow you to specify Chapter 7, Using the
server characteristics. Configuration Files, on page 171

Administration tool provides a command Chapter 6, Using the EMS

line interface for managing the server. Administration Tool, on page 115

Authentication and permissions can Chapter 8, Authentication and

restrict access to the server and to Permissions, on page 247
destinations. You can also specify who
can perform administrative activities with
administrator permissions.

Configure log files to provide information Chapter 17, Monitoring Server

about various server activity. Activity, on page 421

TIBCO Enterprise Message Service User’s Guide

 Administration 11
|

Table 3 Summary of administration features (Sheet 2 of 2)

Feature More Information

The server can publish messages when Chapter 17, Monitoring Server
various system events occur. This allows Activity, on page 421
you to create robust monitoring
applications that subscribe to these
system monitor topics.

The server can provide various statistics Chapter 17, Monitoring Server
at the desired level of detail. Activity, on page 421

User and Group Management

EMS provides facilities for creating and managing users and groups locally for
the server. The EMS server can also use an external system, such as an LDAP
server for authenticating users and storing group information. See Chapter 8,
Authentication and Permissions, on page 247 for more information about
configuring EMS to work with external systems for user and group management.

Using TIBCO Hawk

You can use TIBCO Hawk® for monitoring and managing the EMS server. See
Appendix A, Using TIBCO Hawk, on page 509 for more information.

TIBCO Enterprise Message Service User’s Guide

12
| Chapter 1 Overview

Security

For communication security between servers and clients, and between servers
and other servers, you must explicitly configure SSL within EMS.
Secure Sockets Layer (SSL) is a protocol for transmitting encrypted data over the
Internet or an internal network. SSL works by using public and private keys to
encrypt data that is transferred over the SSL connection. Most web browsers
support SSL, and many Web sites and Java applications use the protocol to obtain
confidential user information, such as credit card numbers.
EMS supports SSL between the following components:
• between an EMS client and the EMS server
• between the administration tool and the EMS server
• between the administration APIs and the EMS server
• between routed servers
• between fault-tolerant servers
See Chapter 18, Using the SSL Protocol, on page 441 for more information about
SSL support in EMS.

Fault Tolerance

You can configure EMS servers as primary and backup servers to provide fault
tolerance for your environment. The primary and backup servers act as a pair,
with the primary server accepting client connections and performing the work of
handling messages, and the secondary server acting as a backup in case of failure.
When the active server fails, the backup server assumes operation and becomes
the primary active server.
See Chapter 19, Fault Tolerance, on page 461 for more information about the
fault-tolerance features of EMS.

TIBCO Enterprise Message Service User’s Guide

 Routing 13
|

Routing

EMS provides the ability for servers to route messages between each other. Topic
messages can be routed across multiple hops, provided there are no cycles (that is,
the message can not be routed to any server it has already visited). Queue
messages can travel at most one hop to any other server from the server that owns
the queue.
EMS stores and forwards messages in most situations to provide operation when
a route is not connected.
See Chapter 20, Working With Routes, on page 485 for more information about
the routing features of EMS.

Integrating With Third-Party Products

EMS allows you to work with third-party naming/directory service products or

with third-party application servers; see TIBCO Enterprise Message Service
Application Integration Guide.

Transaction Support

TIBCO Enterprise Message Service can integrate with Java Transaction API (JTA)
compliant transaction managers. EMS implements all interfaces necessary to be
JTA compliant. The EMS C API is compliant with the X/Open XA specification.
The EMS .NET API supports Microsoft Distributed Transaction Coordinator (MS
DTC). Transactions created using MSDTC in a .NET client are seen as XA
transactions in C and Java clients.

TIBCO Enterprise Message Service User’s Guide

14
| Chapter 1 Overview

TIBCO Enterprise Message Service User’s Guide

 | 15

Chapter 2 Messages

This chapter provides an overview of EMS messages.

Topics

• EMS Extensions to JMS Messages, page 16

• JMS Message Structure, page 17
• Message Priority, page 23
• Message Delivery Modes, page 24
• How EMS Manages Persistent Messages, page 26
• Store Messages in Multiple Stores, page 29
• Character Encoding in Messages, page 35
• Message Compression, page 37
• Message Acknowledgement, page 38
• Synchronous and Asynchronous Message Consumption, page 45

TIBCO Enterprise Message Service User’s Guide

16
| Chapter 2 Messages

EMS Extensions to JMS Messages

The JMS specification details a standard format for the header and body of a
message. Properties are provider-specific and can include information on specific
implementations or enhancements to JMS functionality. See EMS Message
Properties on page 19 for the list of message properties that are specific to EMS.
In addition to the EMS message properties, EMS provides a select number of
extensions to JMS. These are:
• The JMS standard specifies two delivery modes for messages, P E R S I S T E N T
and N O N _ P E R S I S T E N T. EMS also includes a R E L I A B L E _ D E L I V E R Y mode that
eliminates some of the overhead associated with the other delivery modes. See
R E L I A B L E _ D E L I V E R Y on page 25.

• For consumer sessions, you can specify a N O _ A C K N O W L E D G E mode so that

consumers do not need to acknowledge receipt of messages, if desired. EMS
also provides an E X P L I C I T _ C L I E N T _ A C K N O W L E D G E and
E X P L I C I T _ C L I E N T _ D U P S _ O K _ A C K N O W L E D G E mode that restricts the
acknowledgement to single messages. See Message Acknowledgement on
page 38.
• EMS extends the M a p M e s s a g e and S t r e a m M e s s a g e body types. These
extensions allow EMS to exchange messages with TIBCO Rendezvous and
ActiveEnterprise formats that have certain features not available within the
JMS M a p M e s s a g e and S t r e a m M e s s a g e .
TIBCO Enterprise Message Service adds these two extensions to the
M a p M e s s a g e and S t r e a m M e s s a g e body types:

— You can insert another M a p M e s s a g e or S t r e a m M e s s a g e instance as a

submessage into a M a p M e s s a g e or S t r e a m M e s s a g e , generating a series of
nested messages, instead of a flat message.
— You can use arrays as well as primitive types for the values.
These extensions add considerable flexibility to the M a p M e s s a g e and
StreamMessage body types. However, they are extensions and therefore not
compliant with JMS specifications. Extended messages are tagged as
extensions with the vendor property tag J M S _ T I B C O _ M S G _ E X T .
For more information on compatibility with Rendezvous messages, see
Message Body on page 395.

TIBCO Enterprise Message Service User’s Guide

 JMS Message Structure 17
|

JMS Message Structure

JMS messages have a standard structure. This structure includes the following
sections:
• Header (required)
• Properties (optional)
• Body (optional)

JMS Message Header Fields

The header contains ten predefined fields that contain values used to route and
deliver messages. Table 4 describes the message header fields.

Table 4 JMS Message Headers

Header Field Set by Comments

JMSDestination sendor p u b l i s h Destination to which message is sent
method

JMSDeliveryMode sendor p u b l i s h Persistent or non-persistent message. The default is

method persistent.
EMS extends the delivery mode to include a
RELIABLE_DELIVERY mode, as described in
R E L I A B L E _ D E L I V E R Y on page 25.

TIBCO Enterprise Message Service User’s Guide

18
| Chapter 2 Messages

Table 4 JMS Message Headers

Header Field Set by Comments

JMSExpiration sendor p u b l i s h Length of time that message will live before expiration.
method If set to 0 , message does not expire. The time-to-live is
specified in milliseconds.
If the server e x p i r a t i o n property is set for a
destination, it will override the J M S E x p i r a t i o n value
set by the message producer.
In EMS version 4.4 and later, clients automatically
synchronize their clocks with the server when a
connection is created. However, for long-lasting
connections, Network Time Protocol (NTP) is the most
reliable method for ensuring continuing
synchronization between server and client.
Additionally, if your EMS server or client application
are based on a version of EMS prior to 4.4, you must
ensure that clocks are synchronized among all the host
computers that send and receive messages, if your
client application uses non-zero values for message
expiration. Synchronize clocks to a tolerance that is a
very small fraction of the smallest message expiration
time.

JMSPriority sendor p u b l i s h Uses a numerical ranking, between 0 and 9, to define

method message priority as normal or expedited. Larger
numbers represent higher priority.
See Message Priority on page 23 for more information.

JMSMessageID sendor p u b l i s h Value uniquely identifies each message sent by a

method provider.

JMSTimestamp sendor p u b l i s h Timestamp of time when message was handed off to a

method provider to be sent. Message may actually be sent later
than this timestamp.

JMSCorrelationID message client This ID can be used to link messages, such as linking a
response message to a request message. Entering a
value in this field is optional. The JMS Correlation ID
has a recommended maximum of 4 KB. Higher values
may result in the message being rejected.

TIBCO Enterprise Message Service User’s Guide

 JMS Message Structure 19
|

Table 4 JMS Message Headers

Header Field Set by Comments

JMSReplyTo message client A destination to which a message reply should be sent.
Entering a value for this field is optional.

JMSType message client message type identifier

JMSRedelivered JMS provider If this field is set, it is possible that the message was
delivered to the client earlier, but not acknowledged at
that time.

EMS Message Properties

In the properties area, applications, vendors, and administrators on JMS systems
can add optional properties. The properties area is optional, and can be left empty.
The JMS specification describes the JMS message properties. This section
describes the message properties that are specific to EMS.
TIBCO-specific property names begin with J M S _ T I B C O . Client programs may use
the TIBCO-specific properties to access EMS features, but not for communicating
application-specific information among client programs.
The EMS properties are summarized in Table 5 and described in more detail in
subsequent sections in this chapter.

Table 5 Summary of message properties (Sheet 1 of 2)

More
Property Description Info
JMS_TIBCO_CM_PUBLISHER Correspondent name of an 394
RVCM sender for messages
imported from TIBCO
Rendezvous.

JMS_TIBCO_CM_SEQUENCE Sequence number of an RVCM 394

message imported from
TIBCO Rendezvous.

JMS_TIBCO_COMPRESS Allows messages to be 37

compressed for more efficient
storage.

TIBCO Enterprise Message Service User’s Guide

20
| Chapter 2 Messages

Table 5 Summary of message properties (Sheet 2 of 2)

More
Property Description Info
JMS_TIBCO_DISABLE_SENDER Specifies that the user name of 21
the message sender should not
be included in the message, if
possible.

JMS_TIBCO_IMPORTED Set by the server when the 394

message has been imported
414
from Rendezvous or
SmartSockets.

JMS_TIBCO_MSG_EXT Extends the functionality of 16

the M a p M e s s a g e and
394
S t r e a m M e s s a g e body types to
include submessages or 414
arrays.

JMS_TIBCO_MSG_TRACE Specifies the message should 428

be traced from producer to
consumer.

JMS_TIBCO_PRESERVE_UNDELIVERED Specifies the message is to be 20

placed on the undelivered
message queue if the message
must be removed.

JMS_TIBCO_SENDER Contains the user name of the 21

message sender.

JMS_TIBCO_SS_SENDER When the EMS server imports 414

a message from TIBCO
SmartSockets, it sets this
property to the SmartSockets
s e n d e r header field (in
SmartSockets syntax).

Undelivered Message Queue

If a message expires or has exceeded the value specified by the m a x R e d e l i v e r y
property on a queue, the server checks the message’s
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property. If
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D is set to true, the server moves the message

TIBCO Enterprise Message Service User’s Guide

 JMS Message Structure 21
|

to the undelivered message queue, $ s y s . u n d e l i v e r e d . This undelivered

message queue is a system queue that is always present and cannot be deleted. If
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D is set to f a l s e , the message will be deleted
by the server.
To make use of the undelivered message queue, the application that sends or
publishes the message must set the boolean J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D
property to t r u e before sending or publishing the message.
You can only set the undelivered property on individual messages, there is no
way to set the undelivered message queue as an option at the per-topic or
per-queue level.
You should create a queue receiver to receive and handle messages as they arrive
on the undelivered message queue. If you wish to remove messages from the
undelivered message queue without receiving them, you can purge the
$ s y s . u n d e l i v e r e d queue with the administration tool, using the p u r g e q u e u e
command described under Command Listing on page 120. You can also remove
messages using the administrative API included with TIBCO Enterprise Message
Service.
Note that $ s y s . u n d e l i v e r e d ignores the g l o b a l destination property setting.
Messages in the undelivered message queue are not routed to other servers.

Including the Message Sender

Within a message, EMS can supply the user name given by the message producer
when a connection is created. The s e n d e r _ n a m e and s e n d e r _ n a m e _ e n f o r c e d
server properties on the destination determine whether the message producer’s
user name is included in the sent message.
When a user name is included in a message, a message consumer can retrieve that
user name by getting the string message property named J M S _ T I B C O _ S E N D E R .
When the s e n d e r _ n a m e property is enabled and the s e n d e r _ n a m e _ e n f o r c e d
property is not enabled on a destination, message producers can specify that the
user name is to be left out of the message. Message producers can specify the
J M S _ T I B C O _ D I S A B L E _ S E N D E R boolean property for a particular message, and the
message producer’s user name will not be included in the message. However, if
the s e n d e r _ n a m e _ e n f o r c e d property is enabled, the
J M S _ T I B C O _ D I S A B L E _ S E N D E R property is ignored and the user name is always
included in the message.

JMS Message Bodies

A JMS message has one of several types of message bodies, or no message body at
all.

TIBCO Enterprise Message Service User’s Guide

22
| Chapter 2 Messages

The types of messages are described in Table 6.

Table 6 JMS Message Types

Message Type Contents of Message Body

Message This message type has no body. This is useful for simple
event notification.

TextMessage A java.lang.String.

MapMessage A set of name/value pairs. The names are

java.lang.String objects, and the values are Java
primitive value types or their wrappers. The entries can be
accessed sequentially by enumeration or directly by name.
The order of entries is undefined.
When EMS is exchanging messages with Rendezvous or
ActiveEnterprise, you can generate a series of nested
MapMessages, as described in EMS Extensions to JMS
Messages on page 16.

BytesMessage A stream of uninterrupted bytes. The bytes are not typed;

that is, they are not assigned to a primitive data type.

StreamMessage A stream of primitive values in the Java programming

language. Each set of values belongs to a primitive data
type, and must be read sequentially.
When EMS is exchanging messages with Rendezvous or
ActiveEnterprise, you can generate a series of nested
StreamMessages, as described in EMS Extensions to JMS
Messages on page 16.

ObjectMessage A serializable object constructed in the Java programming

language.

Maximum Message Size

EMS supports messages up to a maximum size of 512MB. However, we
recommend that application programs use smaller messages, since messages
approaching this maximum size will strain the performance limits of most current
hardware and operating system platforms.

TIBCO Enterprise Message Service User’s Guide

 Message Priority 23
|

Message Priority

The JMS specification includes a J M S P r i o r i t y message header field in which

senders can set the priority of a message, as a value in the range [0,9]. EMS does
support message priority (though it is optional, and other vendors might not
implement it).
When the EMS server has several messages ready to deliver to a consumer client,
and must select among them, then it delivers messages with higher priority
before those with lower priority.
However, priority ordering applies only when the server has a backlog of
deliverable messages for a consumer. In contrast, when the server has only one
message at a time to deliver to a consumer, then the priority ordering feature will
not be apparent.
You can set default message priority for the Message Producer, as described in
Configuring a Message Producer on page 323. The default priority can be
overridden by the client when sending a message, as described in Sending
Messages on page 332.

See Also JMS Specification, chapter 3.4.10

TIBCO Enterprise Message Service User’s Guide

24
| Chapter 2 Messages

Message Delivery Modes

The J M S D e l i v e r y M o d e message header field defines the delivery mode for the
message. JMS supports P E R S I S T E N T and N O N _ P E R S I S T E N T delivery modes for
both topic and queue. EMS extends these delivery modes to include a
R E L I A B L E _ D E L I V E R Y mode.

You can set the default delivery mode for the Message Producer, as described in
Configuring a Message Producer on page 323. This default delivery mode can be
overridden by the client when sending a message, as described in Sending
Messages on page 332.

PERSISTENT
As shown in Figure 5, when a producer sends a P E R S I S T E N T message, the
producer must wait for the server to reply with a confirmation. The message is
persisted on disk by the server. This delivery mode ensures delivery of messages
to the destination on the server in almost all circumstances. However, the cost is
that this delivery mode incurs two-way network traffic for each message or
committed transaction of a group of messages.

Figure 5 Persistent Message Delivery

Message
Message TIBCO EMS
Producer Confirmation Server

EMS Client

NON_PERSISTENT
Sending a N O N _ P E R S I S T E N T message omits the overhead of persisting the
message on disk to improve performance.
If a u t h o r i z a t i o n is disabled on the server, the server does not send a
confirmation to the message producer.
If a u t h o r i z a t i o n is enabled on the server, the default condition is for the
producer to wait for the server to reply with a confirmation in the same manner as
when using P E R S I S T E N T mode.

TIBCO Enterprise Message Service User’s Guide

 Message Delivery Modes 25
|

Regardless of whether a u t h o r i z a t i o n is enabled or disabled, you can use the

n p s e n d _ c h e c k _ m o d e parameter in the t i b e m s d . c o n f file to specify the conditions
under which the server is to send confirmation of N O N _ P E R S I S T E N T messages to
the producer. See the description for n p s e n d _ c h e c k _ m o d e on page 185 for details.

Figure 6 Non-Persistent Message Delivery

Message
Message TIBCO EMS
Producer Depending on Server
npsend_check_mode

EMS Client

RELIABLE_DELIVERY
EMS extends the JMS delivery modes to include reliable delivery. Sending a
R E L I A B L E _ D E L I V E R Y message omits the server confirmation to improve
performance regardless of the a u t h o r i z a t i o n setting.

Figure 7 Reliable Message Delivery

Message TIBCO EMS

Message
Producer Server

EMS Client

When using R E L I A B L E _ D E L I V E R Y mode, the server never sends the producer a

receipt confirmation or access denial and the producer does not wait for it.
Reliable mode decreases the volume of message traffic, allowing higher message
rates, which is useful for messages containing time-dependent data, such as stock
price quotations.
When you use the reliable delivery mode, the client application does not receive
any response from the server. Therefore, all publish calls will always succeed (not
throw an exception) unless the connection to the server has been terminated.
In some cases a message published in reliable mode may be disqualified and not
handled by the server because the destination is not valid or access has been
denied. In this case, the message is not sent to any message consumer. However,
unless the connection to the server has been terminated, the publishing
application will not receive any exceptions, despite the fact that no consumer
received the message.

TIBCO Enterprise Message Service User’s Guide

26
| Chapter 2 Messages

How EMS Manages Persistent Messages

As described in Message Delivery Modes on page 24. JMS defines two message
delivery modes, P E R S I S T E N T and N O N _ P E R S I S T E N T, and EMS defines a
R E L I A B L E _ D E L I V E R Y mode.

NON_PERSISTENT and R E L I A B L E _ D E L I V E R Y messages are never written to

persistent storage. P E R S I S T E N T messages are written to persistent storage when
they are received by the EMS server.

Persistent Messages Sent to Queues

Persistent messages sent to a queue are always written to disk. Should the server
fail before sending persistent messages to subscribers, the server can be restarted
and the persistent messages will be sent to the subscribers when they reconnect to
the server.

Figure 8 Persistent Messages Sent to a Queue

TIBCO EMS
Server

Message Send Message Queue Receive Message Message

Producer Consumer

EMS Client EMS Client

Disk

Persistent Messages Published to Topics

Persistent messages published to a topic are written to disk only if that topic has at
least one durable subscriber or one subscriber with a fault-tolerant connection to
the EMS server. In the absence of a durable subscriber or subscriber with a
fault-tolerant connection, there are no subscribers that need messages resent in
the event of a server failure. In this case, the server does not needlessly save
persistent messages. This improves performance by eliminating the unnecessary
disk I/O to persist the messages.

TIBCO Enterprise Message Service User’s Guide

 How EMS Manages Persistent Messages 27
|

Figure 9 Persistent Messages Published to a Topic

Other
Consumers

TIBCO EMS
Server
Subscribe
Message Publish to Topic
Producer Message Topic Durable
Consumer

EMS Client Either type of

consumer must ...and/or...
subscribe to the topic
for messages to be Fault
saved to disk Tolerant
Consumer
Store

EMS Clients

This behavior is consistent with the JMS specification because durable subscribers
to a topic cause published messages to be saved. Additionally, subscribers to a
topic that have a fault-tolerant connection need to receive messages from the
secondary server after a failover. However, non-durable subscribers without a
fault-tolerant connection that re-connect after a server failure are considered
newly created subscribers and are not entitled to receive any messages created
prior to the time they are created (that is, messages published before the
subscriber re-connects are not resent).

Persistent Messages and Synchronous File Storage

When using file storage, persistent messages received by the EMS server are by
default written asynchronously to disk. This means that, when a producer sends a
persistent message, the server does not wait for the write-to-disk operation to
complete before returning control to the producer. Should the server fail before
completing the write-to-disk operation, the producer has no way of detecting the
failure to persist the message and taking corrective action.
You can set the m o d e parameter to s y n c for a given file storage in the
s t o r e s . c o n f file to specify that persistent messages for the topic or queue be
synchronously written to disk. When m o d e = s y n c , the persistent producer
remains blocked until the server has completed the write-to-disk operation.

TIBCO Enterprise Message Service User’s Guide

28
| Chapter 2 Messages

Each EMS server writes persistent messages to a store file. To prevent two servers
from using the same store file, each server restricts access to its store file for the
duration of the server process. For details on how EMS manages shared store
files, see How EMS Manages Access to Shared Store Files on page 113.

TIBCO Enterprise Message Service User’s Guide

 Store Messages in Multiple Stores 29
|

Store Messages in Multiple Stores

As described in Message Delivery Modes on page 24, the EMS server writes
P E R S I S T E N T messages to disk while waiting for confirmation of receipt from the
subscriber. Messages are persisted to a store. The EMS server can write messages
to different types of stores: file-based stores, mstores, and database stores.
By default, the EMS server writes persistent messages to file-based stores. There
are three default store files, as described in Default Store Files on page 30. You can
configure the system to change the default store files and locations, and also to
store persistent messages to one or more store files, filtering them by destination.
Stores are defined in the s t o r e s . c o n f configuration file, and associated with a
destination using the s t o r e destination property.
Stores have properties that allow you to control how the server manages the store
files. For example:
• When using file-based stores:
— Preallocate disk space for the store file.
— Truncate the file periodically to relinquish disk space.
— Specify whether messages are written synchronously or asynchronously.
• Store messages in a database.
With the multiple stores feature, you can configure your messaging application to
store messages in different locations for each application, or to create separate
files for related destinations. For example, you can create one store for messages
supporting Marketing, and one for messages supporting Sales. Because stores are
configured in the server, they are transparent to clients.
The EMS Administration Tool allows administrators to review the system’s
configured stores and their settings by using the s h o w s t o r e s and s h o w s t o r e
commands.

Store Types
TIBCO Enterprise Message Service allows you to configure several different types
of stores, described here.

File-Based Stores
The EMS server stores persistent messages in file-based stores. You can use the
default store files, or create your own file-based stores. You direct the EMS server
to write messages to these store files by associating a destination with a store.

TIBCO Enterprise Message Service User’s Guide

30
| Chapter 2 Messages

File-based stores are enabled by default, and the server automatically defines
three default stores, described below. You do not need to do anything in order to
use the default stores.
The section Configuring Multiple Stores on page 31 describes how to change store
settings or create custom stores.

mstores
The mstore is designed to recover quickly after a failover. When mstores are in
use, the EMS server starts quickly, but may run more slowly until the mstore
cache is fully loaded. This is because the EMS server continually monitors the
store in the background. The server reads through the mstore incrementally and
discards stale data, such as purged and expired messages.
As a result, expired and purged messages are not immediately removed from the
mstore, and may remain in the store longer than they would in a file-based or
database store—although they are not delivered to the consumer. These messages
are discarded during the periodic scans of the store. The scanning behavior is
determined by parameter settings in the store configuration, and is further
described in Understanding mstore Intervals on page 32.
Because of this behavior, querying the server for a total pending message count
may return an inaccurate value. However, querying specific destinations returns
an accurate count.
The section Configuring Multiple Stores on page 31 describes the mstore
configuration process.

Database Stores
The EMS server can store messages in one or more database instances. Database
stores must be configured to use a supported database. See Chapter 10, Using
Database Stores for a full description of this feature.

Default Store Files

The EMS server defines these default store files, and writes persistent messages
and meta data to them:
• $ s y s . n o n f a i l s a f e —Persistent
messages without a s t o r e property
designation are written to $ s y s . n o n f a i l s a f e by default. The server writes
messages to this store using asynchronous I/O calls.
• $ s y s . f a i l s a f e —Associate a destination with this store to write messages
synchronously. The server writes messages to this store using synchronous
I/O calls.

TIBCO Enterprise Message Service User’s Guide

 Store Messages in Multiple Stores 31
|

• $ s y s . m e t a —The server writes state information about durable subscribers,

fault-tolerant connections, and other metadata in this store.
The EMS server creates these file-based stores automatically, and no steps are
required to enable or deploy them. However, you can change the system
configuration to customize the default store file settings, or even override the
default store settings to either point to different file location, or write to an mstore
or database.

Note that the $ s y s . m e t a store may not be reconfigured to use the m s t o r e type.

Configuring Multiple Stores

This section describes the basic steps required to configure file-based stores and
mstores. Database store configuration is detailed in Chapter 10, Using Database
Stores.
Settings for creating and configuring multiple stores are managed in the EMS
server, and are transparent to clients. To configure the multiple stores feature,
follow these steps:
1. Setup and configure stores in the s t o r e s . c o n f file.
Stores are created and configured in the s t o r e s . c o n f file. Each store must
have a unique name. The stores are configured through parameters.
— File-based stores have two required parameters, t y p e and f i l e , which
determine that the store is a file-based store, and set its location and
filename. Optional parameters allow you to determine other settings,
including how messages are written to the file, the minimum size of the file,
and whether the EMS server attempts to truncate the file.
— mstores also have two required parameters, t y p e and f i l e . Optional
parameters configure the scan interval, during which expired and purged
messages are removed. See Understanding mstore Intervals on page 32
below for information about interval settings.
2. Associate destinations with the configured stores.
Messages are sent to different stores according to their destinations.
Destinations are associated with specific stores with the s t o r e parameter in
the t o p i c s . c o n f and q u e u e s . c o n f files.

File-Based Stores When using file-based stores, you can also change store associations
dynamically using the s e t p r o p t o p i c or s e t p r o p q u e u e command in the
EMS Administration Tool.

TIBCO Enterprise Message Service User’s Guide

32
| Chapter 2 Messages

mstores When using mstores, you cannot dynamically change the mstore associations
after they have been set. In order to change a destination’s s t o r e property
from a store of the type m s t o r e :
a. Stop the EMS server.
b. Empty the associated mstore of messages from the destination.
c. Change the store association by manually editing the destination’s store
property in the t o p i c s . c o n f or q u e u e s . c o n f file.
d. Restart the EMS server.

Once mstores are enabled for a destination, you cannot dynamically change
the s t o r e property value using s e t p r o p or a d d p r o p . To change the s t o r e
property, you must stop the server, empty the mstore, manually make the
change, and restart.
The mstore stores data in multiple files. As a result, mstores cannot operate in
o u t o f s p a c e conditions. In order to prevent an o u t o f s p a c e situation
from arising, we recommend ensuring that there is at least twice as much disk
space available for the mstore as needed to hold the maximum amount of data
that might be stored in it.

Multiple destinations can be mapped to the same store, either explicitly or using
wildcards. Even if no stores are configured, the server sends persistent messages
that are not associated with a store to default stores. See Default Store Files for
more information.
For details about the s t o r e parameter, see s t o r e on page 70.

Understanding mstore Intervals

The mstore is designed to ensuring a quick EMS server start-up time. To enable
this functionality, the EMS server must continually monitor the store in the
background. The server reads through the mstore incrementally and discards
stale data, such as purged and expired messages.
In order to keep the background activity from degrading server performance, the
examination is performed in increments. The length of these increments and the
amount of data processed each increment are controlled by two parameter
settings. These s t o r e s . c o n f parameters can be configured for each mstore.
The default parameter settings are optimized for best performance in most
production environments (see mstore Parameters on page 239 for information
about the default values). However, if the amount of data in the mstore grows
significantly, the read rates associated with the background activity may begin to

TIBCO Enterprise Message Service User’s Guide

 Store Messages in Multiple Stores 33
|

affect message transmission rates in the EMS server. If the EMS server
performance is negatively affected by the size of the mstore, you can tune the
mstore parameter values to spread mstore background activity over a longer
period of time, thereby decreasing the associated read rates.
• scan_target_interval — the maximum amount of time allowed before
each message in the store is examined.
For example, if the s c a n _ t a r g e t _ i n t e r v a l is 24 hours, each section of the
mstore will be examined at least once every day. Because purged and expired
messages are not removed from the mstore until they are examined by this
background process, this means that it can take up to 24 hours before a
message is removed from the queue following a purge command (making
underlying storage space available for re-use).
• scan_iter_interval — the length of time between each increment of
background activity.
For example, if the s c a n _ i t e r _ i n t e r v a l is 10 seconds, the EMS server begins
examining a new section of the mstore every 10 seconds. The amount of data
read in each increment is dependent on the total size of the store and the
length of the s c a n _ t a r g e t _ i n t e r v a l . The server must examine enough data
in each interval to fully traverse the store within the target interval.

Example
For example, assume that s c a n _ i t e r _ i n t e r v a l is 10 seconds,
scan_target_interval is 1 day (86,400 seconds), and the mstore contains 9 GBs
of data. Every 10 seconds, the EMS server will examine about 1 MB of data. This
produces an average read rate of about 100 KB/sec, which is unlikely to produce
performance degradation with most modern storage mediums.
If EMS server performance does slow, you may need to increase the
scan_target_interval value in order to spread the background activity over
longer period of time. You can monitor the settings for problems using the s h o w
s t o r e command and checking the ratio of "Discard scan bytes" to "Discard scan
interval". For best results, this ratio should be kept below 20% of the disk
processing capacity for each mstore. Consider this ratio in relation to your storage
medium's overall data transfer capacity, so as to make sure that the background
activity does not occupy an excessive amount of the system's resources.

TIBCO Enterprise Message Service User’s Guide

34
| Chapter 2 Messages

Implications for Statistics

The background monitoring and cleanup that occurs in the mstore also affect
some key server statistics. Before the first scan has been completed, some message
statistics may be underreported due to purged and expired messages that the
server has not yet removed. Until the first background scan is complete for some
or all mstores, the server may not have an accurate messages count.
For example, when the EMS server first starts, the "Pending Messages" and
"Pending Message Size" counts reported by the i n f o command in the
administration tool can be understated, because the command only reports on
messages it has scanned before the command is issued. Similarly, the "Message
Count" and "Message Size" reported by the s h o w s t o r e command may report a
smaller number than actually exist in the store.
Once the first scan is complete, these counts can be considered accurate. To check
the scan status on an mstore, use the s h o w s t o r e command. The statistics
returned now include a "First scan finished" field, which reports the scan status
since the last EMS server start time. When the value of this field is t r u e , the server
statistics can be considered accurate.
If it is important to acquire the correct values for these statistics sooner, you will
need to decrease the s c a n _ t a r g e t _ i n t e r v a l .

TIBCO Enterprise Message Service User’s Guide

 Character Encoding in Messages 35
|

Character Encoding in Messages

Character encodings are named sets of numeric values for representing

characters. For example, ISO 8859-1, also known as Latin-1, is the character
encoding containing the letters and symbols used by most Western European
languages. If your applications are sending and receiving messages that use only
English language characters (that is, the ASCII character set), you do not need to
alter your programs to handle different character encodings. The EMS server and
application APIs automatically handle ASCII characters in messages.
Character sets become important when your application is handling messages
that use non-ASCII characters (such as the Japanese language). Also, clients
encode messages by default as UTF-8. Some character encodings use only one
byte to represent each character, but UTF-8 can potentially use two bytes to
represent the same character. For example, the Latin-1 is a single-byte character
encoding. If all strings in your messages contain only characters that appear in the
Latin-1 encoding, you can potentially improve performance by specifying Latin-1
as the encoding for strings in the message.
EMS clients can specify a variety of common character encodings for strings in
messages. The character encoding for a message applies to strings that appear in
any of the following places within a message:
• property names and property values
• MapMessage field names and values
• data within the message body
The EMS client APIs (Java, .NET and C) include mechanisms for handling strings
and specifying the character encoding used for all strings within a message. The
following sections describe the implications of string character encoding for EMS
clients.

Nearly all character sets include unprintable characters. EMS software does not
prevent programs from using unprintable characters. However, messages
containing unprintable characters (whether in headers or data) can cause
unpredictable results if you instruct EMS to print them. For example, if you
enable the message tracing feature, EMS prints messages to a trace log file.

TIBCO Enterprise Message Service User’s Guide

36
| Chapter 2 Messages

Supported Character Encodings

Each message contains the name of the character encoding used to encode strings
within the message. This character encoding name is one of the canonical names
for character encodings contained in the Java specification. You can obtain a list of
canonical character encoding names from the java.sun.com website.
Java and .NET clients use these canonical character encoding names when setting
or retrieving the character encoding names. C clients have a list of macros that
correspond to these canonical names. See the C API references for a list of
supported character encodings in these interfaces.

Sending Messages
When a client sends a message, the message stores the character encoding name
used for strings in that message. Java clients represent strings using Unicode. A
message created by a Java client that does not specify an encoding will use UTF-8
as the named encoding within the message. UTF-8 uses up to four bytes to
represent each character, so a Java client can improve performance by explicitly
using a single-byte character encoding, if possible.
Java clients can globally set the encoding to use with the s e t E n c o d i n g method or
the client can set the encoding for each message with the s e t M e s s a g e E n c o d i n g
method. For more information about these methods, see the TIBCO Enterprise
Message Service Java API Reference.
Typically, C clients manipulate strings using the character encoding of the
machine on which they are running.

TIBCO Enterprise Message Service User’s Guide

 Message Compression 37
|

Message Compression

TIBCO Enterprise Message Service allows a client to compress the body of a

message before sending the message to the server. EMS supports message
compression/decompression across client types (Java, C and C#). For example, a
Java producer may compress a message and a C consumer may decompress it.

Message compression is supported in .NET clients when using the install package
for Visual C++ 8 / .NET 2.0. .NET in the Visual C++ 7 / .NET 1.1 package does
not support compression.

About Message Compression

Message compression is especially useful when messages will be stored on the
server (persistent queue messages, or topics with durable subscribers). Setting
compression ensures that messages will take less memory space in storage. When
messages are compressed and then stored, they are handled by the server in the
compressed form. Compression assures that the messages will usually consume
less space on disk and will be handled faster by the EMS server.
The compression option only compresses the body of a message. Headers and
properties are never compressed. It is best to use compression when the message
bodies will be large and the messages will be stored on a server.
When messages will not be stored, compression is not as useful. Compression
normally takes time, and therefore the time to send or publish and receive
compressed messages is generally longer than the time to send the same messages
uncompressed. There is little purpose to message compression for small messages
that are not be stored by the server.

Setting Message Compression

Message compression is specified for individual messages. That is, message
compression, if desired, is set at the message level. TIBCO Enterprise Message
Service does not define a way to set message compression at the per-topic or
per-queue level.
To set message compression, the application that sends or publishes the message
must access the message properties and set the boolean property
J M S _ T I B C O _ C O M P R E S S to t r u e before sending or publishing the message.

Compressed messages are handled transparently. The client code only sets the
J M S _ T I B C O _ C O M P R E S S property. The client does not need to take any other action.
The client automatically decompresses any compressed messages it receives.

TIBCO Enterprise Message Service User’s Guide

38
| Chapter 2 Messages

Message Acknowledgement

The interface specification for JMS requires that message delivery be guaranteed
under many, but not all, circumstances. Figure 10 illustrates the basic structure of
message delivery and acknowledgement.

Figure 10 Message Delivery and Acknowledgement

3 Message
1 Message
4
Message TIBCO EMS Acknowledgement Message
Producer 2 Server Consumer
Confirmation
5 Confirmation of
acknowledgement

EMS Client EMS Client

The following describes the steps in message delivery and acknowledgement:

1. A message is sent from the message producer to the machine on which the
EMS server resides.
2. For persistent messages, the EMS server sends a confirmation to the producer
that the message was received.
3. The server sends the message to the consumer.
4. The consumer sends an acknowledgement to the server that the message was
received. A session can be configured with a specific acknowledge mode that
specifies how the consumer-to-server acknowledgement is handled. These
acknowledge modes are described below.
5. In many cases, the server then sends a confirmation of the acknowledgement
to the consumer.
The JMS specification defines three levels of acknowledgement for non-transacted
sessions:
• C L I E N T _ A C K N O W L E D G E specifies that the consumer is to acknowledge all
messages that have been delivered so far by the session. When using this
mode, it is possible for a consumer to fall behind in its message processing
and build up a large number of unacknowledged messages.
• A U T O _ A C K N O W L E D G E specifies that the session is to automatically acknowledge
consumer receipt of messages when message processing has finished.
• DUPS_OK_ACKNOWLEDGE specifies that the session is to "lazily" acknowledge
the delivery of messages to the consumer. "Lazy" means that the consumer can
delay acknowledgement of messages to the server until a convenient time;

TIBCO Enterprise Message Service User’s Guide

 Message Acknowledgement 39
|

meanwhile the server might redeliver messages. This mode reduces session
overhead. Should JMS fail, the consumer may receive duplicate messages.
EMS extends the JMS acknowledge modes to include:
• NO_ACKNOWLEDGE

• EXPLICIT_CLIENT_ACKNOWLEDGE

• EXPLICIT_CLIENT_DUPS_OK_ACKNOWLEDGE

The acknowledgement mode is set when creating a Session, as described in

Creating a Session on page 317.

NO_ACKNOWLEDGE
N O _ A C K N O W L E D G E mode suppresses the acknowledgement of received messages.
After the server sends a message to the client, all information regarding that
message for that consumer is eliminated from the server. Therefore, there is no
need for the client application to send an acknowledgement to the server about
the received message. Not sending acknowledgements decreases the message
traffic and saves time for the receiver, therefore allowing better utilization of
system resources.

Sessions created in no-acknowledge receipt mode cannot be used to create

durable subscribers.
Also, queue receivers on a queue that is routed from another server are not
permitted to specify N O _ A C K N O W L E D G E mode.

EXPLICIT_CLIENT_ACKNOWLEDGE
E X P L I C I T _ C L I E N T _ A C K N O W L E D G E is like C L I E N T _ A C K N O W L E D G E except it
acknowledges only the individual message, rather than all messages received so
far on the session.
One example of when E X P L I C I T _ C L I E N T _ A C K N O W L E D G E would be used is when
receiving messages and putting the information in a database. If the database
insert operation is slow, you may want to use multiple application threads all
doing simultaneous inserts. As each thread finishes its insert, it can use
E X P L I C I T _ C L I E N T _ A C K N O W L E D G E to acknowledge only the message that it is
currently working on.

TIBCO Enterprise Message Service User’s Guide

40
| Chapter 2 Messages

EXPLICIT_CLIENT_DUPS_OK_ACKNOWLEDGE
E X P L I C I T _ C L I E N T _ D U P S _ O K _ A C K N O W L E D G E is like D U P S _ O K _ A C K N O W L E D G E except
it ’lazily" acknowledges only the individual message, rather than all messages
received so far on the session.

TIBCO Enterprise Message Service User’s Guide

 Message Selectors 41
|

Message Selectors

A message selector is a string that lets a client program specify a set of messages,
based on the values of message headers and properties. A selector matches a
message if, after substituting header and property values from the message into
the selector string, the string evaluates to t r u e . Consumers can request that the
server deliver only those messages that match a selector.
The syntax of selectors is based on a subset of the SQL92 conditional expression
syntax.

Identifiers
Identifiers can refer to the values of message headers and properties, but not to
the message body. Identifiers are case-sensitive.

Basic Syntax An identifier is a sequence of letters and digits, of any length, that begins with a
letter. As in Java, the set of letters includes _ (underscore) and $ (dollar).

Illegal Certain names are exceptions, which cannot be used as identifiers. In particular,
N U L L , T R U E , F A L S E , N O T, A N D , O R , B E T W E E N , L I K E , I N , I S , and E S C A P E are defined to
have special meaning in message selector syntax.

Value Identifiers refer either to message header names or property names. The type of
an identifier in a message selector corresponds to the type of the header or
property value. If an identifier refers to a header or property that does not exist in
a message, its value is N U L L .

Literals

String Literal A string literal is enclosed in single quotes. To represent a single quote within a
literal, use two single quotes; for example, ' l i t e r a l ' ' s ' . String literals use the
Unicode character encoding. String literals are case sensitive.

Exact Numeric An exact numeric literal is a numeric value without a decimal point, such as 5 7 ,
Literal - 9 5 7 , and + 6 2 ; numbers in the range of l o n g are supported.

Approximate An approximate numeric literal is a numeric value with a decimal point (such as
Numeric Literal 7 . , - 9 5 . 7 , and + 6 . 2 ), or a numeric value in scientific notation (such as 7 E 3 and
- 5 7 . 9 E 2 ); numbers in the range of d o u b l e are supported. Approximate literals
use the floating-point literal syntax of the Java programming language.

TIBCO Enterprise Message Service User’s Guide

42
| Chapter 2 Messages

Boolean Literal The boolean literals are T R U E and F A L S E (case insensitive).

Internal computations of expression values use a 3-value boolean logic similar to
SQL. However, the final value of an expression is always either T R U E or F A L S E —
never U N K N O W N .

Expressions

Selectors as Every selector is a conditional expression. A selector that evaluates to t r u e

Expressions matches the message; a selector that evaluates to f a l s e or unknown does not
match.

Arithmetic Arithmetic expressions are composed of numeric literals, identifiers (that evaluate
Expression to numeric literals), arithmetic operations, and smaller arithmetic expressions.

Conditional Conditional expressions are composed of comparison operations, logical

Expression operations, and smaller conditional expressions.

Order of Order of evaluation is left-to-right, within precedence levels. Parentheses override

Evaluation this order.

Operators

Case Insensitivity Operator names are case-insensitive.

Logical Operators Logical operators in precedence order: N O T, A N D , O R .

Comparison Comparison operators: = , > , > = , < , < = , < > (not equal).
Operators
These operators can compare only values of comparable types. (Exact numeric
values and approximate numerical values are comparable types.) Attempting to
compare incomparable types yields f a l s e . If either value in a comparison
evaluates to N U L L , then the result is unknown (in SQL 3-valued logic).
Comparison of string values is restricted to = and < > . Two strings are equal if and
only if they contain the same sequence of characters.
Comparison of boolean values is restricted to = and < > .

Arithmetic Arithmetic operators in precedence order:

Operators
• +, - (unary)
• *, / (multiplication and division)
• +, - (addition and subtraction)

TIBCO Enterprise Message Service User’s Guide

 Message Selectors 43
|

Arithmetic operations obey numeric promotion rules of the Java programming

language.

Between arithmetic-expr1 [ N O T ] B E T W E E N arithmetic-expr2 A N D arithmetic-expr3

Operator
The B E T W E E N comparison operator includes its endpoints. For example:
• age BETWEEN 5 AND 9 is equivalent to age >= 5 AND age <= 9

• age NOT BETWEEN 5 AND 9 is equivalent to age < 5 OR age > 9

String identifier [ N O T ] I N ( string-literal1, string-literal2, ...)

Set Membership
The identifier must evaluate to either a string or N U L L . If it is N U L L , then the value of
this expression is unknown.

Pattern Matching identifier [ N O T ] L I K E pattern-value [ E S C A P E escape-character]

The identifier must evaluate to a string.
The pattern-value is a string literal, in which some characters bear special meaning:
• _ (underscore) can match any single character.
• % (percent) can match any sequence of zero or more characters.
• escape-character preceding either of the special characters changes them into
ordinary characters (which match only themselves).

Null Header or identifier I S N U L L

Property
This comparison operator tests whether a message header is null, or a message
property is absent.
identifier I S N O T N U L L

This comparison operator tests whether a message header or message property is

non-null.

White Space
White space is any of the characters space, horizontal tab, form feed, or line
terminator—or any contiguous run of characters in this set.

TIBCO Enterprise Message Service User’s Guide

44
| Chapter 2 Messages

Data Type Conversion

Table 7 summarizes legal datatype conversions. The symbol X in Table 7 indicates

that a value written into a message as the row type can be extracted as the column
type. This table applies to all message values—including map pairs, headers and
properties—except as noted below.

Table 7 Data Type Conversion

bool byte short char int long float double string byte[]

bool X X

byte X X X X X

short X X X X

char X X

int X X X

long X X

float X X X

double X X

string X X X X X X X X

byte[] X

Notes • Message properties cannot have byte array values.

• Values written as strings can be extracted as a numeric or boolean type only
when it is possible to parse the string as a number of that type.

TIBCO Enterprise Message Service User’s Guide

 Synchronous and Asynchronous Message Consumption 45
|

Synchronous and Asynchronous Message Consumption

The EMS APIs allow for both synchronous or asynchronous message

consumption. For synchronous consumption, the message consumer explicitly
invokes a receive call on the topic or queue. When synchronously receiving
messages, the consumer remains blocked until a message arrives. See Receiving
Messages on page 333 for details.
The consumer can receive messages asynchronously by registering a message
listener to receive the messages. When a message arrives at the destination, the
message listener delivers the message to the message consumer. The message
consumer is free to do other operations between messages. See Creating a
Message Listener for Asynchronous Message Consumption on page 326 for
details.

TIBCO Enterprise Message Service User’s Guide

46
| Chapter 2 Messages

TIBCO Enterprise Message Service User’s Guide

 | 47

Chapter 3 Destinations

This chapter describes destinations (topics and queues).

Topics

• Destination Overview, page 48

• Destination Properties, page 55
• Creating and Modifying Destinations, page 72
• Wildcards, page 74
• Inheritance, page 77
• Destination Bridges, page 79
• Flow Control, page 84

TIBCO Enterprise Message Service User’s Guide

48
| Chapter 3 Destinations

Destination Overview

Destinations for messages can be either Topics or Queues. A destination can be

created statically in the server configuration files, or dynamically by a client
application.
Servers connected by routes exchange messages sent to temporary topics. As a
result, temporary topics are ideal destinations for reply messages in request/reply
interactions.
Table 8 summarizes the differences between static, dynamic, and temporary
destinations. The sections that follow provide more detail.

Table 8 Destination Overview (Sheet 1 of 2)

Aspect Static Dynamic Temporary

Purpose Static destinations let Dynamic destinations give Temporary destinations
administrators configure client programs the are ideal for limited-scope
EMS behavior at the flexibility to define uses, such as reply
enterprise level. destinations as needed for subjects.
Administrators define short-term use.
these administered objects,
and client programs use
them—relieving program
developers and end users
of the responsibility for
correct configuration.

Scope of Static destinations support Dynamic destinations Temporary destinations

Delivery concurrent use. That is, support concurrent use. support only local use.
several client processes That is, several client That is, only the client
(and in several threads processes (and in several connection that created a
within a process) can threads within a process) temporary destination can
create local objects can create local objects consume messages from it.
denoting the destination, denoting the destination,
However, servers
and consume messages and consume messages
connected by routes do
from it. from it.
exchange messages sent to
temporary topics.

Creation Administrators create Client programs create Client programs create

static destinations using dynamic destinations, if temporary destinations.
EMS server administration permitted by the server
tools or API. configuration.

TIBCO Enterprise Message Service User’s Guide

 Destination Overview 49
|

Table 8 Destination Overview (Sheet 2 of 2)

Aspect Static Dynamic Temporary

Lookup Client programs lookup Not applicable. Not applicable.
static destinations by
name. Successful lookup
returns a local object
representation of the
destination.

Duration A static destination A dynamic destination A temporary destination

remains in the server until remains in the server as remains in the server either
an administrator explicitly long as at least one client until the client that created
deletes it. actively uses it. The server it explicitly deletes it, or
automatically deletes it (at until the client disconnects
a convenient time) when from the server.
all applicable conditions
are true:
• Topic or Queue all
client programs that
access the destination
have disconnected
• Topic no offline
durable subscribers
exist for the topic
• Queue queue, no
messages are stored in
the queue

Destination Names
A destination name is a string divided into elements, each element separated by
the dot character (.). The dot character allows you to create multi-part destination
names that categorize destinations.
For example, you could have an accounting application that publishes messages
on several destinations. The application could prefix all messages with ACCT,
and each element of the name could specify a specific component of the
application. ACCT.GEN_LEDGER.CASH, ACCT.GEN_LEDGER.RECEIVABLE,
and ACCT.GEN_LEDGER.MISC could be subjects for the general ledger portion
of the application.

TIBCO Enterprise Message Service User’s Guide

50
| Chapter 3 Destinations

Separating the subject name into elements allows applications to use wildcards
for specifying more than one subject. See Wildcards on page 74 for more
information. The use of wildcards in destination names can also be used to define
"parent" and "child" destination relationships, where the child destinations inherit
the properties from its parents. See Inheritance of Properties on page 77.

Static Destinations
Configuration information for static destinations is stored in configuration files
for the EMS server. Changes to the configuration information can be made in a
variety of ways. To manage static destinations, you can edit the configuration files
using a text editor, you can use the administration tool, or you can use the
administration APIs.
Clients can obtain references to static destinations through a naming service such
as JNDI or LDAP. See Creating and Modifying Destinations on page 72 for more
information about how clients use static destinations.

Dynamic Destinations
Dynamic destinations are created on-the-fly by the EMS server, as required by
client applications. Dynamic destinations do not appear in the configuration files
and exist as long as there are messages or consumers on the destination. A client
cannot use JNDI to lookup dynamic queues and topics.
When you use the s h o w q u e u e s or s h o w t o p i c s command in the administration
tool, you see dynamic topics and queues have an asterisk (* ) in front of their name
in the list of topics or queues. If a property of a queue or topic has an asterisk (* )
character in front of its name, it means that the property was inherited from the
parent queue or topic and cannot be changed.
See Dynamically Creating Topics and Queues on page 320 for details on topics
and queues can be dynamically created by the EMS server.

Temporary Destinations
TIBCO Enterprise Message Service supports temporary destinations as defined in
JMS specification 1.1 and its API.
Servers connected by routes exchange messages sent to temporary topics. As a
result, temporary topics are ideal destinations for reply messages in request/reply
interactions.
For more information on temporary queues and topics, refer to the JMS
documentation described in Third Party Documentation on page xxviii.

TIBCO Enterprise Message Service User’s Guide

 Destination Overview 51
|

Destination Bridges
You can create server-based bridges between destinations of the same or different
types to create a hybrid messaging model for your application. This allows all
messages delivered to one destination to also be delivered to the bridged
destination. You can bridge between different destination types, between the
same destination type, or to more than one destination. For example, you can
create a bridge between a topic and a queue or from a topic to another topic.
See Destination Bridges on page 79 for more information about destination
bridging.

TIBCO Enterprise Message Service User’s Guide

52
| Chapter 3 Destinations

Destination Name Syntax

TIBCO Enterprise Message Service places few restrictions on the syntax and
interpretation of destination names. System designers and developers have the
freedom to establish their own conventions when creating destination names. The
best destination names reflect the structure of the data in the application itself.

Structure A destination name is a string divided into elements, each element separated by
the dot character (. ). The dot character allows you to create multi-part destination
names that categorize destinations.
Empty strings (" " ) are not permitted destination names. Likewise, elements
cannot incorporate the dot character by using an escape sequence.
Although they are not prohibited, we recommend that you do not use tabs,
spaces, or any unprintable character in a destination name. You may, however,
use wildcards. See Wildcards on page 74 for more information.

Length Destinations are limited to a total length of 249 characters. However, some of that
length is reserved for internal use. The amount of space reserved for internal use
varies according to the number of elements in the destination; destinations that
include the maximum number of elements are limited to 196 characters.
A destination can have up to 64 elements. Elements cannot exceed 127 characters.
Dot separators are not included in element length.

Destination Name When designing destination naming conventions, remember these performance
Performance considerations:
Considerations
• Shorter destination names perform better than long destination names.
• Destinations with several short elements perform better than one long
element.
• A set of destinations that differ early in their element lists perform better than
subjects that differ only in the last element.

TIBCO Enterprise Message Service User’s Guide

 Destination Name Syntax 53
|
Special These characters have special meanings when used in destination names:
Characters in
Destination Table 9 Characters with Special Meaning in Destination Names
Names
Char Char Name Special Meaning
_ Underscore Destination names beginning with underscore are
reserved. It is illegal for application programs to send
destinations with underscore as the first character of
the first element, except _ I N B O X .
It is legal to use underscore elsewhere in destination
names.

. Dot Separates elements within a destination name.

> Greater-than Wildcard character, matches one or more trailing

elements.

* Asterisk Wildcard character, matches one element.

For more information on wildcard matching, see Wildcards * and > on page 74.

Examples
These examples illustrate the syntax for destination names.

Table 10 Valid Destination Name Examples

NEWS.LOCAL.POLITICS.CITY_COUNCIL

NEWS.NATIONAL.ARTS.MOVIES.REVIEWS

CHAT.MRKTG.NEW_PRODUCTS

CHAT.DEVELOPMENT.BIG_PROJECT.DESIGN

News.Sports.Baseball

finance

This.long.subject_name.is.valid.even.though.quite.uninformative

TIBCO Enterprise Message Service User’s Guide

54
| Chapter 3 Destinations

Table 11 Invalid Destination Name Examples

News..Natural_Disasters.Flood (null element)

WRONG. (null element)

.TRIPLE.WRONG.. (three null elements)

News.Tennis.Stats.Roger\.Federer (backslash in the element R o g e r will

be included in the element name, and will not escape the dot)

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 55
|

Destination Properties

This section contains a description of properties for topics and queues.

You can set the properties directly in the t o p i c s . c o n f or q u e u e s . c o n f file or by
means of the s e t p r o p t o p i c or s e t p r o p q u e u e command in the EMS
Administration Tool.
Table 12 lists the properties that can be assigned to topics and queues. The
following sections describe each property.

Table 12 Destination properties (Sheet 1 of 2)

Property Described on Page Topic Queue

channel 56 Yes No

exclusive 56 No Yes

expiration 57 Yes Yes

export 58 Yes No

flowControl 58 Yes Yes

global 59 Yes Yes

import 59 Yes Yes

maxbytes 60 Yes Yes

maxmsgs 61 Yes Yes

maxRedelivery 61 No Yes

overflowPolicy 62 Yes Yes

prefetch 65 Yes Yes

redeliverydelay 67 No Yes

secure 68 Yes Yes

sender_name 69 Yes Yes

sender_name_enforced 69 Yes Yes

store 70 Yes Yes

TIBCO Enterprise Message Service User’s Guide

56
| Chapter 3 Destinations

Table 12 Destination properties (Sheet 2 of 2)

Property Described on Page Topic Queue

trace 71 Yes Yes

channel
The c h a n n e l property determines the multicast channel over which messages
sent to this topic are broadcast. By including the c h a n n e l property, the associated
topic is enabled for multicast.
Set the c h a n n e l property using this form:
c h a n n e l = name

where name is the name of a channel, as defined in the c h a n n e l s . c o n f file.

For example, this will broadcast all messages sent to the topic t o p i c . f o o over the
channel named m y c a s t :
topic.foo channel=mycast

Only one channel is allowed for each topic. For this reason, overlapping wildcard
topics are incompatible with channel properties. The creation of a wildcard topic
with a c h a n n e l property that overlaps with another wildcard topic with a
c h a n n e l property will fail. See Overlapping Wildcards and Disjoint Properties on
page 74 for more information.

This parameter cannot be used without first configuring multicast channels in the
c h a n n e l s . c o n f file and enabling this feature in the t i b e m s d . c o n f file.

For more information, see Chapter 13, Using Multicast, on page 345.

exclusive
The e x c l u s i v e property is available for queues only (not for topics), and cannot
be used with global queues.
When e x c l u s i v e is set for a queue, the server sends all messages on that queue to
one consumer. No other consumers can receive messages from the queue. Instead,
these additional consumers act in a standby role; if the primary consumer fails, the
server selects one of the standby consumers as the new primary, and begins
delivering messages to it.
You can set e x c l u s i v e using the form:
exclusive

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 57
|
Non-Exclusive By default, e x c l u s i v e is not set for queues and the server distributes messages in
Queues & a round-robin—one to each receiver that is ready. If any receivers are still ready to
Round-Robin accept additional messages, the server distributes another round of messages—
Delivery one to each receiver that is still ready. When none of the receivers are ready to
receive more messages, the server waits until a queue receiver reports that it can
accept a message.
This arrangement prevents a large buildup of messages at one receiver and
balances the load of incoming messages across a set of queue receivers.

expiration
If an e x p i r a t i o n property is set for a destination, the server honors the
overridden expiration period and retains the message for the length of time
specified by the expiration property.
However, the server overrides the J M S E x p i r a t i o n value set by the producer in
the message header with the value 0 and therefore the consuming client does not
expire the message.
You can set the e x p i r a t i o n property for any queue and any topic using the form:
e x p i r a t i o n = time[ m s e c | s e c | m i n | h o u r | d a y ]

where time is the number of seconds. Zero is a special value that indicates
messages to the destination never expire.
You can optionally include time units, such as m s e c , s e c , m i n , h o u r or d a y to
describe the time value as being in milliseconds, seconds, minutes, hours, or days,
respectively. For example:
expiration=10min

Means 10 minutes.
When a message expires it is either destroyed or, if the
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property on the message is set to t r u e , the
message is placed on the undelivered queue so it can be handled by a special
consumer. See Undelivered Message Queue on page 20 for details.
In EMS version 4.4 and later, clients automatically synchronize their clocks with
the server when a connection is created. However, for long-lasting connections,
Network Time Protocol (NTP) is the most reliable method for ensuring continuing
synchronization between server and client. Additionally, if your EMS server or
client application are based on a version of EMS prior to 4.4, you must ensure that
clocks are synchronized among all the host computers that send and receive
messages, if your pre-4.4 client application uses non-zero values for message
expiration. Synchronize clocks to a tolerance that is a very small fraction of the
smallest message expiration time.

TIBCO Enterprise Message Service User’s Guide

58
| Chapter 3 Destinations

export
The e x p o r t property allows messages published by a client to a topic to be
exported to the external systems with configured transports.
You can set e x p o r t using the form:
e x p o r t = " list"

where list is one or more transport names, as specified by the [transport_name] ids in
the t r a n s p o r t s . c o n f file. Multiple transport names in the list are separated by
commas.
For example:
export="RV1,RV2"

Currently you can configure transports for SmartSockets or Rendezvous reliable

and certified messaging protocols. You can specify the name of one or more
transports of the same type in the export property.
You must purchase, install, and configure the external system (for example,
Rendezvous) before configuring topics with the export property. Also, you must
configure the communication parameters to the external system by creating a
named transport in the t r a n s p o r t s . c o n f file.
For complete details about external message services, see these chapters:
• Chapter 15, Working With TIBCO Rendezvous, on page 377
• Chapter 16, Working With TIBCO SmartSockets, on page 401

flowControl
The f l o w C o n t r o l property specifies the target maximum size the server can use
to store pending messages for the destination. Should the number of messages
exceed the maximum, the server will slow down the producers to the rate
required by the message consumers. This is useful when message producers send
messages much more quickly than message consumers can consume them. Unlike
the behavior established by the o v e r f l o w P o l i c y property, f l o w C o n t r o l never
discards messages or generates errors back to producer.
You can set f l o w C o n t r o l using the form:
f l o w C o n t r o l =size[ K B | M B | G B ]

where size is the maximum number of bytes of storage for pending messages of
the destination. If you specify the f l o w C o n t r o l property without a value, the
target maximum is set to 256KB.
You can optionally include a KB, MB or GB after the number to specify kilobytes,
megabytes, or gigabytes, respectively. For example:

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 59
|
flowControl=1000KB

Means 1000 kilobytes.

The f l o w _ c o n t r o l parameter in t i b e m s d . c o n f file must be set to e n a b l e d before
the value in this property is enforced by the server. See Flow Control on page 84
for more information about flow control.

global
Messages destined for a topic or queue with the g l o b a l property set are routed to
the other servers that are participating in routing with this server.
You can set g l o b a l using the form:
global

For further information on routing between servers, see Chapter 20, Working
With Routes, on page 485.

import
The i m p o r t property allows messages published by an external system to be
received by a EMS destination (a topic or a queue), as long as the transport to the
external system is configured.
You can set i m p o r t using the form:
i m p o r t = " list"

where list is one or more transport names, as specified by the [NAME] ids in the
t r a n s p o r t s . c o n f file. Multiple transport names in the list are separated by
commas. For example:
import="RV1,RV2"

Currently you can configure transports for TIBCO SmartSockets or TIBCO

Rendezvous reliable and certified messaging protocols. You can specify the name
of one or more transports of the same type in the import property.
You must purchase, install, and configure the external system (for example,
Rendezvous) before configuring topics with the import property. Also, you must
configure the communication parameters to the external system by creating a
named transport in the t r a n s p o r t s . c o n f file.
For complete details about external message services, see these chapters:
• Chapter 15, Working With TIBCO Rendezvous, on page 377
• Chapter 16, Working With TIBCO SmartSockets, on page 401

TIBCO Enterprise Message Service User’s Guide

60
| Chapter 3 Destinations

maxbytes
Topics and queues can specify the m a x b y t e s property in the form:
m a x b y t e s = value[ K B | M B | G B ]

where value is the number of bytes. For example:

maxbytes=1000

Means 1000 bytes.

You can optionally include a KB, MB or GB after the number to specify kilobytes,
megabytes, or gigabytes, respectively. For example:
maxbytes=1000KB

Means 1000 kilobytes.

For queues, m a x b y t e s defines the maximum size (in bytes) that the queue can
store, summed over all messages in the queue. Should this limit be exceeded,
messages will be rejected by the server and the message producer send calls will
return an error (see also o v e r f l o w P o l i c y ). For example, if a receiver is off-line for
a long time, then the queue size could reach this limit, which would prevent
further memory allocation for additional messages.
If m a x b y t e s is zero, or is not set, the server does not limit the memory allocation
for the queue.
You can set both m a x m s g s and m a x b y t e s properties on the same queue. Exceeding
either limit causes the server to reject new messages until consumers reduce the
queue size to below these limits.
For topics, m a x b y t e s limits the maximum size (in bytes) that the topic can store
for delivery to each durable or non-durable online subscriber on that topic. That
is, the limit applies separately to each subscriber on the topic. For example, if a
durable subscriber is off-line for a long time, pending messages accumulate until
they exceed m a x b y t e s ; when the subscriber consumes messages (freeing storage)
the topic can accept additional messages for the subscriber. For a non-durable
subscriber, m a x b y t e s limits the number of pending messages that can accumulate
while the subscriber is online.

Under certain conditions, because of the pipelined nature of message processing

or the requirements of transactional messaging, the m a x b y t e s limit can be slightly
exceeded. You may see message totals that are marginally larger than the set limit.

When a destination inherits different values of this property from several parent
destinations, it inherits the smallest value.

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 61
|

maxmsgs
Topics and queues can specify the m a x m s g s property in the form:
m a x m s g s = value

where value defines the maximum number of messages that can be waiting in a
queue. When adding a message would exceed this limit, the server does not
accept the message into storage, and the message producer’s send call returns an
error (but see also o v e r f l o w P o l i c y ).
If m a x m s g s is zero, or is not set, the server does not limit the number of messages
in the queue.
You can set both m a x m s g s and m a x b y t e s properties on the same queue. Exceeding
either limit causes the server to reject new messages until consumers reduce the
queue size to below these limits.

Under certain conditions, because of the pipelined nature of message processing

or the requirements of transactional messaging, the m a x m s g s limit can be slightly
exceeded. You may see message totals that are marginally larger than the set limit.

maxRedelivery
The m a x R e d e l i v e r y property specifies the number of attempts the server should
make to deliver a message sent to a queue. Set m a x R e d e l i v e r y using the form:
m a x R e d e l i v e r y = count

where count is an integer between 2 and 255 that specifies the maximum number
of times a message can be delivered to receivers. A value of zero disables
m a x R e d e l i v e r y, so there is no maximum.

Once the server has attempted to deliver the message the specified number of
times, the message is either destroyed or, if the
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property on the message is set to t r u e , the
message is placed on the undelivered queue so it can be handled by a special
consumer. See Undelivered Message Queue on page 20 for details.

TIBCO Enterprise Message Service User’s Guide

62
| Chapter 3 Destinations

For messages that have been redelivered, the J M S R e d e l i v e r e d header property is

set to t r u e and the J M S X D e l i v e r y C o u n t property is set to the number of times the
message has been delivered to the queue. If the server restarts, the current
number of delivery attempts in the J M S X D e l i v e r y C o u n t property is not retained.

In the event of an abrupt exit by the client, the m a x R e d e l i v e r y count can be

mistakenly incremented. An abrupt exit prevents the client from communicating
with the server; for example, when the client exits without closing the connection
or when the client application crashes. If a client application exits abruptly, the
EMS server counts all messages sent to the client as delivered, even if they were
not presented to the application.

For more information, see Undelivered Message Queue on page 20.

overflowPolicy
Topics and queues can specify the o v e r f l o w P o l i c y property to change the effect
of exceeding the message capacity established by either m a x b y t e s or m a x m s g s .
Set the o v e r f l o w P o l i c y using the form:
overflowPolicy=default|discardOld|rejectIncoming

If o v e r f l o w P o l i c y is not set, then the policy is d e f a u l t .

The effect of o v e r f l o w P o l i c y differs depending on whether you set it on a topic
or a queue, so the impact of each o v e r f l o w P o l i c y value is described separately
for topics and queues.
When o v e r f l o w P o l i c y is set on multicast-enabled topics, it is honored in the
multicast daemon. That is, the multicast daemon will discard messages based on
the backlog in the daemon rather than the backlog in the server.
For topics and consumers that are not multicast-enabled, the response to the
overflowPolicy occurs in the EMS server.
If wildcards are used in the .c o n f file the inheritance of the o v e r f l o w P o l i c y
policy from multiple parents works as follows:
• If a child destination has a non-default o v e r f l o w P o l i c y policy set, then that
policy is used and it does not inherit any conflicting policy from a parent.
• If a parent has O V E R F L O W _ R E J E C T _ I N C O M I N G set, then it is inherited by the
child destination over any other policy.
• If no parent has O V E R F L O W _ R E J E C T _ I N C O M I N G set and a parent has
O V E R F L O W _ D I S C A R D _ O L D policy set, then that policy is inherited by the child
destination.

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 63
|

• If no parent has the O V E R F L O W _ R E J E C T _ I N C O M I N G or O V E R F L O W _ D I S C A R D _ O L D

set, then the d e f a u l t policy is used by the child destination.

default
For topics, d e f a u l t specifies that messages are sent to each subscriber in turn. If
the m a x b y t e s or m a x m s g s setting has been reached for a subscriber, that subscriber
does not receive the message. No error is returned to the message producer.
For queues, d e f a u l t specifies that new messages are rejected by the server and an
error is returned to the producer if the established m a x b y t e s or m a x m s g s value has
been exceeded.
Note that this is the same default behavior for topics and queues as in EMS 4.3.

discardOld
For topics, d i s c a r d O l d specifies that, if any of the subscribers have an
outstanding number of undelivered messages on the server that are over the
message limit, the oldest messages are discarded before they are delivered to the
subscriber.
The d i s c a r d O l d setting impacts subscribers individually. For example, you might
have three subscribers to a topic, but only one subscriber exceeds the message
limit. In this case, only the oldest messages for the one subscriber are discarded,
while the other two subscribers continue to receive all of their messages.
When messages are discarded for topic subscribers, no error is returned to the
producer because messages could be delivered to some subscribers and discarded
for others.
For queues, d i s c a r d O l d specifies that, if messages on the queue have exceeded
the m a x b y t e s or m a x m s g s value, the oldest messages are discarded from the
queue and an error is returned to the message producer.

rejectIncoming
For topics, r e j e c t I n c o m i n g specifies that, if any of the subscribers have an
outstanding number of undelivered messages on the server that are over the
message limit, all new messages are rejected and an error is returned to the
producer.
For queues, r e j e c t I n c o m i n g specifies that, if messages on the queue have
exceeded the m a x b y t e s or m a x m s g s value, all new messages are rejected and an
error is returned to the producer. (This is the same as the d e f a u l t behavior.)

TIBCO Enterprise Message Service User’s Guide

64
| Chapter 3 Destinations

Examples
To discard messages on m y Q u e u e when the number of queued messages exceeds
1000, enter:
setprop queue myQueue maxmsgs=1000,overflowPolicy=discardOld

To reject all new messages published to m y T o p i c when the memory used by

undelivered messages for any of the topic subscribers exceeds 100KB, enter:
setprop topic myTopic maxbytes=100KB,overflowPolicy=rejectIncoming

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 65
|

prefetch
The message consumer portion of a client and the server cooperate to regulate
fetching according to the p r e f e t c h property. The p r e f e t c h property applies to
both topics and queues.
You can set p r e f e t c h using the form:
p r e f e t c h = value

where value is one of the values in Table 13.

Table 13 Prefetch

Value Description
2 or more The message consumer automatically fetches messages from the
server. The message consumer never fetches more than the
number of messages specified by value.
See Automatic Fetch Enabled on page 66 for details.

1 The message consumer automatically fetches messages from the

server—initiating fetch only when it does not currently hold a
message.

none Disables automatic fetch. That is, the message consumer initiates
fetch only when the client calls r e c e i v e —either an explicit
synchronous call, or an implicit call (in an asynchronous
consumer).
This value cannot be used with topics or global queues.
See Automatic Fetch Disabled on page 67 for details.

0 The destination inherits the p r e f e t c h value from a parent

destination with a matching name. If it has no parent, or no
destination in the parent chain sets a value for p r e f e t c h , then
the default value is 5 queues and 64 for topics.
When a destination does not set any value for p r e f e t c h , then
the default value is 0 (zero; that is, inherit the p r e f e t c h value).
See Inheritance on page 67 for details.

TIBCO Enterprise Message Service User’s Guide

66
| Chapter 3 Destinations

If both p r e f e t c h and m a x R e d e l i v e r y are set to a non-zero value, then there is a

potential to lose prefetched messages if one of the messages exceeds the
m a x R e d e l i v e r y limit. For example, p r e f e t c h = 5 and m a x R e d e l i v e r y = 4 . The first
message is redelivered 4 times, hits the m a x R e d e l i v e r y limit and is sent to the
undelivered queue (as expected). However, the other 4 pre-fetched messages are
also sent to the undelivered queue and are not processed by the receiving
application. The work around is to set p r e f e t c h = n o n e , but this can have
performance implications on large volume interfaces.

Background
Delivering messages from the server destination to a message consumer involves
two independent phases—fetch and accept:
• The fetch phase is a two-step interaction between a message consumer and the
server.
— The message consumer initiates the fetch phase by signalling to the server
that it is ready for more messages.
— The server responds by transferring one or more messages to the client,
which stores them in the message consumer.
• In the accept phase, client code takes a message from the message consumer.
The r e c e i v e call embraces both of these phases. It initiates fetch when needed
and it accepts a message from the message consumer.
To reduce waiting time for client programs, the message consumer can prefetch
messages—that is, fetch a batch of messages from the server, and hold them for
client code to accept, one by one.

Automatic Fetch Enabled

To enable automatic fetch, set p r e f e t c h to a positive integer. Automatic fetch
ensures that if a message is available, then it is waiting when client code is ready
to accept one. It can improve performance by decreasing or eliminating client idle
time while the server transfers a message.
However, when a queue consumer prefetches a group of messages, the server
does not deliver them to other queue consumers (unless the first queue
consumer’s connection to the server is broken).

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 67
|

Automatic Fetch Disabled

To disable automatic fetch, set p r e f e t c h = n o n e .
Even when p r e f e t c h = n o n e , a queue consumer can still hold a message. For
example, a r e c e i v e call initiates fetch, but its timeout elapses before the server
finishes transferring the message. This situation leaves a fetched message waiting
in the message consumer. A second r e c e i v e call does not fetch another message;
instead, it accepts the message that is already waiting. A third r e c e i v e call
initiates another fetch.
Notice that a waiting message still belongs to the queue consumer, and the server
does not deliver it to another queue consumer (unless the first queue consumer’s
connection to the server is broken). To prevent messages from waiting in this state
for long periods of time, code programs either to call r e c e i v e with no timeout, or
to call it (with timeout) repeatedly and shorten the interval between calls.

Automatic fetch cannot be disabled for global queues or for topics.

Inheritance
When a destination inherits the p r e f e t c h property from parent destination with
matching names, these behaviors are possible:
• When all parent destinations set the value n o n e , then the child destination
inherits the value n o n e .
• When any parent destination sets a non-zero numeric value, then the child
destination inherits the largest value from among the entire parent chain.
• When none of the parent destinations sets any non-zero numeric value, then
the child destination uses the default value (which is 5).

redeliverydelay
When r e d e l i v e r y d e l a y is set, the EMS server waits the specified interval before
returning an unacknowledged message to the queue. When a previously
delivered message did not receive a successful acknowledgement, the EMS server
waits the specified redelivery delay before making the message available again in
the queue. This is most likely to occur in the event of a transaction rollback,
session or message recovery, session or connection close, or the abrupt exit of a
client application. However, note that the delay time is not exact, and in most
situations will exceed the specified r e d e l i v e r y d e l a y.

The redelivery delay is not available for routed queues.

TIBCO Enterprise Message Service User’s Guide

68
| Chapter 3 Destinations

The value can be specified in seconds, minutes, or hours. The value may be in the
range of 15 seconds and 8 hours.
You can set r e d e l i v e r y d e l a y using the form:
r e d e l i v e r y d e l a y = time[ s e c | m i n | h o u r ]

where time is the number of seconds. Zero is a special value that indicates no
redelivery delay.
You can optionally include time units, such as s e c , m i n , or h o u r describe the time
value as being in seconds, minutes, or hours, respectively. For example:
redeliverydelay=30min

specifies a redelivery delay of 30 minutes.

During the delay interval, messages are placed in the $ s y s . r e d e l i v e r y . d e l a y
queue. This queue can be browsed, but it cannot be consumed from or purged.
However, purging the queue from which the delayed message came, or removing
the message using its message ID, immediately removes that message from
$ s y s . r e d e l i v e r y . d e l a y.

While a message is on the $ s y s . r e d e l i v e r y . d e l a y queue, it is not on the queue

from which it came and so it is not included in statistical message counts. This
includes m a x m s g s , m a x b y t e s , f l o w C o n t r o l , and so on.

secure
When the s e c u r e property is enabled for a destination, it instructs the server to
check user permissions whenever a user attempts to perform an operation on that
destination.
You can set s e c u r e using the form:
secure

If the s e c u r e property is not set for a destination, the server does not check
permissions for that destination and any authenticated user can perform any
operation on that topic or queue.

The s e c u r e property is independent of SSL—it controls basic authentication and

permission verification within the server. To configure secure communication
between clients and server, see Using the SSL Protocol on page 441.

The server a u t h o r i z a t i o n property acts as a master switch for checking

permissions. That is, the server checks user permissions on secure destinations
only when the a u t h o r i z a t i o n property is enabled. To enforce permissions, you
must both enable the a u t h o r i z a t i o n configuration parameter, and set the s e c u r e
property on each affected destination.

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 69
|

See Chapter 8, Authentication and Permissions, on page 247 for more information
on permissions and the s e c u r e property.

sender_name
The s e n d e r _ n a m e property specifies that the server may include the sender’s
username for messages sent to this destination.
You can set s e n d e r _ n a m e using the form:
sender_name

When the s e n d e r _ n a m e property is enabled, the server takes the user name
supplied by the message producer when the connection is established and places
that user name into the J M S _ T I B C O _ S E N D E R property in the message.
The message producer can override this behavior by specifying a property on a
message. If a message producer sets the J M S _ T I B C O _ D I S A B L E _ S E N D E R property
to true for a message, the server overrides the s e n d e r _ n a m e property and does
not add the sender name to the message.
If authentication for the server is turned off, the server places whatever user name
the message producer supplied when the message producer created a connection
to the server. If authentication for the server is enabled, the server authenticates
the user name supplied by the connection and the user name placed in the
message property will be an authenticated user. If SSL is used, the SSL connection
protocol guarantees the client is authenticated using the client’s digital certificate.

sender_name_enforced
The s e n d e r _ n a m e _ e n f o r c e d property specifies that messages sent to this
destination must include the sender’s user name. The server retrieves the user
name of the message producer using the same procedure described in the
s e n d e r _ n a m e property above. However, unlike, the s e n d e r _ n a m e property, there
is no way for message producers to override this property.
You can set s e n d e r _ n a m e _ e n f o r c e d using the form:
sender_name_enforced

TIBCO Enterprise Message Service User’s Guide

70
| Chapter 3 Destinations

If the s e n d e r _ n a m e property is also set on the destination, this property overrides

the s e n d e r _ n a m e property.

In some business situations, clients may not be willing to disclose the username of
their message producers. If this is the case, these clients may wish to avoid
sending messages to destinations that have the s e n d e r _ n a m e or
s e n d e r _ n a m e _ e n f o r c e d properties enabled.

In these situations, the operator of the EMS server should develop a policy for
disclosing a list of destinations that have these properties enabled. This will allow
clients to avoid sending messages to destinations that would cause their message
producer usernames to be exposed.

store
The s t o r e property determines where messages sent to this destination are
stored. Messages may be stored in a file, or in a database. See Store Messages in
Multiple Stores on page 29 for more information on using and configuring
multiple stores.

Before using the s e t p r o p or a d d p r o p commands to change the store settings for a

topic or queue, you must stop the flow of incoming messages on the destination.

Set the s t o r e property using this form:

s t o r e = name

where name is the name of a store, as defined in the s t o r e s . c o n f file.

For example, this will send all messages sent to the destination g i a n t s . g a m e s to
the store named b a s e b a l l ; messages sent to all other destinations will be stored
in e v e r y t h i n g e l s e :
> store=everythingelse
giants.games store=baseball

Only one store is allowed for each destination. If there is a conflict, for example if
overlapping wildcards cause a topic to inherit multiple store properties, the topic
creation will fail.

This parameter cannot be used without first enabling this feature in the
t i b e m s d . c o n f file. The s t o r e s . c o n f file must also exist, but can be left empty if
the only store names that are associated with destinations are the default store
files.
See Store Messages in Multiple Stores on page 29 for more information.

TIBCO Enterprise Message Service User’s Guide

 Destination Properties 71
|

trace
The t r a c e property specifies that tracing should be enabled for this destination.
You can set t r a c e using the form:
trace = [body]

Specifying t r a c e (without = b o d y ), generates trace messages that include the

message sequence, message ID, and message size. Specifying t r a c e = b o d y
generates trace messages that include the message body. See Message Tracing on
page 428 for more information about message tracing.

TIBCO Enterprise Message Service User’s Guide

72
| Chapter 3 Destinations

Creating and Modifying Destinations

Destinations are typically "static" administered objects that can be stored in a

JNDI or LDAP server. Administered objects can also be stored in the EMS server
and looked up using the EMS implementation of JNDI. This section describes
how to use the EMS Administration Tool described in Chapter 6 to create and
modify destination objects in EMS.
You create a queue using the c r e a t e q u e u e command and a topic using the
c r e a t e t o p i c command. For example, to create a new queue named m y Q u e u e ,
enter:
create queue myQueue

To create a topic named m y T o p i c , enter:

create topic myTopic

The queue and topic data stored on the EMS server is located in the q u e u e s . c o n f
and t o p i c s . c o n f files, respectively. You can use the s h o w q u e u e s and s h o w
t o p i c s commands to list all of the queues and topics on your EMS server and the
s h o w q u e u e and s h o w t o p i c commands to show the configuration details of
specific queues and topics.
A queue or topic may include optional properties that define the specific
characteristics of the destination. These properties are described in Destination
Properties on page 55 and they can be specified when creating the queue or topic
or modified for an existing queue or topic using the a d d p r o p q u e u e , a d d p r o p
t o p i c , s e t p r o p q u e u e , s e t p r o p t o p i c , r e m o v e p r o p q u e u e , and r e m o v e p r o p
t o p i c commands.

For example, to discard messages on myQueue when the number of queued

messages exceeds 1000, you can set an o v e r f l o w P o l i c y by entering:
addprop queue myQueue maxmsgs=1000,overflowPolicy=discardOld

To change the o v e r f l o w P o l i c y from d i s c a r d O l d to r e j e c t I n c o m i n g , enter:

addprop queue myQueue overflowPolicy=rejectIncoming

The s e t p r o p q u e u e and s e t p r o p t o p i c commands remove properties that are

not explicitly set by the command. For example, to change m a x m s g s to 100 and to
remove the o v e r f l o w P o l i c y parameter, enter:
setprop queue myQueue maxmsgs=100

TIBCO Enterprise Message Service User’s Guide

 Creating and Modifying Destinations 73
|

Creating Secure Destinations

By default, all authenticated EMS users have permissions to perform any action
on any topic or queue. You can set the s e c u r e property on a topic or queue and
then use the g r a n t t o p i c or g r a n t q u e u e command to specify which users
and/or groups are allowed to perform which actions on the destination.
The s e c u r e property requires that you enable the a u t h o r i z a t i o n property on
the EMS server.
For example, to create a secure queue, named m y Q u e u e , to which only users "joe"
and "eric" can send messages and "sally" can receive messages, in the EMS
Administration Tool, enter:
set server authorization=enabled
create queue myQueue secure
grant queue myQueue joe send
grant queue myQueue eric send
grant queue myQueue sally receive

See Chapter 8, Authentication and Permissions, on page 247 for more

information.

TIBCO Enterprise Message Service User’s Guide

74
| Chapter 3 Destinations

Wildcards

You can use wildcards when specifying statically created destinations in

q u e u e s . c o n f and t o p i c s . c o n f . The use of wildcards in destination names can
be used to define "parent" and "child" destination relationships, where the child
destinations inherit the properties and permissions from its parents. You must
first understand wildcards to understand the inheritance rules described in
Inheritance on page 77.

Wildcards * and >

To understand the rules for inheritance of properties, it is important to
understand the use of the two wildcards, * and > .
• The wildcard > by itself matches any destination name.
• When > is mixed with text, it matches one or more trailing elements. For
example:
foo.>

Matches f o o . b a r, f o o . b o o , f o o . b o o . b a r, and f o o . b a r . b o o .
• The wildcard * means that any token can be in the place of * . For example:
foo.*

Matches f o o . b a r and f o o . b o o , but not f o o . b a r . b o o .

foo.*.bar

Matches f o o . b o o . b a r, but not f o o . b a r.

Overlapping Wildcards and Disjoint Properties

Some destination properties are disjoint, and the server allows that property to be
set only once for each destination. If an existing destination includes a value for a
disjoint property and you attempt to assign a different value, the action will fail.
Overlapping wildcard destinations can cause conflicts with disjoint properties.
For example, consider the following configuration of the c h a n n e l property:
topic.multicast.> channel=multicast_1
topic.multicast.quotes.* channel=multicast_2

The topic t o p i c . m u l t i c a s t . q u o t e s . t i b x would be assigned both channels,

m u l t i c a s t _ 1 and m u l t i c a s t _ 2 . Therefore, the wildcard topics
t o p i c . m u l t i c a s t . > and t o p i c . m u l t i c a s t . q u o t e s . * cannot coexist. Their
creation would fail.

TIBCO Enterprise Message Service User’s Guide

 Wildcards 75
|

The disjoint destination properties are:

• channel

• store

Wildcards in Topics
TIBCO Enterprise Message Service enables you to use wildcards in topic names in
some situations:
• You can subscribe to wildcard topics.
If you subscribe to a topic containing a wildcard, you will receive any message
published to a matching topic. For example, if you subscribe to f o o . * you will
receive messages published to a topic named f o o . b a r.
You can subscribe to a wildcard topic (for example f o o . *), whether or not
there is a matching topic in the configuration file (for example, f o o . *, f o o . > ,
or f o o . b a r ). However, if there is no matching topic name in the configuration
file, no messages will be published on that topic.
• You cannot publish to wildcard topics.
• If f o o . b a r is not in the configuration file, then you can publish to f o o . b a r if
foo.* or f o o . > exists in the configuration file.

Wildcards in Queues
TIBCO Enterprise Message Service enables you to use wildcards in queue names
in some situations. You can neither send to nor receive from wildcard queue
names. However, you can use wildcard queue names in the configuration files.
For example, if the queue configuration file includes a line:
foo.*

then users can dynamically create queues f o o . b a r, f o o . b o b , and so forth, but

not f o o . b a r . b o b .

Wildcards and Multicast

Messages published to multicast-enabled topics are sent on the multicast channels
defined for those topics. A wildcard may cover multiple multicast-enabled topics,
each on a different multicast channel.

TIBCO Enterprise Message Service User’s Guide

76
| Chapter 3 Destinations

For example, consider the following configuration:

>
topic.info
topic.quotes
topic.multicast.info channel=channel-1
topic.multicast.quotes channel=channel-2

A message consumer subscribed to topic > will receive messages published to

t o p i c . i n f o and t o p i c . q u o t e s over TCP, will receive messages published to
t o p i c . m u l t i c a s t . i n f o over the multicast channel c h a n n e l - 1 and messages
published to t o p i c . m u l t i c a s t . q u o t e s over the multicast channel c h a n n e l - 2 .
Note that this means a wildcard consumer may receive messages over both
multicast and TCP.

Wildcards and Dynamically Created Destinations

As described in Dynamically Creating Topics and Queues on page 320, the EMS
server may dynamically create destinations on behalf of its clients. The use of
wildcards in the . c o n f files can be used to control the allowable names of
dynamically created destinations.
The same basic wildcard rules apply to dynamically created destinations as
described above for static destinations.

Examples
• If the q u e u e s . c o n f file contains:
>

The EMS server can dynamically create a queue with any name.
• If the t o p i c s . c o n f file contains only:
foo.>

The EMS server can dynamically create topics with names like f o o . b a r,
f o o . b o o , f o o . b o o . b a r, and f o o . b a r . b o o .

• If the q u e u e s . c o n f file contains only:

foo.*

The EMS server can dynamically create queues with names like f o o . b a r and
f o o . b o o , but not f o o . b a r . b o o .

• If the t o p i c s . c o n f file contains only:

foo.*.bar

The EMS server can dynamically create topics with names like f o o . b o o . b a r,
but not f o o . b a r.

TIBCO Enterprise Message Service User’s Guide

 Inheritance 77
|

Inheritance

This section describes the inheritance of properties and permissions. For more
information on wildcards, refer to Wildcards on page 74. For more information on
destination properties, refer to Destination Properties on page 55. For more
information on permissions, refer to Chapter 8, Authentication and Permissions,
on page 247.

Inheritance of Properties
All destination properties are inheritable for both topics and queues. This means
that a property set for a "wildcarded" destination is inherited by all destinations
with matching names.
For example, if you have the following in your t o p i c s . c o n f file:
foo.* secure
foo.bar
foo.bob

Topics f o o . b a r and f o o . b o b are s e c u r e topics because they inherit s e c u r e from

their parent, f o o . * . If your EMS server were to dynamically create a f o o . n e w
topic, it too would have the s e c u r e property.
The properties inherited from a parent are in addition to the properties defined for
the child destination.
For example, if you have the following in your t o p i c s . c o n f file:
foo.* secure

foo.bar sender_name

Then f o o . b a r has both the s e c u r e and s e n d e r _ n a m e properties.

In the above example, there is no way to make topic f o o . * s e c u r e without
making f o o . b a r s e c u r e . In other words, EMS does not offer the ability to remove
inherited properties. However, for properties that are assigned values, you can
override the value established in a parent.
For example, if you have the following in your q u e u e s . c o n f file:
foo.* maxbytes=200

foo.bar maxbytes=2000

The f o o . b a r queue has a m a x b y t e s value of 2000.

TIBCO Enterprise Message Service User’s Guide

78
| Chapter 3 Destinations

When there are multiple ancestors for a destination, the destination inherits the
properties from all of the parents. For example:
> sender_name

foo.* secure

foo.bar trace

The f o o . b a r topic has the s e n d e r _ n a m e , s e c u r e and t r a c e properties.

When there are multiple parents for a destination that contain conflicting
property values, the destination inherits the smallest value. For example:
> maxbytes=2000

foo.* maxbytes=200

foo.bar

The f o o . b a r topic has a m a x b y t e s value of 200.

Property inheritance is powerful, but can be complex to understand and
administer. You must plan before assigning properties to topics and queues.
Using wildcards to assign properties must be used carefully. For example, if you
enter the following line in the t o p i c s . c o n f file:
> store=mystore

you make every topic store messages, regardless of additional entries. This might
require a great deal of memory for storage and greatly decrease the system
performance.

Inheritance of Permissions
Inheritance of permissions is similar to inheritance of properties. If the parent has
a permission, then the child inherits that permission. For example, if Bob belongs
to GroupA, and GroupA has p u b l i s h permission on a topic, then Bob has
p u b l i s h permission on that topic.

Permissions for a single user are the union of the permissions set for that user, and
of all permissions set for every group in which the user is a member. These
permission sets are additive. Permissions have positive boolean inheritance. Once
a permission right has been granted through inheritance, it can not be removed.
All rules for wildcards apply to inheritance of permissions. For example, if a user
has permission to publish on topic f o o . *, the user also has permission to publish
on f o o . b a r and f o o . n e w.
For more information on wildcards, refer to Wildcards on page 74. For more
information on permissions, refer to User Permissions on page 265.

TIBCO Enterprise Message Service User’s Guide

 Destination Bridges 79
|

Destination Bridges

Some applications require the same message to be sent to more than one
destination, possibly of different types. For example, an application may send
messages to a queue for distributed load balancing. That same application,
however, may also need the messages to be published to several monitoring
applications. Another example is an application that publishes messages to
several topics. All messages however, must also be sent to a database for backup
and for data mining. A queue is used to collect all messages and send them to the
database.
An application can process messages so that they are sent multiple times to the
required destinations. However, such processing requires significant coding effort
in the application. EMS provides a server-based solution to this problem. You can
create bridges between destinations so that messages sent to one destination are
also delivered to all bridged destinations.
Bridges are created between one destination and one or more other destinations
of the same or of different types. That is, you can create a bridge from a topic to a
queue or from a queue to a topic. You can also create a bridge between one
destination and multiple destinations. For example, you can create a bridge from
topic a . b to queue q . b and topic a . c .
When specifying a bridge, you can specify a particular destination name, or you
can use wildcards. For example, if you specify a bridge on topic f o o . * to queue
f o o . q u e u e , messages delivered to any topic matching f o o . * are sent to
foo.queue.

Because global topics are routed between servers and global queues are limited to
their neighbors, in most cases the best practice is to send messages to a topic and
then bridge the topic to a queue.

When multiple bridges exist, using wildcards to specify a destination name may
result in a message being delivered twice. For example, if the queues Q . 1 and Q . >
are both bridged to Q X . 1 , the server will deliver two copies of sent messages to
QX.1.

The following three figures illustrate example bridging scenarios.

TIBCO Enterprise Message Service User’s Guide

80
| Chapter 3 Destinations

Figure 11 Bridging a topic to a queue

TIBCO EMS Server Subscriber

Topic
Publisher
A.B
Subscriber

Queue
queue.B Consumer

Figure 12 Bridging a topic to multiple destinations

TIBCO EMS Server

Consumer
Topic
Publisher
A.B

Subscriber
Queue Topic
queue.B C.B

Subscriber

Consumer

TIBCO Enterprise Message Service User’s Guide

 Destination Bridges 81
|

Figure 13 Bridging a queue to multiple destinations

TIBCO EMS Server

Queue Consumer
Publisher
queue.foo

Subscriber
Queue Topic
queue.bar topic.foo

Subscriber

Consumer

When a bridge exists between two queues, the message is delivered to both
queues. The queues operate independently; if the message is retrieved from one
queue, that has no effect on the status of the message in the second queue.

Bridges are not transitive. That is, messages sent to a destination with a bridge are
only delivered to the specified bridged destinations and are not delivered across
multiple bridges. For example, topic A . B has a bridge to queue Q . B . Queue Q . B
has a bridge to topic B . C . Messages delivered to A . B are also delivered to Q . B , but
not to B . C .
The bridge copies the source message to the target destination, which assigns the
copied message a new message identifier. Note that additional storage may be
required, depending on the target destination store parameters.

Creating a Bridge
Bridges are configured in the b r i d g e s . c o n f configuration file. You specify a
bridge using the following syntax:
[ destinationType: destinationName]
destinationType= destinationToBridgeTo s e l e c t o r = " messageSelector"
where destinationType is the type of the destination (either t o p i c or q u e u e ),
destinationName is the name of the destination from which you wish to create a
bridge, destinationToBridgeTo is the name of the destination you wish to create a
bridge to, and s e l e c t o r = " messsgeSelector" is an optional message selector to
specify the subset of messages the destination should receive.

TIBCO Enterprise Message Service User’s Guide

82
| Chapter 3 Destinations

Each destinationName can specify wildcards, and therefore any destination

matching the pattern will have the specified bridge. Each destinationName can
specify more than one destinationToBridgeTo.
For example, the bridge illustrated in Figure 11 and Figure 12 would be specified
as the following in b r i d g e s . c o n f :
[topic:A.B]
queue=queue.B
topic=C.B

Specifying a message selector on a bridged destination is described in the

following section.

Selecting the Messages to Bridge

By default, all messages sent to a destination with a bridge are sent to all bridged
destinations. This can cause unnecessary network traffic if each bridged
destination is only interested in a subset of the messages sent to the original
destination. You can optionally specify a message selector for each bridge to
determine which messages are sent over that bridge.
Message selectors for bridged destinations are specified as the s e l e c t o r property
on the bridge. The following is an example of specifying a selector on the bridges
defined in the previous section:
[topic:A.B]
queue=queue.B
topic=C.B selector="urgency in(’medium’, ’high’)"

For detailed information about message selector syntax, see the documentation
for the M e s s a g e class in the relevant EMS API reference document.

Access Control and Bridges

Message producers must have access to a destination to send messages to that
destination. However, a bridge automatically has permission to send to its target
destination. Special configuration is not required.

Transactions
When a message producer sends a message within a transaction, all messages
sent across a bridge are part of the transaction. Therefore, if the transaction
succeeds, all messages are delivered to all bridged destinations. If the transaction
fails, no consumers for bridged destinations receive the messages.

TIBCO Enterprise Message Service User’s Guide

 Destination Bridges 83
|

If a message cannot be delivered to a bridged destination because the message

producer does not have the correct permissions for the bridged destination, the
transaction cannot complete, and therefore fails and is rolled back.

TIBCO Enterprise Message Service User’s Guide

84
| Chapter 3 Destinations

Flow Control

In some situations, message producers may send messages more rapidly than
message consumers can receive them. The pending messages for a destination are
stored by the server until they can be delivered, and the server can potentially
exhaust its storage capacity if the message consumers do not receive messages
quickly enough. To avoid this, EMS allows you to control the flow of messages to
a destination. Each destination can specify a target maximum size for storing
pending messages. When the target is reached, EMS blocks message producers
when new messages are sent. This effectively slows down message producers
until the message consumers can receive the pending messages.

Enabling Flow Control

The f l o w _ c o n t r o l parameter in t i b e m s d . c o n f enables and disables flow control
globally for the EMS server. When f l o w _ c o n t r o l is d i s a b l e d (the default
setting), the server does not enforce any flow control on destinations. When
f l o w _ c o n t r o l is e n a b l e d , the server enforces any flow control settings specified
for each destination. See Chapter 7, Using the Configuration Files, on page 171 for
more information about working with configuration parameters.
When you wish to control the flow of messages on a destination, set the
flowControl property on that destination. The f l o w C o n t r o l property specifies
the target maximum size of stored pending messages for the destination. The size
specified is in bytes, unless you specify the units for the size. You can specify KB,
MB, or GB for the units. For example, f l o w C o n t r o l = 6 0 M B specifies the target
maximum storage for pending messages for a destination is 60 Megabytes.

Enforcing Flow Control

The value specified for the f l o w C o n t r o l property on a destination is a target
maximum for pending message storage. When flow control is enabled, the server
may use slightly more or less storage before enforcing flow control, depending
upon message size, number of message producers, and other factors. Setting the
f l o w C o n t r o l property on a destination but specifying no value causes the server
to use a default value of 256KB.
When the storage for pending messages is near the specified limit, the server
blocks all new calls to send a message from message producers. The calls do not
return until the storage has decreased below the specified limit. Once message
consumers have received messages and the pending message storage goes below
the specified limit, the server allows the s e n d message calls to return to the caller
and the message producers can continue processing.

TIBCO Enterprise Message Service User’s Guide

 Flow Control 85
|

If there are no message consumers for a destination, the server does not enforce
flow control for the destination. That is, if a queue has no started receivers, the
server cannot enforce flow control for that queue. Also, if a topic has inactive
durable subscriptions or no current subscribers, the server cannot enforce flow
control for that topic. For topics, if flow control is set on a specific topic (for
example, f o o . b a r ), then flow control is enforced as long as there are subscribers
to that topic or any parent topic (for example, if there are subscribers to f o o . * ).

Multicast and Flow Control

If a multicast channel exceeds its maximum transmission rate, as determined by
the m a x r a t e of the channel definition in the c h a n n e l s . c o n f configuration file,
the server may develop a backlog of messages. If f l o w _ c o n t r o l parameter in the
t i b e m s d . c o n f file is disabled, these messages are buffered in the server until they
can be sent over multicast. The channel backlog can be determined using the s h o w
c h a n n e l command in the administration tool, or through the C h a n n e l I n f o object
in the administration API.
When the f l o w _ c o n t r o l parameter is enabled, the EMS server checks for backlog
before sending a response to the message producers publishing to
multicast-enabled topics. If a message backlog exists, the server delays sending a
response to the message producer until the backlog has been cleared. This causes
the message producer to decrease the rate at which it sends messages to the topic.

The destination property f l o w C o n t r o l is not used when determining whether

flow control is to be engaged or disengaged by a multicast channel.

Routes and Flow Control

For global topics where messages are routed between servers, flow control can be
specified for a topic on either the server where messages are produced or the
server where messages are received. Flow control is not relevant for queue
messages that are routed to another server.
If the f l o w C o n t r o l property is set on the topic on the server receiving the
messages, when the pending message size limit is reached, messages are not
forwarded by way of the route until the topic subscriber receives enough
messages to lower the pending message size below the specified limit.
If the f l o w C o n t r o l property is set on the topic on the server sending the
messages, the server may block any topic publishers when sending new messages
if messages cannot be sent quickly enough by way of the route. This could be due
to network latency between the routed servers or it could be because flow control
on the other server is preventing new messages from being sent.

TIBCO Enterprise Message Service User’s Guide

86
| Chapter 3 Destinations

Destination Bridges and Flow Control

Flow control can be specified on bridged destinations. If you wish the flow of
messages sent over the bridge to slow down when receivers on the bridged-to
destination cannot process the messages quickly enough, you must set the
f l o w C o n t r o l property on both destinations on either side of the bridge.

Flow Control, Threads and Deadlock

When using flow control, you must be careful to avoid potential deadlock.
When flow control is in effect for a destination, producers to that destination can
block waiting for flow control signals from the destination’s consumers. If any of
those consumers are within the same thread of program control, a potential for
deadlock exists. Namely, the producer will not unblock until the destination
contains fewer messages, and the consumer in the blocked thread cannot reduce
the number of messages.
The simplest case to detect is when producer and consumer are in the same
session (sessions are limited to a single thread). But more complex cases can arise.
Deadlock can even occur across several threads, or even programs on different
hosts, if dependencies link them. For example, consider the situation in Figure 14:
• Producer P1 in thread T1 has a consumer C2 in thread T2.
• Producer P2 in T2 has a consumer C1 in T1.
• Because of the circular dependency, deadlock can occur if either producer
blocks its thread waiting for flow control signals.
The dependency analysis is analogous to mutex deadlock. You must analyze your
programs and distributed systems in a similar way to avoid potential deadlock.

Figure 14 Flow Control Deadlock across Two Threads

Dependency

D Thread T1 Destinations with Thread T2 D

e Flow Control e
p Send Msg Consume p
Dest
e P1 C2 e
A
n n
d d
e Consume Dest Send Msg e
n C1 P2 n
B
c c
y y

Dependency

TIBCO Enterprise Message Service User’s Guide

 | 87

Chapter 4 Getting Started

This chapter provides a quick introduction to setting up a simple EMS

configuration and running some sample client applications to publish and
subscribe users to a topic.

Topics

• About the Sample Clients, page 88

• Compiling the Sample Clients, page 89
• Creating Users with the EMS Administration Tool, page 90
• Point-to-Point Messaging Example, page 92
• Publish and Subscribe Messaging Example, page 93
• Multicast Messaging Example, page 98

TIBCO Enterprise Message Service User’s Guide

88
| Chapter 4 Getting Started

About the Sample Clients

The EMS sample clients were designed to allow you to run TIBCO Enterprise
Message Service with minimum start-up time and coding.
The EMS_HOME/ s a m p l e s directory contains the / c , / c s , and / j a v a
subdirectories, which contain the C,.NET and Java sample clients. In this chapter,
you will compile and run the Java sample clients. For information on how to run
the C and .NET sample clients, see the readme files in their respective directories.
The EMS_HOME/ s a m p l e s / j a v a directory contains three sets of files:
• Sample clients for TIBCO Enterprise Message Service implementation.
• The j m s / s a m p l e s / j a v a / J N D I subdirectory contains sample clients that use
the JNDI lookup technique.
• The j m s / s a m p l e s / j a v a / t i b r v subdirectory contains sample clients that
demonstrate the interoperation of TIBCO Enterprise Message Service with
TIBCO Rendezvous applications.
In this chapter, you will use some of the sample clients in the
EMS_HOME/ s a m p l e s / j a v a directory. For information on compiling and running
the other sample clients, see the Readme files in their respective folders.

TIBCO Enterprise Message Service User’s Guide

 Compiling the Sample Clients 89
|

Compiling the Sample Clients

To compile and run the sample clients you need to execute "setup" script, which is
located in the EMS_HOME/ s a m p l e s / j a v a directory. On Windows systems, the
setup file is s e t u p . b a t . On Unix systems, the setup file is s e t u p . s h .
To compile the sample client files:
1. Make sure you have Java JDK 1.5 or greater installed and that you’ve added
the bin directory to your PATH variable.
2. Open a command line or console window, and navigate to the
EMS_HOME/ s a m p l e s / j a v a directory.
3. Open the correct s e t u p script file and verify that the T I B E M S _ R O O T
environment variable identifies the correct pathname to your EMS_HOME
directory. For example, on a Windows system this might look like:
set TIBEMS_ROOT=C:\tibco\ems\6.0

4. Enter s e t u p to set the environment and classpath:

> setup

5. Compile the samples:

> javac -d . *.java

This compiles all the samples in the directory, except for those samples in the
J N D I and t i b r v subdirectories.

If the files compile successfully, the class files will appear in the
EMS_HOME/ s a m p l e s / j a v a directory. If they do not compile correctly, an
error message appears.

TIBCO Enterprise Message Service User’s Guide

90
| Chapter 4 Getting Started

Creating Users with the EMS Administration Tool

This section describes how to start the EMS server and use the administration tool
to create two new users.

All of the parameters you set using the administration tool in this chapter can also
be set by editing the configuration files described in Using the Configuration Files
on page 171. You can also programmatically set parameters using the C, .NET, or
Java APIs. Parameters set programmatically by a client are only set for the length
of the session.

Start the EMS Server and EMS Administration Tool

In this example, you will create topics and users using the EMS administration
tool. You must first start the EMS server before starting the EMS administration
tool.

Start the EMS server

Start the EMS server as described in Running the EMS Server on page 101.

On a computer running Windows, you can also start the EMS server from the
Start menu, following the path Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS server.

Start the Administration Tool and Connect to the EMS Server

Start the EMS administration tool as described in Starting the EMS
Administration Tool on page 116.

On a computer running Windows, you can also start the administration tool from
the Start menu, following the path Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS administration tool.

After starting the administration tool, connect it to the EMS server.

To connect the EMS administration tool to the EMS server, execute one of the
following commands:
• If you are using TIBCO Enterprise Message Service on a single computer, type
connect in the command line of the Administration tool:
> connect

TIBCO Enterprise Message Service User’s Guide

 Creating Users with the EMS Administration Tool 91
|

You will be prompted for a login name. If this is the first time you’ve used the
EMS administration tool, follow the procedure described in When You First
Start tibemsadmin on page 118.
Once you have logged in, the screen will display:
connected to tcp://localhost:7222
tcp://localhost:7222>

• If you are using TIBCO Enterprise Message Service in a network, use the
connect server command as follows:
> c o n n e c t [ server URL] [ user-name] [ password]
For more information on this command, see c o n n e c t on page 122.
For further information on the administration tool, see Starting the EMS
Administration Tool on page 116 and Command Listing on page 120.

Create Users
Once you have connected the administration tool to the server, use the c r e a t e
u s e r command to create two users.

In the administration tool, enter:

tcp://localhost:7222> create user user1
tcp://localhost:7222> create user user2

The tool will display messages confirming that u s e r 1 and user2 have been
created.

You have now created two users. You can confirm this with the s h o w users
command:
tcp://localhost:7222> show users
User Name Description
user1
user2

For more information on the c r e a t e user command, refer to c r e a t e user on

page 125.

TIBCO Enterprise Message Service User’s Guide

92
| Chapter 4 Getting Started

Point-to-Point Messaging Example

This section demonstrates how to use point-to-point messaging, as described in

Point-to-Point on page 3.

Create a Queue
In the point-to-point messaging model, client send messages to and receive
messages from a queue.
To create a new queue in the administration tool, use the c r e a t e queue
command to create a new queue named m y Q u e u e :
tcp://localhost:7222> create queue myQueue

For more information on the c r e a t e q u e u e command, refer to c r e a t e q u e u e on

page 124. For more information on the c o m m i t command, see c o m m i t on page 121
and a u t o c o m m i t on page 121.

Start the Sender and Receiver Clients

1. Open two command line windows and in each window navigate to the
EMS_HOME/ s a m p l e s / j a v a folder.
2. In each command line window, enter s e t u p to set the environment and
classpath:
> setup

3. In the first command line window, execute the t i b j m s M s g P r o d u c e r

application to direct u s e r 1 to place some messages to the m y Q u e u e queue:
> java tibjmsMsgProducer -queue myQueue -user user1 Hello User2

4. In the second command line window, execute the t i b j m s M s g C o n s u m e r client

to direct u s e r 2 to read the messages from the message queue:
> java tibjmsMsgConsumer -queue myQueue -user user2

The messages placed on the queue are displayed in the receiver’s window.

Messages placed on a queue by the sender are persistent until read by the
receiver, so you can start the sender and receiver clients in any order.

TIBCO Enterprise Message Service User’s Guide

 Publish and Subscribe Messaging Example 93
|

Publish and Subscribe Messaging Example

In this section, you will execute a message producer client and two message
consumer clients that demonstrate the publish/subscribe messaging model
described in Publish and Subscribe on page 4. This example is not intended to be
comprehensive or representative of a robust application.
To execute the client samples, you must give them commands from within the
sample directory that contains the compiled samples. For this exercise, open three
separate command line windows and navigate to the EMS_HOME/ s a m p l e s / j a v a
directory in each window.
For more information on the samples, refer to the r e a d m e within the sample
directory. For more information on compiling the samples, refer to Compiling the
Sample Clients on page 89.

Create a Topic
In the publish/subscribe model, you publish and subscribe to topics.
To create a new topic in the administration tool, use the c r e a t e topic command
to create a new topic named m y T o p i c :
tcp://localhost:7222> create topic myTopic

For more information on the c r e a t e t o p i c command, refer to c r e a t e t o p i c on

page 125. For more information on the c o m m i t command, see c o m m i t on page 121
and a u t o c o m m i t on page 121.

Start the Subscriber Clients

You start the subscribers first because they enable you to observe the messages
being received when you start the publisher.
To start u s e r 1 as a subscriber:
1. In the first command line window, navigate to EMS_HOME/ s a m p l e s / j a v a .
2. Enter s e t u p to set the environment and classpath:
> setup

3. Execute the t i b j m s M s g C o n s u m e r client to assign u s e r 1 as a subscriber to the

m y T o p i c topic:
> java tibjmsMsgConsumer -topic myTopic -user user1

The screen will display a message showing that u s e r 1 is subscribed to

myTopic.

TIBCO Enterprise Message Service User’s Guide

94
| Chapter 4 Getting Started

To start u s e r 2 as a subscriber:
1. In the second command line window, navigate to the
EMS_HOME/ s a m p l e s / j a v a folder.
2. Enter s e t u p to set the environment and classpath:
> setup

3. Execute the t i b j m s M s g C o n s u m e r application to assign u s e r 2 as a subscriber

to the m y T o p i c topic:
> java tibjmsMsgConsumer -topic myTopic -user user2

The screen will display a message showing that u s e r 2 is subscribed to

myTopic.

The command windows do not return to the prompt when the subscribers are
running.

Start the Publisher Client and Send Messages

Setting up the publisher is very similar to setting up the subscriber. However,
while the subscriber requires the name of the topic and the user, the publisher also
requires messages.
To start the publisher:
1. In the third command line window, navigate to the
EMS_HOME/ s a m p l e s / j a v a folder.
2. Enter s e t u p to set the environment and classpath:
> setup

3. Execute the t i b j m s M s g P r o d u c e r client to direct u s e r 1 to publish some

messages to the m y T o p i c topic:
> java tibjmsMsgProducer -topic myTopic -user user1 hello user2

where ’ h e l l o ’ and ’ u s e r 2 ’ are separate messages.

In this example, u s e r 1 is both a publisher and subscriber.

The command line window will display a message stating that both messages
have been published:
Publishing on topic 'myTopic'

Published message: hello

Published message: user2

TIBCO Enterprise Message Service User’s Guide

 Publish and Subscribe Messaging Example 95
|

After the messages are published, the command window for the publisher returns
to the prompt for further message publishing.

Note that if you attempt to use the form:

java tibjmsMsgProducer -topic myTopic -user user1

without adding the messages, you will see an error message, reminding you that
you must have at least one message text.

The first and second command line windows containing the subscribers will
show that each subscriber received the two messages:
Subscribing to topic: myTopic
Received message: TextMessage={ Header={
JMSMessageID={ID:EMS-SERVER.97C44203CDF A:1}
JMSDestination={Topic[myTopic]} JMSReplyTo={null}
JMSDeliveryMode={PERSISTENT} JMSRedelivered={false}
JMSCorrelationID={null} JMSType={null} JMSTimestamp={Tue Mar 21
12:04:56 PST 2006} JMSExpiration={0} JMSPriority={4} }
Properties={} Text={hello} }
Received message: TextMessage={ Header={
JMSMessageID={ID:EMS-SERVER.97C44203CDFA:2}
JMSDestination={Topic[myTopic]} JMSReplyTo={null}
JMSDeliveryMode={PERSISTENT} JMSRedelivered={false}
JMSCorrelationID={null} JMSType={null} JMSTimestamp={Tue Mar 21
12:04:56 PST 2006} JMSExpiration={0} JMSPriority={4} }
Properties={} Text={user2} }

Create a Secure Topic

In this example, you make m y T o p i c into a s e c u r e topic and grant u s e r 1
permission to publish to the m y T o p i c and u s e r 2 permission to subscribe to
myTopic.

Add the secure Property to the Topic

When the secure property is added to a topic, only users who have been assigned
a certain permission can perform the actions allowed by that permission. For
example, only users with publish permission on the topic can publish, while other
users cannot publish.
If the s e c u r e property is not added to a topic, all authenticated users have all
permissions (publish, subscribe, create durable subscribers) on that topic.
For more information on the s e c u r e property, see the section about s e c u r e ,
page 68. For more information on topic permissions, see Chapter 8,
Authentication and Permissions, on page 247.

TIBCO Enterprise Message Service User’s Guide

96
| Chapter 4 Getting Started

To enable server authorization and add the s e c u r e property to a topic, do the

following steps:
1. In each subscriber window, enter Control-C to stop each subscriber.
2. In the administration tool, use the s e t server command to enable the
a u t h o r i z a t i o n property:
tcp://localhost:7222> set server authorization=enabled

The a u t h o r i z a t i o n property enables checking of permissions set on

destinations.
3. Enter the following command to add the s e c u r e property to a topic named
myTopic:
tcp://localhost:7222> addprop topic myTopic secure

For more information on the s e t s e r v e r command, refer to s e t s e r v e r on

page 135. For more information on the a d d p r o p t o p i c command, refer to
a d d p r o p t o p i c on page 121.

Grant Topic Access Permissions to Users

To see how permissions affect the ability to publish and receive messages, grant
publish permission to u s e r 1 and subscribe permission to the u s e r 2 .
Use the g r a n t topic command to grant permissions to users on the topic
myTopic.

In the administration tool, enter:

tcp://localhost:7222> grant topic myTopic user1 publish
tcp://localhost:7222> grant topic myTopic user2 subscribe

For more information on the g r a n t topic command, refer to g r a n t topic on

page 130.

Start the Subscriber and Publisher Clients

Start the subscribers, as described in Start the Subscriber Clients on page 93. Note
that you cannot start u s e r 1 as a subscriber because user1 has permission to
publish, but not to subscribe. As a result, you receive an exception message
including the statement:
Operation not permitted.

User2 should start as a subscriber in the same manner as before.

You can now start u s e r 1 as the publisher and send messages to u s e r 2 , as
described in Start the Publisher Client and Send Messages on page 94.

TIBCO Enterprise Message Service User’s Guide

 Publish and Subscribe Messaging Example 97
|

Create a Durable Subscriber

As described in Publish and Subscribe on page 4, subscribers, by default, only
receive messages when they are active. If messages are published when the
subscriber is not available, the subscriber does not receive those messages. You
can create durable subscriptions, where subscriptions are stored on the server and
subscribers can receive messages even if it was inactive when the message was
originally delivered.
In this example, you create a durable subscriber that stores messages published to
topic m y T o p i c on the EMS server.
To start u s e r 2 as a durable subscriber:
1. In the a command line window, navigate to the EMS_HOME/ s a m p l e s / j a v a
folder.
2. Enter s e t u p to set the environment and classpath:
> setup

3. Execute the t i b j m s D u r a b l e application to assign u s e r 2 as a durable

subscriber to the m y T o p i c topic:
> java tibjmsDurable -topic myTopic -user user2

4. In the administration tool, use the s h o w d u r a b l e s command to confirm that

u s e r 2 is a durable subscriber to m y T o p i c :
tcp://localhost:7222> show durables
Topic Name Durable User Msgs Size
* myTopic subscriber user2 0 0.0 Kb

5. In the subscriber window, enter Ctrl+C to stop the subscriber.

6. In another command line window, execute the t i b j m s M s g P r o d u c e r client, as
described in Start the Publisher Client and Send Messages on page 94:
> java tibjmsMsgProducer -topic myTopic -user user1 hello user2

7. Restart the subscriber:

> java tibjmsDurable -topic myTopic -user user2

The stored messages are displayed in the subscriber window.

8. Enter Ctrl+C to stop the subscriber and then unsubscribe the durable
subscription:
> java tibjmsDurable -unsubscribe

The subscriber is no longer durable and any additional messages published to

the m y T o p i c topic are lost.

TIBCO Enterprise Message Service User’s Guide

98
| Chapter 4 Getting Started

Multicast Messaging Example

This section demonstrates how to use multicast messaging, as described in

Multicast on page 5.
In this example, you will enable multicast in the EMS server and configure a
multicast channel, over which the server can broadcast multicast messages. You
will also create a multicast-enabled topic named m u l t i c a s t T o p i c and associate it
with the multicast channel, allowing subscribers to receive messages published to
m u l t i c a s t T o p i c over multicast.

Multicast channels can only be configured statically by modifying the

configuration files. There are no commands in the administration tool to
configure multicast channels.

Stop the EMS Server

Stop the server by using the s h u t d o w n command in the administration tool:
tcp://localhost:7222> shutdown

You will be asked to restart the server once it has been configured for multicast.

Enable the EMS Server for Multicast

To enable multicast in the server, set the m u l t i c a s t property to e n a b l e d in the
t i b e m s d . c o n f configuration file:

multicast = enabled

Create a Multicast Channel

The EMS server broadcasts messages to consumers over multicast channels. Each
channel has a defined multicast address and port. Messages published to a
multicast-enabled topic are sent by the server and received by the subscribers on
these multicast channels.
To create a multicast channel, add the following definition to the multicast
channels configuration file, c h a n n e l s . c o n f :
[multicast-1]
address=234.5.6.7:1

TIBCO Enterprise Message Service User’s Guide

 Multicast Messaging Example 99
|

Start the EMS Server

Start the EMS server as described in Running the EMS Server on page 101.

On a computer running a UNIX system, the EMS server (as well as the multicast
daemon) must have root privileges. This can be done either by running the EMS
server from a root user account, or the EMS server can be setuid (set user ID) root,
allowing any user to run t i b e m s d with the required root privileges. Root
privileges are required because multicast uses raw sockets.
On a computer running Windows, you can also start the EMS server from the
Start menu, following the path Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS server.

In the administration tool, use the s h o w t o p i c s command to confirm that

m u l t i c a s t T o p i c is multicast-enabled as indicated by a ‘+’ in the M column:

tcp://localhost:7222> show topics

Topic Name SNFGEIBCTM Subs Durs Msgs Size
multicastTopic ---------+ 0 0 0 0.0 Kb

Enable a Topic for Multicast

In order to make a topic multicast-enabled it must be associated with a multicast
channel through its c h a n n e l property.
To create a multicast-enabled topic, use the administration tool to issue the
following command:
> create topic multicastTopic channel=multicast-1

Start the Multicast Daemon

Start the Multicast Daemon as described in Starting the Multicast Daemon on
page 355.

Start the Subscriber Client

Creating a multicast subscriber follows the same steps as creating a non-multicast
subscriber, except that a multicast subscriber requires a session acknowledgment
mode of c o m . t i b c o . t i b j m s . T i b j m s . N O _ A C K N O W L E D G E .
To start u s e r 1 as a multicast subscriber:
1. In a command line window, navigate to the EMS_HOME/ s a m p l e s / j a v a
folder.

TIBCO Enterprise Message Service User’s Guide

100
| Chapter 4 Getting Started

2. Enter s e t u p to set the environment and classpath:

> setup

3. Execute the t i b j m s M s g C o n s u m e r client to assign u s e r 1 as a subscriber to the

m u l t i c a s t T o p i c topic with a Session acknowledgment mode of
NO_ACKNOWLEDGE:

> java tibjmsMsgConsumer –topic multicastTopic –user user1 –ackmode NO

4. In the administration tool, use the s h o w c o n s u m e r s command to confirm that

u s e r 1 is a multicast subscriber to m u l t i c a s t T o p i c as indicated by a + in the
M column:
tcp://optimist:7222> show consumers topic=multicastTopic
Pend Pend
Id Conn User T Topic SASNM Msgs Size Uptime
2 4 user1 T multicastTopic +N--+ 0 0 0:03:17

Start the Publisher Client and Send Messages

Setting up a client to publish multicast message is no different from setting up a
client to send publish and subscribe messages. Because the topic is enabled for
multicast in the EMS server, the message producer does not need to follow any
additional steps.
To create the message publisher:
1. In a new command line window, navigate to the EMS_HOME/ s a m p l e s / j a v a
folder.
2. Enter s e t u p to set the environment and classpath:
> setup

3. Execute the t i b j m s M s g P r o d u c e r client to direct u s e r 1 to publish some

messages to the m u l t i c a s t T o p i c topic:
> java tibjmsMsgProducer -topic multicastTopic -user user1 hello
multicast

where ’ h e l l o ’ and ’ m u l t i c a s t ’ are separate messages.

In this example, u s e r 1 is both a publisher and subscriber.

The messages are displayed in the subscriber’s window.

TIBCO Enterprise Message Service User’s Guide

 | 101

Chapter 5 Running the EMS Server

To use TIBCO Enterprise Message Service with your applications, the TIBCO
Enterprise Message Service Server must be running. The server and the clients
work together to implement TIBCO Enterprise Message Service. The server
implements all types of message persistence and no messages are stored on the
client side.

Topics

• Starting and Stopping the EMS Server, page 102

• Running the EMS Server as a Windows Service, page 105
• Error Recovery Policy, page 108
• Security Considerations, page 109
• How EMS Manages Access to Shared Store Files, page 113

TIBCO Enterprise Message Service User’s Guide

102
| Chapter 5 Running the EMS Server

Starting and Stopping the EMS Server

This section describes how to start and stop the EMS server.

Starting the EMS Server

On a computer running Microsoft Windows, you can start the EMS server from
the Start menu, following the path: Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS Server
On UNIX systems that will run TIBCO Enterprise Message Service with multicast,
the EMS server must have root privileges. This can be done either by running the
EMS server from a root user account, or the EMS server can be setuid (set user ID)
root, allowing any user to run t i b e m s d with the required root privileges. Root
privileges are required because multicast uses raw sockets.
Similarly, on Windows systems the t i b e m s d . e x e and t i b e m s m c d . e x e files run as
administrator to enable multicast functionality and to let the t i b e m s d . e x e
modify the configuration files.

Start Using the Default Configuration

To start the EMS server from the command line using the preconfigured setup,
navigate to EMS_HOME/ b i n a n d run the script:

On UNIX tibemsd.sh

On Windows tibemsd.bat

Running the script starts the EMS server using the configuration files in the
default location, config-file-directory\ c f m g m t \ e m s \ d a t a directory, where the
config-file-directory corresponds to the Configuration Directory specified during
installation.

Start Using Options

To start the EMS server from the command line using options:

TIBCO Enterprise Message Service User’s Guide

 Starting and Stopping the EMS Server 103
|

Task A Navigate to the data subdirectory.

The preconfigured EMS server files are located in the
config-file-directory\ c f m g m t \ e m s \ d a t a directory, where the config-file-directory
corresponds to the Configuration Directory specified during installation. For
more information, see Installing TIBCO Enterprise Message Service in TIBCO
Enterprise Message Service Installation.
Change the directory to the installed d a t a directory:

On UNIX . / t i b e m s d - c o n f i g " config-file-directory/ c f m g m t / e m s / d a t a / t i b e m s d . c o n f ”

On Windows . \ t i b e m s d - c o n f i g “ config-file-directory\ c f m g m t \ e m s \ d a t a \ t i b e m s d . c o n f ”

Alternately, change to the EMS_HOME\ s a m p l e s \ c o n f i g directory and create a

datastore directory (or other directories as needed) to use the sample
configuration files there.
The EMS server dynamically loads the SSL and compression shared libraries,
rather than statically linking them. If the t i b e m s d executable is executed from the
d a t a directory, it automatically locates these libraries. If the server is moved
elsewhere, the shared library directory must be moved as well.

Task B Start the tibemsd

Type t i b e m s d [ options]

where options are described in Table 14. The command options to t i b e m s d are
similar to the parameters you specify in t i b e m s d . c o n f , and the command
options override any value specified in the parameters. See t i b e m s d . c o n f on
page 173 for more information about configuration parameters.

Table 14 tibemsd Options

Option Description
-config config file name config file name is the name of the main configuration file for t i b e m s d
server. Default is t i b e m s d . c o n f .

-trace items Specifies the trace items. These items are not stored in the
configuration file. The value has the same format as the value of
l o g _ t r a c e parameter specified with s e t s e r v e r command of the
administration tool; see Tracing on the Server on page 423.

-ssl_password string Private key password.

-ssl_trace Print the certificates loaded by the server and do more detailed
tracing of SSL-related situation.

TIBCO Enterprise Message Service User’s Guide

104
| Chapter 5 Running the EMS Server

Table 14 tibemsd Options (Cont’d)

Option Description
-ssl_debug_trace Turns on tracing of SSL connections.

-ft_active active_url URL of the active server. If this server can connect to the active
server, it will act as a backup server. If this server cannot connect to
the active server, it will become the active server.

-ft_heartbeat seconds Heartbeat signal for the active server, in seconds. Default is 3.

-ft_activation seconds Activation interval (maximum length of time between heartbeat

signals) which indicates that active server has failed. Set in seconds:
default is 10. This interval should be set to at least twice the
heartbeat interval.

-forceStart Causes the sever to delete corrupted messages in the store files,
allowing the server to start even if it encounters errors.
Note that using this option causes data loss, and it is important to
backup store files before using - f o r c e S t a r t . See Error Recovery
Policy on page 108 for more information.

Stopping the EMS Server

You can stop the EMS server by means of the s h u t d o w n command from the EMS
Administration Tool.

TIBCO Enterprise Message Service User’s Guide

 Running the EMS Server as a Windows Service 105
|

Running the EMS Server as a Windows Service

Some situations require the EMS server and multicast daemon processes to start
automatically. You can satisfy this requirement by registering these with the
Windows service manager. The e m s n t s r g utility facilitates registry.

emsntsrg
The e m s n t s r g utility registers or unregisters the EMS server daemon or the EMS
multicast daemon as a Windows service.

This utility applies only to Microsoft Windows (all supported versions, including
2003, XP, and Vista).

Syntax e m s n t s r g / i [ / a ] service_name emsntsct_directory service_directory [ arguments]

[ suffix]
e m s n t s r g / r [ service_name] [ suffix]

Remarks Some situations require the EMS server processes to start automatically. You can
satisfy this requirement by registering these with the Windows service manager.
This utility facilitates registry.

Restrictions You must have administrator privileges to change the Windows registry.

Location Locate this utility program as an executable file in the EMS b i n directory.

Parameter Description
/i Insert a new service in the registry (that is, register a new service).

/a Automatically start the new service. Optional with / i .

/? Display usage.

service_name Insert or remove a service with this base name.

When inserting a service, this parameter is required, and must be t i b e m s d or
tibemsmcd.

When removing a service, this parameter is optional. However, if it is present,

it must be t i b e m s d or t i b e m s m c d .

TIBCO Enterprise Message Service User’s Guide

106
| Chapter 5 Running the EMS Server

Parameter Description
emsntsct_directory Use this directory pathname to specify the location of the e m s n t s c t . e x e
executable. The e m s n t s r g utility registers the e m s n t s c t . e x e program as a
windows service. The e m s n t s c t . e x e program then invokes the associated
tibemsd or tibemsmcd.
By default, e m s n t s c t . e x e is located in EMS_HOME\ b i n .
This parameter is only required when installing a service.

service_directory Use this directory pathname to locate the service executable, either t i b e m s d or
t i b e m s m c d . Required.

arguments Supply command line arguments. Optional with / i .

Enclose the entire arguments string in double quote characters.

suffix When registering more than one instance of a service, you can use this suffix to
distinguish between them in the Windows services applet. Optional.

/r Remove a service from the registry.

Register To register t i b e m s d as a Windows service, run the utility with this command line:
emsntsrg /i [/a] tibemsd emsntsct_directory tibemsd_directory [ arguments]
[ suffix]

To register t i b e m s m c d as a Windows service, run the utility with this command

line:
emsntsrg /i [/a] tibemsmcd emsntsct_directory tibemsmcd_directory [ arguments]
[ suffix]

Example 1 This simple example registers one t i b e m s d service:

emsntsrg /i tibemsd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin

Example 2 This example registers a service with command line arguments:

emsntsrg /i tibemsd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin
"-trace DEFAULT"

Example 3 This pair of example commands registers two t i b e m s d services with different
configuration files. In this example, the numerical suffix and the configuration
directory both reflect the port number that the service uses.
emsntsrg /i tibemsd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin
"-config C:\tibco\ems\6.0\7222\tibemsd.conf" 7222

emsntsrg /i tibemsd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin

"-config C:\tibco\ems\6.0\7223\tibemsd.conf" 7223

TIBCO Enterprise Message Service User’s Guide

 Running the EMS Server as a Windows Service 107
|

Notice these aspects of this example:

• When installing t i b e m s d , if you supply a - c o n f i g argument, the service
process finds the directory containing the main configuration file
(t i b e m s d . c o n f ), and creates all secondary configuration files in that directory.
In this example, each service uses a different configuration directory.
• When you register several EMS services, you must avoid configuration
conflicts. For example, two instances of t i b e m s d cannot listen on the same
port.

Example 4 This example registers one multicast daemon service:

emsntsrg /i tibemsmcd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin

Example 5 This example registers a multicast daemon service with command line
arguments:
emsntsrg /i tibemsmcd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin
"-logfile c:\tibemsmcd.log"

Note that specifying a log file can help identify conflicts that might prevent the
multicast daemon service from starting.

Example 6 This pair of example commands registers two multicast daemon services with
different ports. In this example, the numerical suffix reflects the port number that
the service uses.
emsntsrg /i tibemsmcd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin
"-listen 7345" 7345

emsntsrg /i tibemsmcd C:\tibco\ems\6.0\bin C:\tibco\ems\6.0\bin

"-listen 7346" 7346

Remove To unregister a service, run the utility with this command line:
e m s n t s r g / r [ service_name] [ suffix]

Both parameters are optional. If the service_name is present, it must be t i b e m s d or

t i b e m s m c d . To supply the suffix parameter, you must also supply the service_name.
When both parameters are absent, the utility removes the services named
t i b e m s d and t i b e m s m c d .

Command To view a command line summary, run the utility with this command line:
Summary emsntsrg

Windows The Windows services applet displays the name of each registered service. For
Services Applet EMS services, it also displays this additional information:
• The suffix (if you supply one)
• The process ID (PID)—when the service is running

TIBCO Enterprise Message Service User’s Guide

108
| Chapter 5 Running the EMS Server

Error Recovery Policy

During startup the EMS server can encounter a number of errors while it recovers
information from the store files. Potential errors include:
• Low-level file errors. For example, corrupted disk records.
• Low-level object-specific errors. For example, a record that is missing an
expected field.
• Inter-object errors. For example, a session record with no corresponding
connection record.
When the EMS server encounters one of these errors during startup, the recovery
policy is:
• By default, the server exits startup completely when a corrupt disk record
error is detected. Because the state can not be safely restored, the server can
not proceed with the rest of the recovery. You can then examine your
configuration settings for errors. If necessary, you can then copy the store and
configuration files for examination by TIBCO Support.
• You can direct the server to delete bad records by including the - f o r c e S t a r t
command line option. This prevents corruption of the server runtime state.
• The server exits if it runs out of memory during startup.
It is important to backup the store files before restarting the server with the
-forceStart option, because data will be lost when the problematic records are
deleted.
Keep in mind that different type of records are stored in the store files. The most
obvious are the persistent JMS Messages that your applications have sent.
However, other internal records are also stored. If a consumer record used to
persist durable subscriber state information were to be corrupted and later
deleted with the - f o r c e S t a r t option, all JMS messages that were persisted (and
valid in the sense that they were not corrupted) would also be lost because the
durable subscription itself would not be recovered.
When running in this mode, the server still reports any errors found during the
recovery, but problematic records are deleted and the recovery proceeds. This
mode may report more issues than are reported without the - f o r c e S t a r t option,
because without that flag the server stops with the very first error.

We strongly recommended that you make a backup of all store files before
restarting the server with the - f o r c e S t a r t option. The backup is useful when
doing a postmortem analysis to find out what records where deleted with the
- f o r c e S t a r t option.

TIBCO Enterprise Message Service User’s Guide

 Security Considerations 109
|

Security Considerations

This section highlights information relevant to secure deployment. We

recommend that all administrators read this section.

Secure Environment
To ensure secure deployment, EMS administration must meet the following
criteria:
• Correct Installation EMS is correctly installed and configured.
• Physical Controls The computers where EMS is installed are located in areas
where physical entry is controlled to prevent unauthorized access. Only
authorized administrators have access, and they cooperate in a benign
environment.
• Domain Control The operating system, file system and network protocols
ensure domain separation for EMS, to prevent unauthorized access to the
server, its configuration files, LDAP servers, etc.
• Benign Environment Only authorized administrators have physical access or
domain access, and those administrators cooperate in a benign environment.

Destination Security
Three interacting factors affect the security of destinations (that is, topics and
queues). In a secure deployment, you must properly configure all three of these
items:
• The server’s a u t h o r i z a t i o n parameter (see Authorization Parameter, below)
• The s e c u r e property of individual destinations (see s e c u r e on page 68)
• The ACL permissions that apply to individual destinations (see
Authentication and Permissions on page 247)

Authorization Parameter
The server’s a u t h o r i z a t i o n parameter acts as a master switch for checking
permissions for connection requests and operations on secure destinations. The
default value of this parameter is d i s a b l e d —the server does not check any
permissions, and allows all operations. For secure deployment, you must enable
this parameter.

TIBCO Enterprise Message Service User’s Guide

110
| Chapter 5 Running the EMS Server

Admin Password
For ease in installation and initial testing, the default setting for the a d m i n
password is no password at all. Until you set an actual password, the user a d m i n
can connect without a password. Once the administrator password has been set,
the server always requires it.
To configure a secure deployment, the administrator must change the a d m i n
password immediately after installation; see Assign a Password to the
Administrator on page 118.

Connection Security
When a u t h o r i z a t i o n is enabled, the server requires a name and password
before users can connect. Only authenticated users can connect to the server. The
form of authentication can be either an X.509 certificate or a username and
password (or both).
When a u t h o r i z a t i o n is disabled, the server does not check user authentication;
all user connections are allowed. However, even when a u t h o r i z a t i o n is
disabled, the user a d m i n must still supply the correct password to connect to the
server.
Even when a u t h o r i z a t i o n is enabled, the administrator (a d m i n ) may explicitly
allow anonymous user connections, which do not require password
authorization. To allow these connections, create a user with the name a n o n y m o u s
and no password.

Creating the user a n o n y m o u s does not mean that a n o n y m o u s has all permissions.
Individual topics and queues can still be secure, and the ability to use these
destinations (either sending or receiving) is controlled by the access control list of
permissions for those destinations. The user a n o n y m o u s can access only
non-secure destinations.
Nonetheless, this feature (anonymous user connections) is outside the tested
configuration of EMS security certification.

For more information on destination security, refer to the destination property

s e c u r e on page 68, and Create Users on page 91.

TIBCO Enterprise Message Service User’s Guide

 Security Considerations 111
|

Communication Security
For communication security between servers and clients, and between servers
and other servers, you must explicitly configure SSL within EMS; see Using the
SSL Protocol on page 441.
SSL communication requires software to implement SSL on both server and
client. The EMS server includes the OpenSSL implementation. Java client
programs must use either JSSE (part of the Java environment) or separately
purchased SSL software from Entrust; neither of these are part of the EMS
product. C client programs can use the OpenSSL library shipped with EMS.

Sources of Authentication Data

The server uses only one source of X.509 certificate authentication data, namely,
the server parameter s s l _ s e r v e r _ t r u s t e d (its value is set in EMS an
configuration file). See s s l _ s e r v e r _ t r u s t e d on page 211.
The server can use three sources of secure password authentication data:
• Local data from the EMS configuration files.
• External data from an LDAP.
• A user-supplied JAAS LoginModule.
You must safeguard the security of EMS configuration files and LDAP servers.

Timestamp
The administration tool can either include or omit a timestamp associated with
the output of each command. To ensure a secure deployment, you must explicitly
enable the timestamp feature. Use the following administration tool command:
time on

TIBCO Enterprise Message Service User’s Guide

112
| Chapter 5 Running the EMS Server

Passwords

Passwords are a significant point of vulnerability for any enterprise. We

recommend enforcing strong standards for passwords.
For security equivalent to single DES (an industry minimum), security experts
recommend passwords that contain 8–14 characters, with at least one upper case
character, at least one numeric character, and at least one punctuation character.

EMS software does not automatically enforce such standards for passwords. You
must enforce such policies within your organization.

Audit Trace Logs

Audit information is output to log files (and s t d e r r ), and is configured by the
server parameters l o g _ t r a c e and c o n s o l e _ t r a c e (see Tracing and Log File
Parameters on page 204).
The D E F A U L T setting includes + A D M I N , so all administrative operations produce
audit output. For further details, see Table 63, Server Tracing Options, on
page 424.
Audit information in log files is always timestamped.
Administrators can read and print the log files for audit review using tools (such
as text editors) commonly available within all IT environments. EMS software
does not include a special tool for audit review.

TIBCO Enterprise Message Service User’s Guide

 How EMS Manages Access to Shared Store Files 113
|

How EMS Manages Access to Shared Store Files

To prevent two EMS servers from using the same store file, each server restricts
access to its store file for the duration of the server process. This section describes
how EMS manages locked store files.

Windows On Windows platforms, servers use the standard Windows C r e a t e F i l e function,

supplying F I L E _ S H A R E _ R E A D as the d w S h a r e M o d e (third parameter position) to
restrict access to other servers.

UNIX On UNIX platforms, servers use the standard f c n t l operating system call to
implement cooperative file locking:
struct flock fl;
int err;

fl.l_type = F_WRLCK;
fl.l_whence = 0;
fl.l_start = 0;
fl.l_len = 0;

err = fcntl(file, F_SETLK, &fl);

To ensure correct locking, we recommend checking the operating system

documentation for this call, since UNIX variants differ in their implementations.

TIBCO Enterprise Message Service User’s Guide

114
| Chapter 5 Running the EMS Server

TIBCO Enterprise Message Service User’s Guide

 | 115

Chapter 6 Using the EMS Administration Tool

This chapter gives an overview of commands and use in the administration tool
for TIBCO Enterprise Message Service.

Topics

• Starting the EMS Administration Tool, page 116

• Naming Conventions, page 119
• Command Listing, page 120

TIBCO Enterprise Message Service User’s Guide

116
| Chapter 6 Using the EMS Administration Tool

Starting the EMS Administration Tool

The EMS Administration Tool is located in your EMS_HOME/ b i n directory and is

a stand-alone executable named t i b e m s a d m i n on UNIX and t i b e m s a d m i n . e x e
o n Windows platforms.

On a computer running Windows, you can also start the administration tool from
the Start menu, following the path Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS administration tool.
The EMS server must be started as described in Chapter 5, Running the EMS
Server, on page 101 before you start the EMS Administration Tool.

When a system uses shared configuration files, then actions performed using the
administration tool take effect only when connected to the active server. If you
have configured fault-tolerant servers and connect to the standby server, the
administration tool will print a message notifying you of this. Additionally, if the
administration tool is connected to the backup server, it will be disconnected
when a switchover occurs.

Type t i b e m s a d m i n - h e l p to display information about t i b e m s a d m i n startup

parameters. All t i b e m s a d m i n parameters are optional.
Table 15 lists options for t i b e m s a d m i n .

Table 15 tibemsadmin Options

Option Description
-help or - h Print the help screen.

-script script-file Execute the specified text file containing

t i b e m s a d m i n commands then quit. Any valid
t i b e m s a d m i n command described in this chapter
can be executed.
Line breaks within the file delimit each command.
That is, every command must be contained on a
single line (no line breaks within the command),
and each command is separated by a line break.

-server server-url Connect to specified server.

-user user-name Use this user name to connect to server.

-password password Use this password to connect to server.

TIBCO Enterprise Message Service User’s Guide

 Starting the EMS Administration Tool 117
|

Table 15 tibemsadmin Options

Option Description
-ignore Ignore errors when executing script file. This
parameter only ignores errors in command
execution but not syntax errors in the script.

- m a n g l e [ password] Mangle the password and quit. Mangled string in

the output can be set as a value of one of these
passwords from the configuration files:
• server password
• server SSL password
• LDAP admin password
• database password
If the password is not entered it is prompted for.

-ssl_trusted filename File containing trusted certificate(s). This

parameter may be entered more than once if
required.

-ssl_identity filename File containing client certificate and (optionally)

extra issuer certificate(s), and the private key.

-ssl_issuer filename File containing extra issuer certificate(s) for

client-side identity.

-ssl_password password Private key or PKCS#12 password. If the

password is required, but has not been specified,
it will be prompted for.

-ssl_noverifyhostname Do not verify hostname against the name on the

certificate.

-ssl_hostname name Name expected in the certificate sent by the host.

-ssl_trace Show loaded certificates and certificates sent by

the host.

-ssl_debug_trace Show additional tracing, which is useful for

debugging.

TIBCO Enterprise Message Service User’s Guide

118
| Chapter 6 Using the EMS Administration Tool

When a command specifies - u s e r and - p a s s w o r d , that information is not stored

for later use. It is only used to connect to the server specified in the same
command line. The user name and password entered on one command line are
not reused with subsequent connect commands entered in the script file or
interactively.

Examples
tibemsadmin -server "tcp://host:7222"
tibemsadmin -server "tcp://host:7222" -user admin -password secret

Some options are needed when you choose to make a SSL connection. For more
information on SSL connections, refer to Chapter 18, Using the SSL Protocol,
page 441.

When You First Start tibemsadmin

The administration tool has a default user with the name a d m i n . This is the
default user for logging in to the administration tool.
To protect access to the server configuration, you must assign a password to the
user a d m i n .

Assign a Password to the Administrator

1. Log in and connect to the administration tool, as described directly above.
2. Use the s e t password command to change the password:
set password admin password

When you restart the administration tool and type c o n n e c t , the administration
tool now requires your password before connecting to the server.
For further information about setting and resetting passwords, refer to s e t
password on page 134.

TIBCO Enterprise Message Service User’s Guide

 Naming Conventions 119
|

Naming Conventions

These rules apply when naming users, groups, topics or queues:

• $is illegal at the beginning of the queue or topic names—but legal at the
beginning of user and group names.
• A user name cannot contain colon (":") character.
• Space characters are permitted in a description field—if the entire description
field is enclosed in double quotes (for example, " d e s c r i p t i o n f i e l d " ).
• Both * and > are wildcards, and cannot be used in names except as wildcards.
For more information about wildcards, see Wildcards on page 74.
• Dot separates elements within a destination name (f o o . b a r . * ) and can be
used only for that purpose.

Name Length Limitations

The following length limitations apply for these parameter names:
• Destination name — cannot exceed 249 characters. For more information on
topic and queue naming conventions, see Destination Name Syntax on
page 52.
• Username — cannot exceed 127 characters. The u s e r n a m e parameter is
described in u s e r s . c o n f on page 245.
• Group name — cannot exceed 127 characters. The g r o u p - n a m e parameter is
described in g r o u p s . c o n f on page 233.
• Client ID — cannot exceed 255 characters. The c l i e n t I D parameter is
described in f a c t o r i e s . c o n f on page 228.
• Connection URL — cannot exceed 1000 characters. The u r l parameter is
described in f a c t o r i e s . c o n f on page 228.
• Passwords — cannot exceed 4096 characters. This length limitation applies to
passwords used by the t i b e m s d to authenticate connecting clients or servers.

TIBCO Enterprise Message Service User’s Guide

120
| Chapter 6 Using the EMS Administration Tool

Command Listing

The command line interface of the administration tool allows you to perform a
variety of functions. Note that when a system uses shared configuration files, the
actions performed using the administration tool take effect only when connected
to the active server.

Many of the commands listed below accept arguments that specify the names of
users, groups, topics or queues. For information about the syntax and that apply
to these names, see Naming Conventions on page 119.

Note that SSL commands are not listed in this table. SSL commands are listed in
several tables in Chapter 18, Using the SSL Protocol, on page 441.

The following is an alphabetical listing of the commands including command

syntax and a description of each command.

add member
add member group_name user_name [ , user2, user3, . . . ]
Add one or more users to the group. User names that are not already defined are
added to the group as external users; see Administration Commands and
External Users and Groups on page 262.

addprop factory
addprop factory factory-name properties . . .
Adds properties to the factory. Property names are separated by spaces.
See f a c t o r i e s . c o n f on page 228 for the list of factory properties.
An example is:
addprop factory MyTopicFactory ssl_trusted=cert1.pem
ssl_trusted=cert2.pem ssl_verify_host=disabled

addprop queue
addprop queue queue-name properties, . . .
Adds properties to the queue. Property names are separated by commas.
For information on properties that can be assigned to queues, see Destination
Properties on page 55.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 121
|

addprop route
addprop route route-name p r o p = v a l u e [ prop-value. . . ]
Adds properties to the route.
Destination (topic and queue) properties must be separated by commas but
properties of routes and factories are separated with spaces.
You can set the z o n e _ n a m e and z o n e _ t y p e parameters when creating a route, but
you cannot subsequently change them.
For route properties, see Configuring Routes and Zones on page 494.
For the configuration file r o u t e s . c o n f , see r o u t e s . c o n f on page 235.

addprop topic
addprop topic topic_name properties, . . .
Adds properties to the topic. Property names are separated by commas.
For information on properties that can be assigned to topics, see Destination
Properties on page 55.

autocommit
autocommit [on|off]

When autocommit is set to o n , the changes made to the configuration files are
automatically saved to disk after each command. When a u t o c o m m i t is set to o f f ,
you must manually use the c o m m i t command to save configuration changes to
the disk.
By default, autocommit is set to o n when interactively issuing commands.
Entering a u t o c o m m i t without parameters displays the current setting of
autocommit (o n or o f f ) .

Regardless of the autocommit setting, the EMS server acts on each admin
command immediately making it part of the configuration. The autocommit
feature only determines when the configuration is written to the files.

commit
commit

Commits all configuration changes into files on disk.

TIBCO Enterprise Message Service User’s Guide

122
| Chapter 6 Using the EMS Administration Tool

compact
compact store_name max_time
Compacts the store files for the specified store. Compaction is not available for
stores of type m s t o r e .
Since compaction can be a lengthy operation, and it blocks other database
operations, max_time specifies a time limit (in seconds) for the operation. Note that
m a x _ t i m e must be a number greater than zero.

If truncation is not enabled for the store file, the compact command will not
reduce the file size. Truncation is enabled using the f i l e _ t r u n c a t e parameter in
the s t o r e s . c o n f file. See s t o r e s . c o n f on page 237 for more information.
We recommend compacting the store files only when the U s e d Space usage is
30% or less (see s h o w s t o r e on page 161).

If you have not configured your EMS server application with multiple store files,
the c o m p a c t command syntax is:
compact store_type max_time
where store_type is:
• a, async, or a s y n c h r o n o u s to compact the asynchronous file.
• s, sync, or s y n c h r o n o u s to compact the synchronous file.
The file will not be compacted unless the s t o r e _ t r u n c a t e parameter is enabled
in the t i b e m s d . c o n f file.

connect
c o n n e c t [ server-url { a d m i n | user_name} password]
Connects the administration tool to the server. Any administrator can connect. An
administrator is either the a d m i n user, any user in the $ a d m i n group, or any user
that has administrator permissions enabled. See Administrator Permissions on
page 249 for more information about administrator permissions.
server-url is usually in the form:
protocol: / / host-name: port-number
for example:
tcp://myhost:7222

The protocol can be t c p or s s l .

If a user name or password are not provided, the user is prompted to enter a user
name and password, or only the password, if the user name was already specified
in the command.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 123
|

You can enter c o n n e c t with no other options and the administrative tool tries to
connect to the local server on the default port, which is 7 2 2 2 .

create bridge
c r e a t e b r i d g e s o u r c e = type: dest_name t a r g e t = type: dest_name
[ s e l e c t o r = selector]

Creates a bridge between destinations.

type is either t o p i c or q u e u e .
For further information, see b r i d g e s . c o n f on page 223.

create durable
create durable topic-name durable-name [ property, . . . , property]
Creates a static durable subscriber.
For descriptions of parameters and properties, and information about conflict
situations, see d u r a b l e s . c o n f on page 227.

create factory
create factory factory_name factory_parameters
Creates a new connection factory.
For descriptions of factory parameters, see f a c t o r i e s . c o n f on page 228.

create group
create group group_name " description"
Creates a new group of users.
Initially, the group is empty. You can use the a d d member command to add users
to the group.

TIBCO Enterprise Message Service User’s Guide

124
| Chapter 6 Using the EMS Administration Tool

create jndiname
create jndiname new_jndiname t o p i c | q u e u e | j n d i n a m e name
Creates a JNDI name for a topic or queue, or creates an alternate JNDI name for a
topic that already has a JNDI name.
For example:
create FOO jndiname BAR

will create new JNDI name F O O referring the same object referred by JNDI name
BAR

create queue
create queue queue_name [ properties]
Creates a queue with the specified name and properties. The possible queue
properties are described in Destination Properties on page 55. Properties are listed
in a comma-separated list, as described in q u e u e s . c o n f on page 234.

create route
create route name u r l = URL [ properties . . . ]
Creates a route.
The name must be the name of the other server to which the route connects.
The local server connects to the destination server at the specified URL. If you
have configured fault-tolerant servers, you may specify the URL as a
comma-separated list of URLs.
The route properties are listed in r o u t e s . c o n f on page 235 and are specified as a
space-separated list of parameter name and value pairs.
You can set the z o n e _ n a m e and z o n e _ t y p e parameters when creating a route, but
you cannot subsequently change them.
If a passive route with the specified name already exists, this command promotes
it to an active-active route; see Active and Passive Routes on page 493.
For additional information on route parameters, see Configuring Routes and
Zones on page 494.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 125
|

create rvcmlistener
create rvcmlistener transport_name cm_name s u b j e c t
Registers an RVCM listener with the server so that any messages exported to a
t i b r v c m transport (including the first message sent) are guaranteed for the
specified listener. This causes the server to perform the TIBCO Rendezvous call
t i b r v c m T r a n s p o r t _ A d d L i s t e n e r.

The parameters are:

• transport_name — the name of the transport to which this RVCM listener
applies.
• cm_name — the name of the RVCM listener to which topic messages are to be
exported.
• subject — the RVCM subject name that messages are published to. This should
be the same name as the topic names that specify the e x p o r t property.
For more information, see t i b r v c m . c o n f on page 241 and Rendezvous Certified
Messaging (RVCM) Parameters on page 382.

create topic
create topic topic_name [ properties]
Creates a topic with specified name and properties. See Destination Properties on
page 55 for the list of properties. Properties are listed in a comma-separated list,
as described in t o p i c s . c o n f on page 241.

create user
create user user_name [ " user_description" ] [ password= password]
Creates a new user. Following the user name, you can add an optional description
of the user in quotes. The password is optional and can be added later using the
s e t p a s s w o r d command.

User names cannot contain colon (:) characters.

TIBCO Enterprise Message Service User’s Guide

126
| Chapter 6 Using the EMS Administration Tool

delete all
delete all users|groups|topics|queues|durables
[ topic-name-pattern| queue-name-pattern]

If used as d e l e t e a l l u s e r s | g r o u p s | t o p i c s | q u e u e s | d u r a b l e s without the

optional parameters, the command deletes all users, groups, topics, or queues (as
chosen).
If used with a topic or queue, and the optional parameters, such as:
delete all topics|queues topic-name-pattern| queue-name-pattern
the command deletes all topics and queues that match the topic or queue name
pattern.

delete bridge
d e l e t e b r i d g e s o u r c e = type: dest_name t a r g e t = type: dest_name

Delete the bridge between the specified source and target destinations.
type is either t o p i c or q u e u e .
See Destination Bridges on page 79 for more information on bridges.

delete connection
delete connection connection-id
Delete the named connection for the client. The connection ID is shown in the first
column of the connection description printed by s h o w c o n n e c t i o n .

delete durable
delete durable durable-name clientID
Delete the named durable subscriber.
When both the durable name and the client ID are specified, the EMS Server looks
for a durable named clientID: durable-name in the list of durables. If a matching
durable subscriber is not found, the administration tool prints an error message
including the fully qualified durable name.
See also, Conflicting Specifications on page 227.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 127
|

delete factory
delete factory factory-name
Delete the named connection factory.

delete group
delete group group-name
Delete the named group.

delete jndiname
delete jndiname jndiname
Delete the named JNDI name. Notice that deleting the last JNDI name of a
connection factory object will remove the connection factory object as well.
See Chapter 12, Using the EMS Implementation of JNDI, on page 335 for more
information.

delete message
delete message messageID
Delete the message with the specified message ID.

delete queue
delete queue queue-name
Delete the named queue.

delete route
delete route route-name
Delete the named route.

delete rvcmlistener
delete rvcmlistener transport_name cm_name subject
Unregister an RVCM listener with the server so that any messages being held for
the specified listener in the RVCM ledger are released. This causes the server to
perform the TIBCO Rendezvous call t i b r v c m T r a n s p o r t _ R e m o v e L i s t e n e r.

TIBCO Enterprise Message Service User’s Guide

128
| Chapter 6 Using the EMS Administration Tool

The parameters are:

• transport_name — the name of the transport to which this RVCM listener
applies.
• cm_name — the name of the RVCM listener to which topic messages are
exported.
• subject — the RVCM subject name that messages are published to. This should
be the same name as the topic names that specify the e x p o r t property.
For more information, see t i b r v c m . c o n f on page 241 and Rendezvous Certified
Messaging (RVCM) Parameters on page 382.

delete topic
delete topic topic-name
Delete the named topic.

delete user
delete user user-name
Delete the named user.

disconnect
disconnect

Disconnect the administrative tool from the server.

echo
echo [on|off]

Echo controls the reports that are printed into the standard output. When e c h o is
o f f the administrative tool only prints errors and the output of queries. When
e c h o is o n , the administrative tool report also contains a record of successful
command execution.
Choosing the parameter o n or o f f in this command controls e c h o . If e c h o is
entered in the command line without a parameter, it displays the current e c h o
setting (o n or o f f ). This command is used primarily for scripts.
The default setting for echo is o n .

TIBCO Enterprise Message Service User’s Guide

 Command Listing 129
|

exit
exit (aliases: quit, q, bye, end)

Exit the administration tool.

The administrator may choose the e x i t command when there are changes in the
configuration have which have not been committed to disk. In this case, the
system will prompt the administrator to use the c o m m i t command before exiting.

grant queue
grant queue queue-name u s e r = name | g r o u p = name permissions
Grants specified permissions to specified user or group on specified queue. The
name following the queue name is first checked to be a group name, then a user
name.
Specified permissions are added to any existing permissions. Multiple
permissions are separated by commas. Enter a l l in the permissions string if you
choose to grant all possible user permissions.
User permissions are:
• receive

• send

• browse

For more information on queue permissions, see Table 38 in User Permissions on

page 265.
Destination-level administrator permissions can also be granted with this
command. The following are administrator permissions for queues.
• view

• create

• delete

• modify

• purge

For more information on destination permissions, see Destination-Level

Permissions on page 254.

TIBCO Enterprise Message Service User’s Guide

130
| Chapter 6 Using the EMS Administration Tool

grant topic
grant topic topic-name u s e r = name | g r o u p = name permissions
Grants specified permissions to specified user or group on specified topic. The
name following the topic name is first checked to be a group name, then a user
name.
Specified permissions are added to any existing permissions. Multiple
permissions are separated by commas. Enter a l l in the permissions string if you
choose to grant all possible permissions.
Topic permissions are:
• subscribe

• publish

• durable

• use_durable
For more information on topic permissions, see Table 39 in User Permissions on
page 265.
Destination-level administrator permissions can also be granted with this
command. The following are administrator permissions for topics.
• view

• create

• delete

• modify

• purge

For more information on destination permissions, see Destination-Level

Permissions on page 254.

grant admin
g r a n t a d m i n u s e r = name | g r o u p = name admin_permissions
Grant the named global administrator permissions to the named user or group.
For a complete listing of global administrator permissions, see Global
Administrator Permissions on page 251.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 131
|

help
help (aliases: h, ?)

Display help information.

Enter h e l p commands for a summary of all available commands.
Enter h e l p command for help on a specific command.

info
info (alias: i)

Shows server name and information about the connected server.

jaci clear
jaci clear

Empties the JACI permission cache of all entries.

jaci resetstats
jaci resetstats

Resets all statistics counters for the JACI cache to zero.

jaci showstats
jaci showstats

Prints statistics about JACI cache performance.

purge all queues

p u r g e a l l q u e u e s [ pattern]

Purge all or selected queues.

When used without the optional pattern parameter, this command erases all
messages in all queues for all receivers.
When used with the pattern parameter, this command erases all messages in all
queues that fit the pattern (for example: f o o . * ).

TIBCO Enterprise Message Service User’s Guide

132
| Chapter 6 Using the EMS Administration Tool

purge all topics

p u r g e a l l t o p i c s [ pattern]

Purge all or selected topics.

When used without the optional pattern parameter, this command erases all
messages in all topics for all subscribers.
When used with the pattern parameter, this command erases all messages in all
topics that fit the pattern (for example: f o o . * ).

purge durable
purge durable durable-name
Purge all messages in the topic for the named durable subscriber

purge queue
purge queue queue-name
Purge all messages in the named queue.

purge topic
purge topic topic-name
Purge all messages for all subscribers on the named topic.

remove member
remove member group-name user-name[ , user2, user3, . . . ]
Remove one or more named users from the named group.

removeprop factory
removeprop factory factory-name properties
Remove the named properties from the named factory. See Connection Factory
Parameters on page 228 for a list of properties.

removeprop queue
removeprop queue queue-name properties
Remove the named properties from the named queue.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 133
|

removeprop route
removeprop route route-name properties
Remove the named properties from the named route.
You cannot remove the URL.
You can set the z o n e _ n a m e and z o n e _ t y p e parameters when creating a route, but
you cannot subsequently change them.
For route parameters, see Configuring Routes and Zones on page 494.
For the configuration file r o u t e s . c o n f , see r o u t e s . c o n f on page 235.

removeprop topic
removeprop topic topic-name properties
Remove the named properties from the named topic.

resume route
resume route route-name
Resumes sending messages to named route, if messages were previously
suspended using the s u s p e n d r o u t e command.

revoke admin
r e v o k e a d m i n u s e r = name | g r o u p = name permissions
Revoke the specified global administrator permissions from the named user or
group. See Chapter 8, Authentication and Permissions, on page 247 for more
information about administrator permissions.

revoke queue
revoke queue queue-name u s e r = name | g r o u p = name permissions
revoke queue queue-name * [ u s e r | a d m i n | b o t h ]
Revoke the specified permissions from a user or group for the named queue.
User and group permissions for queues are r e c e i v e , s e n d , b r o w s e , and a l l .
Administrator permissions for queues are v i e w, c r e a t e , d e l e t e , m o d i f y, and
purge.

TIBCO Enterprise Message Service User’s Guide

134
| Chapter 6 Using the EMS Administration Tool

If you specify an asterisk (*), all user-level permissions on this queue are removed.
You can use the optional a d m i n parameter to revoke all administrative
permissions, or the b o t h parameter to revoke all user-level and administrative
permissions on the queue.
For more information, see Chapter 8, Authentication and Permissions, on
page 247.

revoke topic
revoke topic topic-name u s e r = name | g r o u p = name permissions
revoke topic topic-name * [ u s e r | a d m i n | b o t h ]
Revoke the specified permissions from a user or group for the named topic.
User and group permissions for topics are s u b s c r i b e , p u b l i s h , d u r a b l e ,
u s e _ d u r a b l e , and a l l . Administrator permissions for topics are v i e w, c r e a t e ,
d e l e t e , m o d i f y, and p u r g e .

If you specify an asterisk (*), all user-level permissions on this topic are removed.
You can use the optional a d m i n parameter to revoke all administrative
permissions, or the b o t h parameter to revoke all user-level and administrative
permissions on the topic.
For more information, see Chapter 8, Authentication and Permissions, on
page 247.

rotatelog
rotatelog

Force the current log file to be backed up and truncated. The server starts writing
entries to the newly empty log file.
The backup file name is the same as the current log file name with a sequence
number appended to the filename. The server queries the current log file
directory and determines what the highest sequence number is, then chooses the
next highest sequence number for the new backup name. For example, if the log
file name is t i b e m s . l o g and there is already a t i b e m s . l o g . 1 and t i b e m s . l o g . 2 ,
the server names the next backup t i b e m s . l o g . 3 .

set password
set password user-name [ password]
Set the password for the named user.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 135
|

If you do not supply a password in the command, the server prompts you to type
one.

• To reset a password, type:

set password user-name

Type a new password at the prompt.

• To remove a password, use this command without supplying a password, and
press the Enter key at the prompt (without typing a password).

Passwords are a significant point of vulnerability for any enterprise. We

recommend enforcing strong standards for passwords.
For security equivalent to single DES (an industry minimum), security experts
recommend passwords that contain 8–14 characters, with at least one upper case
character, at least one numeric character, and at least one punctuation character.

set server
set server parameter= value [ parameter= value . . . ]
The s e t s e r v e r command can control many parameters. Multiple parameters
are separated by spaces. Table 16 describes the parameters you can set with this
command.

Table 16 Set server parameters (Sheet 1 of 7)

Parameter Description
password [= string] Sets server password used by the server to
connect to other routed servers. If the value is
omitted it is prompted for by the
administration tool. Entered value will be
stored in the main server configuration file in
mangled form (but not encrypted).
To reset this password, enter the empty string
twice at the prompt.

TIBCO Enterprise Message Service User’s Guide

136
| Chapter 6 Using the EMS Administration Tool

Table 16 Set server parameters (Sheet 2 of 7)

Parameter Description
authorization=enabled|disabled Sets the a u t h o r i z a t i o n mode in the
t i b e m s d . c o n f file.

After a transition from disabled to enabled, the

server checks ACL permissions for all
subsequent requests. While the server requires
valid authentication for existing producers and
consumers, it does not retroactively
reauthenticate them; it denies access to users
without valid prior authentication.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 137
|

Table 16 Set server parameters (Sheet 3 of 7)

Parameter Description
l o g _ t r a c e = trace-items Sets the trace preference on the file defined by
the l o g f i l e parameter. If l o g f i l e is not set,
the values are stored but have no effect.
The value of this parameter is a
comma-separated list of trace options. For a list
of trace options and their meanings, see
Table 63, Server Tracing Options, on page 424.
You may specify trace options in three forms:
• plain A trace option without a prefix
character replaces any existing trace
options.
• + A trace option preceded by + adds the
option to the current set of trace options.
• - A trace option preceded by - removes
the option from the current set of trace
options.

Examples
The following example sets the trace log to
only show messages about access control
violations.
log_trace=ACL

The next example sets the trace log to show all

default trace messages, in addition to SSL
messages, but ADMIN messages are not
shown.
log_trace=DEFAULT,-ADMIN,+SSL

TIBCO Enterprise Message Service User’s Guide

138
| Chapter 6 Using the EMS Administration Tool

Table 16 Set server parameters (Sheet 4 of 7)

Parameter Description
c o n s o l e _ t r a c e = console-trace-items Sets trace options for output to s t d e r r. The
values are the same as for l o g _ t r a c e .
However, console tracing is independent of log
file tracing.
If l o g f i l e is defined, you can stop console
output by specifying:
console_trace=-DEFAULT

Note that important error messages (and some

other messages) are always output, overriding
the trace settings.

Examples
This example sends a trace message to the
console when a TIBCO Rendezvous advisory
message arrives.
console_trace=RVADV

client_trace={enabled|disabled} Administrators can trace a connection or group

[ t a r g e t = location] [ f i l t e r = value]
of connections. When this property is e n a b l e d ,
the client generates trace output for opening or
closing a connection, message activity, and
transaction activity. This type of tracing does
not require restarting the client program.
The client sends trace output to location, which
may be either s t d e r r (the default) or s t d o u t .
You can specify a filter to selectively trace
specific connections. The filter can be u s e r,
c o n n i d or c l i e n t i d . The value can be a user
name or ID (as appropriate to the filter).
When the filter and value clause is absent, the
default behavior is to trace all connections.
Setting this parameter using the administration
tool does not change its value in the
configuration file t i b e m s d . c o n f .

TIBCO Enterprise Message Service User’s Guide

 Command Listing 139
|

Table 16 Set server parameters (Sheet 5 of 7)

Parameter Description
m a x _ m s g _ m e m o r y = value Maximum memory the server can use for
messages.
For a complete description, see
m a x _ m s g _ m e m o r y in t i b e m s d . c o n f on
page 173.
Specify units as K B , M B or G B . The minimum
value is 8 M B . Zero is a special value, indicating
no limit.
Lowering this value will not immediately free
memory occupied by messages.

msg_swapping=enabled|disabled Enables or disables the ability to swap

messages to disk.

track_message_ids=enabled|disabled Enables or disables tracking messages by

MessageID.

track_correlation_ids=enabled|disabled Enables or disables tracking messages by

CorrelationID.

s s l _ p a s s w o r d [ = string] This sets a password for SSL use only.

Sets private key or PKCS#12 file password
used by the server to decrypt the content of the
server identity file. The password is stored in
mangled form.

f t _ s s l _ p a s s w o r d [ = string] This sets a password for SSL use with Fault

Tolerance.
Sets private key or PKCS#12 file password
used by the server to decrypt the content of the
FT identity file. The password is stored in
mangled form.

TIBCO Enterprise Message Service User’s Guide

140
| Chapter 6 Using the EMS Administration Tool

Table 16 Set server parameters (Sheet 6 of 7)

Parameter Description
s e r v e r _ r a t e _ i n t e r v a l = num Sets the interval (in seconds) over which
overall server statistics are averaged. This
parameter can be set to any positive integer
greater than zero.
Overall server statistics are always gathered, so
this parameter cannot be set to zero. By default,
this parameter is set to 1.
Setting this parameter allows you to average
message rates and message size over the
specified interval.

statistics=enabled|disabled Enables or disables statistic gathering for

producers, consumers, destinations, and
routes. By default this parameter is set to
disabled.
Disabling statistic gathering resets the total
statistics for each object to zero.

r a t e _ i n t e r v a l = num Sets the interval (in seconds) over which

statistics for routes, destinations, producers,
and consumers are averaged. By default, this
parameter is set to 3 seconds. Setting this
parameter to zero disables the average
calculation.

detailed_statistics=NONE | Specifies which objects should have detailed

PRODUCERS,CONSUMERS,ROUTES,CHANNELS statistic tracking. Detailed statistic tracking is
only appropriate for routes, channels,
producers that specify no destination, or
consumers that specify wildcard destinations.
When detailed tracking is enabled, statistics for
each destination are kept for the object.
Setting this parameter to NONE disables
detailed statistic tracking. You can specify any
combination of PRODUCERS, CONSUMERS,
ROUTES, or CHANNELS to enable tracking
for each object. If you specify more than one
type of detailed tracking, separate each item
with a comma.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 141
|

Table 16 Set server parameters (Sheet 7 of 7)

Parameter Description
s t a t i s t i c s _ c l e a n u p _ i n t e r v a l = num Specifies how long (in seconds) the server
should keep detailed statistics if the destination
has no activity. This is useful for controlling the
amount of memory used by detailed statistic
tracking. When the specified interval is
reached, statistics for destinations with no
activity are deleted.

m a x _ s t a t _ m e m o r y = num Specifies the maximum amount of memory to

use for detailed statistic gathering. If no units
are specified, the amount is in bytes, otherwise
you can specify the amount using KB, MB, or
GB as the units.
Once the maximum memory limit is reached,
the server stops collecting detailed statistics. If
statistics are deleted and memory becomes
available, the server resumes detailed statistic
gathering.

setprop factory
setprop factory factory-name properties . . .
Set the properties for a connection factory, overriding any existing properties.
Multiple properties are separated by spaces. See Connection Factory Parameters
on page 228 for the list of the properties that can be set for a connection factory.

setprop queue
setprop queue queue-name properties, . . .
Set the properties for a queue, overriding any existing properties. Any properties
on a queue that are not explicitly specified by this command are removed.
Multiple properties are separated by commas. See Destination Properties on
page 55 for the list of the properties that can be set for a queue.

TIBCO Enterprise Message Service User’s Guide

142
| Chapter 6 Using the EMS Administration Tool

setprop route
setprop route route-name properties . . .
Set the properties for a route, overriding any existing properties. Any properties
on a route that are not explicitly specified by this command are removed.
You can set the z o n e _ n a m e and z o n e _ t y p e parameters when creating a route, but
you cannot subsequently change them.
Multiple properties are separated by spaces. For route parameters, see
routes.conf on page 235 and Configuring Routes and Zones on page 494.

setprop topic
setprop topic topic-name properties
Set topic properties, overriding any existing properties. Any properties on a topic
that are not explicitly specified by this command are removed.
Multiple properties are separated by commas. See Destination Properties on
page 55 for the list of the properties that can be set for a topic.

show bridge
show bridge topic|queue bridge_source
Display information about the configured bridges for the named topic or queue.
The bridge_source is the name of the topic or queue established as the source of the
bridge.
The following is example output for this command:
Target Name Type Selector
queue.dest Q
topic.dest.1 T "urgency in ('high', 'medium')"
topic.dest.2 T

The names of the destinations to which the specified destination has configured
bridges are listed in the Target Name column. The type and the message selector
(if one is defined) for the bridge are listed in the Type and Selector column.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 143
|

show bridges
s h o w b r i d g e s [ t y p e = t o p i c | q u e u e ] [ pattern]

Shows a summary of the destination bridges that are currently configured. The
t y p e option specifies the type of destination established as the bridge source. For
example, s h o w b r i d g e s t o p i c shows a summary of configured bridges for all
topics that are established as a bridge source. The pattern specifies a pattern to
match for source destination names. For example s h o w b r i d g e s f o o . * returns a
summary of configured bridges for all source destinations that match the name
f o o . * . The t y p e and pattern are optional.

The following is example output for this command:

Source Name Queue Targets Topic Targets
Q queue.source 1 1
T topic.source 1 2

Destinations that match the specified pattern and/or type are listed in the Source
Name column. The number of bridges to queues for each destination is listed in
the Queue Targets column. The number of bridges to topics for each destination is
listed in the Topic Targets column.

show channel
show channel channel-name
Show the details of a specific multicast channel. The channel-name must be the exact
name of a specific channel. Wildcards and partial names are invalid.
This command prints a table of information described in Table 17.

Table 17 Description of output fields

Heading Description
Channel Name of the multicast channel.

Address The multicast group IP address and port destination to

which messages are broadcast, in the form:
< multicast-group-IP-address> : < multicast-port>

TTL The maximum number of number of network hops

allowed for data on the channel.

Priority The transmission priority of messages on this channel

when the EMS server allocates bandwidth.
The highest priority is -5 and the lowest is 5.

TIBCO Enterprise Message Service User’s Guide

144
| Chapter 6 Using the EMS Administration Tool

Table 17 Description of output fields

Heading Description
Max Rate The maximum rate at which the server broadcasts
messages over the channel.

Max Time The maximum length of time, in seconds, that the

server holds sent messages for retransmission.

Interface The IP address over which the server sends multicast

traffic on this channel. A value of 0 . 0 . 0 . 0 indicates
that the default interfaces is being used.

Status The status of the channel, either a c t i v e or i n a c t i v e .

Server Backlog The number of messages and the total number of bytes
pending broadcast over the channel.
See Multicast and Flow Control on page 85 for more
information about controlling backlog.

Transmitted The total number of bytes sent on the channel. This

number does not include retransmissions.

Retransmitted The total number of bytes sent in retransmissions on

the channel.

Retransmission The total number of bytes that are currently buffered

Buffer for retransmission.

show channels
show channels

Print a summary of the server’s multicast channels, including each channel’s

multicast address and status.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 145
|

show config
show config

Shows the configuration parameters for the connected server. The output
includes:
• configuration files
• server database
• server JVM
• server JDBC database
• listen ports
• configuration settings
• message tracking
• server tracing parameters
• statistics settings
• fault-tolerant setup
• external transport setup
• server SSL setup
• server LDAP parameters (GONE?)

show consumer
show consumer consumerID
Shows details about a specific consumer. The consumerID can be obtained from the
s h o w c o n s u m e r s output.

show consumers
show consumers [ t o p i c = name | q u e u e = name] [ d u r a b l e ] [ u s e r = name]
[ c o n n e c t i o n = id] [ s o r t = c o n n | u s e r | d e s t | m s g s ] [ f u l l ]

Shows information about all consumers or only consumers matching specified

filters. Output of the command can be controlled by specifying the s o r t or f u l l
parameter. If the t o p i c or q u e u e parameter is specified, then only consumers on
destinations matching specified queue or topic are shown. The u s e r and/or
c o n n e c t i o n parameters show consumers only for the specified user or
connection. Note that while the queue browser is open, it appears as a consumer
in the EMS server.

TIBCO Enterprise Message Service User’s Guide

146
| Chapter 6 Using the EMS Administration Tool

The d u r a b l e parameter shows only durable topic subscribers and queue

receivers, but it does not prevent queue consumers to be shown. To see only
durable topic consumers, use:
show consumers topic=> durable

The s o r t parameter sorts the consumers by either connection ID, user name,
destination name, or number of pending messages. The f u l l parameter shows all
columns listed below and can be as wide as 120-140 characters or wider. Both
topic and queue consumers are shown in separate tables, first the topic consumers
and then the queue consumers.

Table 18 Description of output fields

Heading Description
Id Consumer ID.

Conn Consumer's connection ID or '-' if this is a disconnected durable topic

subscriber.

Sess Consumer's session ID or '-' if this is a disconnected durable topic subscriber.

T Consumer type character which can be one of:

For topic consumer:
• T - non-durable topic subscriber.
• D - durable topic subscriber.
• R - system-created durable for a routed topic.
• P - proxy subscriber on route's temporary topic.
For queue consumer:
• Q - regular queue receiver.
• q - inactive queue receiver.
• P - system-created receiver on global queue for user receiver created in one
of routes.

Topic/Queue Name of the subscription topic or queue.

Name (Topics Only.) Durable subscription name. This column is shown if at least one
topic subscriber is a durable subscriber.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 147
|

Table 18 Description of output fields

Heading Description
SAS[NMB] Description of columns:
• S - '+' if consumer's connection started, '-' otherwise.
• A - acknowledge mode of consumer's session, values are:
— N - no acknowledge
— A - auto acknowledge
— D - dups_ok acknowledge
— C - client acknowledge
— T - session is transactional
— X - XA or MS DTC session
— Z - connection consumer
• S - '+' if consumer has a selector, '-' otherwise.
• N - (TOPICS ONLY) '+' if subscriber is "NoLocal."
• M - (TOPICS ONLY) '+' if subscriber is receiving multicast.
• B - (QUEUES ONLY) '+' if consumer is a queue browser.

Pre Prefetch value of the consumer's destination.

Pre Dlv Number of prefetch window messages delivered to consumer

Msgs Sent Current number of messages sent to consumer which are not yet acknowledged
by consumer's session.

Size Sent Combined size of unacknowledged messages currently sent to consumer. Value
is rounded and shown in bytes, (K)ilobytes, (M)egabytes or (G)igabytes.

Pend Msgs (Topics Only.) Total number of messages pending for the topic consumer.

Pend Size (Topics Only.) Combined size of messages pending for the topic consumer.
Value is rounded and shown in bytes, (K)ilobytes, (M)egabytes or (G)igabytes.

Uptime Uptime of the consumer.

Last Sent Approximate time elapsed since last message was sent by the server to the
consumer. Value is approximate with precision of 1 second.

TIBCO Enterprise Message Service User’s Guide

148
| Chapter 6 Using the EMS Administration Tool

Table 18 Description of output fields

Heading Description
Last Akcd Approximate time elapsed since last time a message sent to the consumer was
acknowledged by consumer's session. Value is approximate with precision of 1
second.

Total Sent Total number of messages sent to consumer since it was created. This includes
resends due to session recover or rollback.

Total Acked Total number of messages sent to the consumer and acknowledged by
consumer's session since consumer created.

show connections
s h o w c o n n e c t i o n s [ t y p e = q | t | s ] [ h o s t = hostname] [ u s e r = username]
[version] [address] [counts] [full]

Show connections between clients and server. Table 20 on page 149 describes the
output.
The t y p e parameter selects the subset of connections to display as shown in
Table 19. The h o s t and u s e r parameters can further narrow the output to only
those connections involving a specific host or user. When the v e r s i o n flag is
present, the display includes the client’s version number.
If the a d d r e s s parameter is specified, then the IP address is printed in the output
table. If the c o u n t s parameter is specified, then number of producers, consumers
and temporary destinations are printed. Specifying the f u l l parameter prints all
of the available information.

Table 19 show connections: type Parameter

Type Description
type=q Show queue connections only.

type=t Show topic connections only.

type=s Show system connections only.

absent Show queue and topic connections, but not system

connections.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 149
|

Table 20 Description of output fields

Heading Description
L The type of client. Can be one of the following:
• J — Java client
• C — C client
• # — C# client
• - — unknown system connection

Version The EMS version of the client.

ID Unique connection ID. Each connection is assigned a unique,

numeric ID that can be used to delete the connection.

FSXT Connection type information.

The F column displays whether the connection is fault-tolerant.
• - — not a fault-tolerant connection, that is, this connection
has no alternative URLs
• + — fault-tolerant connection, that is, this connection has
alternative URLs
The S column displays whether the connection uses SSL.
• - — connection is not SSL
• + — connection is SSL
The X column displays whether the connection is an XA or MS
DTC transaction.
• - — connection is not XA or MS DTC
• + — connection is either an XA or MS DTC connection
The T column displays the connection type.
• C — generic user connection
• T — user TopicConnection
• Q — user QueueConnection
• A — administrative connection
• R — system connection to another route server
• F — system connection to the fault-tolerant server

TIBCO Enterprise Message Service User’s Guide

150
| Chapter 6 Using the EMS Administration Tool

Table 20 Description of output fields

Heading Description
S Connection started status, + if started, - if stopped.

IP Address Shows client IP address.

The a d d r e s s or f u l l parameter must be specified to display
this field.

Host Connection's host name. (If the name is not available, this
column displays the host’s IP address.)

Address Connection's IP address.

If you supply the keyword a d d r e s s , then the table includes this
column.

User Connection user name. If a user name was not provided when
the connection was created, it is assigned the default user name
anonymous.

ClientID Client ID of the connection.

Sess Number of sessions on this connection.

Prod Number of producers on this connection.

The c o u n t s or f u l l parameter must be specified to display this
field.

Cons Number of consumers on this connection.

The c o u n t s or f u l l parameter must be specified to display this
field.

TmpT Number of temporary topics created by this connection. For

clients prior to 4.4 this is not known and shows "?."
The c o u n t s or f u l l parameter must be specified to display this
field.

TmpQ Number of temporary queues created by this connection. For

clients prior to 4.4 this is not known and shows "?."
The c o u n t s or f u l l parameter must be specified to display this
field.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 151
|

Table 20 Description of output fields

Heading Description
Uncomm Number of messages in uncommitted transactions on the
connection.
The c o u n t s or f u l l parameter must be specified to display this
field.

UncommSize The combined size, in bytes, of messages in uncommitted

transactions on the connection.
The c o u n t s or f u l l parameter must be specified to display this
field.

Uptime Time that the connection has been in effect.

show db
show db

Print a summary of the server’s databases. Databases are also printed by s h o w

s t o r e s , the preferred command.

See the s h o w store on page 161 for details about a specific database.

show durable
show durable durable-name
Show information about a durable subscriber.

Table 21 show durable Table Information

Heading Description
Durable Fully qualified name of the durable subscriber. This name
Subscriber concatenates the client ID (if any) and the subscription name
(separated by a colon).

Subscription Full name of the durable subscriber.

name

Client ID Client ID of the subscriber’s connection.

Topic The topic from which the durable subscription receives

messages.

TIBCO Enterprise Message Service User’s Guide

152
| Chapter 6 Using the EMS Administration Tool

Table 21 show durable Table Information (Cont’d)

Heading Description
Type d y n a m i c —created by a client
s t a t i c —configured by an administrator

Status online
offline

Username Username of the durable subscriber (that is, of the client’s

connection).
If the durable subscriber is currently offline, the value in this
column is o f f l i n e .

Consumer ID This internal ID number is not otherwise available outside

the server.

No Local e n a b l e d —the
subscriber does not receive messages sent
from its local connection (that is, the same connection as the
subscriber).
d i s a b l e d —the subscriber receives messages from all
connections.

Selector The subscriber receives only those messages that match this
selector.

Pending Msgs Number of all messages in the topic. (This count includes the
number of delivered messages.)

Delivered Number of messages in the topic that have been delivered to

Msgs the durable subscriber, but not yet acknowledged.

Pending Msgs Total size of all pending messages

Size

show durables
s h o w d u r a b l e s [ pattern]

If a pattern is not entered, this command shows a list of all durable subscribers on
all topics.
If a pattern is entered (for example f o o . *) this command shows a list of durable
subscribers on topics that match that pattern.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 153
|

This command prints a table of information described in Table 22.

Table 22 show durables Table Information

Heading Description
Topic Name Name of the topic.
An asterisk preceding this name indicates a dynamic durable
subscriber. Otherwise the subscriber is static (configured by
an administrator).

Durable Full name of the durable subscriber.

User Name of the user of this durable subscriber. If the durable

subscriber is currently offline, the value in this column is
offline.

For users defined externally, there is an asterisk in front of

the user name.

Msgs Number of pending messages

Size Total size of pending messages

For more information, see Destination Properties on page 55.

show factory
show factory factory-name
Shows properties of specified factory.

show factories
show factories [generic|topic|queue]

Shows all factories. You can refine the listed output by specifying only generic,
topic, or queue factories be listed.

show jndiname
show jndiname jndi-name
Shows the object that the specified name is bound to by the JNDI server.

TIBCO Enterprise Message Service User’s Guide

154
| Chapter 6 Using the EMS Administration Tool

show jndinames
s h o w j n d i n a m e s [ type]

The optional parameter type can be:

• destination
• topic
• queue
• factory
• topicConnectionFactory
• queueConnectionFactory
When type is specified only JNDI names bound to objects of the specified type are
shown. When type is not specified, all JNDI names are shown.

show group
show group group-name
Shows group name, description, and number of members in the group.
For groups defined externally, there is an asterisk in front of the group name.
Only external groups with at least one currently connected user are shown.

show groups
show groups

Shows all user groups.

For groups defined externally, there is an asterisk in front of the group name.

show members
show members group-name
Shows all user members of specified user group.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 155
|

show message
show message messageID
Shows the message for the specified message id.
This command requires that tracking by message ID be turned on using the
t r a c k _ m e s s a g e _ i d s configuration parameter.

show messages
show messages correlationID
Shows the message IDs of all messages with the specified correlation ID set as
J M S C o r r e l a t i o n I D message header field. You can display the message for each
ID returned by this command by using the s h o w m e s s a g e messageID command.
This command requires that tracking by correlation ID be turned on using the
t r a c k _ c o r r e l a t i o n _ i d s configuration parameter.

show parents
show parents user-name
Shows the user’s parent groups. This command can help you to understand the
user’s permissions.

TIBCO Enterprise Message Service User’s Guide

156
| Chapter 6 Using the EMS Administration Tool

show queue
show queue queue-name
Shows the details for the specified queue.

If the queue is a routed queue, specify only the name of the queue (do not specify
the server using the queue-name@server form).

Table 23 show queue Table Information

Heading Description
Queue Full name of the queue.

Type d y n a m i c —created by a client

s t a t i c —configured by an administrator

Properties A list of property names that are set on the queue, and their
values. For an index list of property names, see Destination
Properties on page 55.

JNDI Names A list of explicitly assigned JNDI names that refer to this
queue.

Bridges A list of bridges from this queue to other destinations.

Receivers Number of consumers on this queue.

Pending Msgs Number of all messages in the queue. (This count includes
the number of delivered messages.)

Delivered Number of messages in the queue that have been delivered

Msgs to a consumer, but not yet acknowledged.

Pending Msgs Total size of all pending messages

Size

TIBCO Enterprise Message Service User’s Guide

 Command Listing 157
|

show queues
s h o w q u e u e s [ pattern-name [ n o t e m p | s t a t i c | d y n a m i c ]
[ f i r s t = n| n e x t = n| l a s t = n] ]

If a pattern-name is not entered, this command shows a list of all queues.

If a pattern-name is entered (for example f o o . *) this command shows a list of
queues that match that pattern. You can further refine the list of queues that
match the pattern by using one of the following parameters:
• notemp — do not show temporary queues
• static — show only static queues
• dynamic — show only dynamic queues
When a pattern-name is entered, you can also cursor through the list of queues
using one of the following commands, where n is whole number:
• first=n — show the first n queues
• next=n — show the next n queues
• last=n — show the next n queues and terminate the cursor
The cursor examines n queues and displays queues that match the pattern-name.
Because it does not traverse the full list of queues, the cursor may return zero or
fewer than n queues. To find all matching queues, continue to use n e x t until you
receive a C u r s o r c o m p l e t e message.
The s h o w q u e u e s command prints a table of information described in Table 24. A
* appearing before the queue name indicates a dynamic queue.

Table 24 show queues Table Information

Heading Description
Queue Name Name of the queue. If the name is prefixed with an asterisk (* ),
then the queue is temporary or was created dynamically.
Properties of dynamic and temporary queues cannot be
changed.

TIBCO Enterprise Message Service User’s Guide

158
| Chapter 6 Using the EMS Administration Tool

Table 24 show queues Table Information (Cont’d)

Heading Description
SNFGXIBCT Prints information on the topic properties in the order
(S)ecure (N)sender_name or sender_name_enforced (F)ailsafe
(G)lobal e(X)clusive (I)mport (B)ridge (C)flowControl (T)race
The characters in the value section show:
- Property not present
+ Property is present, and was set on the topic itself
* Property is present, and was inherited from another queue
Note that inherited properties cannot be removed.

Pre Prefetch value. If the value is followed by an asterisk (* ), then

it is inherited from another queue or is the default value.

Rcvrs Number of currently active receivers

Msgs Number of pending messages

Size Total size of pending messages

For more information, see Destination Properties on page 55.

show route
show route route-name
Shows the properties (URL and SSL properties) of a route.

show routes
show routes

Shows the properties (URL and SSL properties) of all created routes.
These commands print the information described in Table 25.

Table 25 show routes Table Information (Sheet 1 of 2)

Heading Description
Route Name of the route.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 159
|

Table 25 show routes Table Information (Sheet 2 of 2)

Heading Description
T Type of route:
• A indicates an active route.
• P indicates a passive route.

ConnID Unique ID number of the connection from this server to the

server at the other end of the route.
A hyphen (- ) in this column indicates that the other server is
not connected.

URL URL of the server at the other end of the route.

ZoneName Name of the zone for the route.

ZoneType Type of the zone:

• m indicates a multi-hop zone.
• 1 indicates a one-hop zone.

show rvcmtransportledger
show rvcmtransportledger transport_name [ subject-or-wildcard]
Displays the TIBCO Rendezvous certified messaging (RVCM) ledger file entries
for the specified transport and the specified subject. You can specify a subject
name, use wildcards to retrieve all matching subjects, or omit the subject name to
retrieve all ledger file entries.
For more information about ledger files and the format of ledger file entries, see
TIBCO Rendezvous documentation.

show rvcmlisteners
show rvcmlisteners

Shows all RVCM listeners that have been created using the c r e a t e
rvcmlistener command or by editing the t i b r v c m . c o n f file.

show server
show server (aliases: info, i)

TIBCO Enterprise Message Service User’s Guide

160
| Chapter 6 Using the EMS Administration Tool

Shows server name and information about the connected server.

show stat
show stat channel name [ t o p i c = name]
s h o w s t a t c o n s u m e r s [ t o p i c = name| q u e u e = name] [ u s e r = name]
[ c o n n e c t i o n = id] [ t o t a l ]

s h o w s t a t p r o d u c e r s [ t o p i c = name| q u e u e = name] [ u s e r = name]

[ c o n n e c t i o n = id] [ t o t a l ]

show stat route name [ t o p i c = name| q u e u e = name] [ t o t a l ] [ w i d e ]

show stat topic name [ t o t a l ] [ w i d e ]
show stat queue name [ t o t a l ] [ w i d e ]
Displays statistics for the specified item. You can display statistics for consumers,
producers, routes, destinations, or channels. Statistic gathering must be enabled
for statistics to be displayed. Also, detailed statistics for each item can be
displayed if detailed statistic tracking is enabled. Averages for
inbound/outbound messages and message size are available if an interval is
specified in the r a t e _ i n t e r v a l configuration parameter.
The t o t a l keyword specifies that only total number of messages and total
message size for the item should be displayed. The w i d e keyword displays
inbound and outbound message statistics on the same line.
See Working with Server Statistics on page 436 for a complete description of
statistics and how to enable/disable statistic gathering options.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 161
|

show store
show store store-name
Show the details of a specific store. This command can be used to get details about
either a file-based store or a database store.
The store-name must be the exact name of a specific store.
This command prints a table of information described in Table 26.

Table 26 show store Table Information

Heading Description
Store Name of the store.

Type Type of store:

• file indicates a file-based store.
• dbstore indicates a database store.
• mstore indicates an mstore.

Message Count The number of messages that are stored in the file.

Swapped Count The number of messages that have been swapped from
process memory to store file.

Headings specific to file-based stores

File File name associated with this store file, as it is set by

the f i l e parameter in the s t o r e s . c o n f file.

Access Mode a s y n c h r o n o u s —the server stores messages in the file

using asynchronous I/O calls.
s y n c h r o n o u s —the
server stores messages in the file
using synchronous I/O calls.

Pre-allocation The amount of disk space, if any, that is preallocated to

Minimum this file.

CRC e n a b l e d —the
server uses CRC to validate checksum
data when reading the store file.
d i s a b l e d —the server does not validate checksum data
when reading the store file.

TIBCO Enterprise Message Service User’s Guide

162
| Chapter 6 Using the EMS Administration Tool

Table 26 show store Table Information

Heading Description
Periodic Truncation e n a b l e d —the
EMS server occasionally truncates the
store file, relinquishing unused disk space.
d i s a b l e d —the EMS server does not truncate the store
file to relinquish unused disk space.

File Size The size of the store file, including unused allocated file
space.

Free Space The amount of unused allocated file space.

Fragmentation The level of fragmentation in the file.

Used Space The amount of used space in the file.

Message Size Total size of all messages in the file.

Swapped Size The total size of swapped messages in the file.

Headings specific to mstores

Note that output for mstores includes many of the same fields available to
file-based stores.

Discard Scan The maximum length of time that the EMS server takes
Interval to examine all messages in the mstore. This interval is
controlled with the s c a n _ i t e r _ i n t e r v a l parameter in
the s t o r e s . c o n f file.

Discard Scan The bytes read and processed every Discard Scan
Interval Bytes Interval. This number is proportional to the mstore file
size, and must be kept within the limits of your storage
medium. See Understanding mstore Intervals on
page 32 for more information.

First Scan Finished t r u e —all the data in the store has been examined at
least once since the EMS server startup.
f a l s e —not all data has been examined since the EMS
server last started. When f a l s e , certain server statistics
(such as the Message Count field) may be
underreported as a result of expired or purged
messages still in the store. See Implications for Statistics
on page 34 for more information.

TIBCO Enterprise Message Service User’s Guide

 Command Listing 163
|

Table 26 show store Table Information

Heading Description
Headings specific to database stores

JDBC Driver Name The name of the JDBC database server.

JDBC URL The location of the JDBC database server.

Username The username that the EMS server uses to access the
database.

Dialect The SQL dialect used to construct SQL commands.

show stores
show stores

Print a list of the server’s stores.

show topic
show topic topic-name

Table 27 show topic Table Information

Heading Description
Topic Full name of the topic.

Type d y n a m i c —created by a client

s t a t i c —configured by an administrator

Properties A list of property names that are set on the topic, and
their values. For an index list of property names, see
Destination Properties on page 55.

JNDI Names A list of explicitly assigned JNDI names that refer to

this topic.

Bridges A list of bridges from this topic to other destinations.

Consumers Number of consumers on this topic. (This count also

includes durable consumers.)

TIBCO Enterprise Message Service User’s Guide

164
| Chapter 6 Using the EMS Administration Tool

Table 27 show topic Table Information (Cont’d)

Heading Description
Durable Consumers Number of durable consumers on this topic.

Pending Msgs The total number of messages sent but not yet
acknowledged by the consumer. This count includes
copies sent to multiple subscribers.

Pending Msgs Size Total size of all pending messages

The server accumulates the following statistics only when the administrator
has enabled statistics. Otherwise these items are zero.

Total Inbound Msgs Cumulative count of all messages delivered to the

topic.

Total Inbound Bytes Cumulative total of message size over all messages
delivered to the topic.

Total Outbound Msgs Cumulative count of messages consumed from the

topic by consumers. Each consumer of a message
increments this count independently of other
consumers, so one inbound message results in n
outbound messages (one per consumer).

Total Outbound Bytes Cumulative total of message size over all messages
consumed from the topic by consumers. Each
consumer of a message contributes this total
independently of other consumers.

show topics
s h o w t o p i c s [ pattern-name [ n o t e m p | s t a t i c | d y n a m i c ]
[ f i r s t = n| n e x t = n| l a s t = n] ]

If a pattern-name is not entered, this command shows a list of all topics.

If a pattern-name is entered (for example f o o . *) this command shows a list of topics
that match that pattern. You can further refine the list of topics that match the
pattern by using one of the following parameters:
• notemp — do not show temporary topics
• static — show only static topics
• dynamic — show only dynamic topics

TIBCO Enterprise Message Service User’s Guide

 Command Listing 165
|

When a pattern-name is entered, you can also cursor through the list of topics using
one of the following commands, where n is whole number:
• first=n — show the first n topics
• next=n — show the next n topics
• last=n — show the next n topics and terminate the cursor
The cursor examines n topics and displays topics that match the pattern-name.
Because it does not traverse the full list of topics, the cursor may return zero or
fewer than n topics. To find all matching topics, continue to use n e x t until you
receive a C u r s o r c o m p l e t e message.
The s h o w topics command prints a table of information described in Table 28.

Table 28 Show topics table information (Sheet 1 of 2)

Heading Description
Topic Name Name of the topic. If the name is prefixed with an asterisk (* ),
then the topic is temporary or was created dynamically.
Properties of dynamic and temporary topics cannot be
changed.

SNFGEIBCTM Prints information on the topic properties in the order

(S)ecure (N)sender_name or sender_name_enforced
(F)ailsafe (G)lobal (E)xport (I)mport (B)ridge (C)flowControl
(T)race (M)ulticast
The characters in the value section show:
- Property not present
+ Property is present, and was set on the topic itself
* Property is present, and was inherited from another topic
Note that inherited properties cannot be removed.

Subs Number of current subscribers on the topic, including

durable subscribers

Durs Number of durable subscribers on the topic

TIBCO Enterprise Message Service User’s Guide

166
| Chapter 6 Using the EMS Administration Tool

Table 28 Show topics table information (Sheet 2 of 2)

Heading Description
Msgs The total number of messages sent but not yet acknowledged
by the consumer. This count includes copies sent to multiple
subscribers.
To see the count of actual messages (not multiplied by the
number of topic subscribers) sent to all destinations, use the
s h o w s e r v e r command.

Size Total size of pending messages

For more information, see Destination Properties on page 55.

show transactions
show transactions

Shows the XID for all client transactions that were created using the XA or MS
DTC interfaces. Each row presents information about one transaction. The XID is
the concatenation of the Format ID, GTrid Len, Bqual Len, and Data fields for a
transaction. For example, if show transactions returns the row:
State Format ID GTrid Len Bqual Len Data
E 0 6 2 branchid

then the XID is 0 6 2 b r a n c h i d . Note that the spaces

are required.
Table 29 describes the information shown in each column.

Table 29 Show transactions table information (Sheet 1 of 2)

Heading Description
State Transaction state:
• A active
• E ended
• R rollback only

• P prepared
• S suspended
Suspended transactions can be rolled back, but cannot be rolled
forward (committed).

TIBCO Enterprise Message Service User’s Guide

 Command Listing 167
|

Table 29 Show transactions table information (Sheet 2 of 2)

Heading Description
Format ID The XA transaction format identifier.
0 = OSI CCR naming is used
>0 = some other format is used
-1 = NULL

GTrid Len The number of bytes that constitute the global transaction ID.

Bqual Len The number of bytes that constitute the branch qualifier.
Data The global transaction identifier (gtrid) and the branch qualifier
(bqual).

show transport
show transport transport
Displays the configuration for the specified transport defined in
transports.conf.

See Configuring Transports for Rendezvous on page 380 and Configuring

Transports for SmartSockets on page 403 for details.

show transports
show transports

Lists all configured transport names in t r a n s p o r t s . c o n f .

show user
show user user-name
Shows user name and description. If no user name is specified, this command
displays the currently logged in user.
For users defined externally, there is an asterisk in front of the user name.

TIBCO Enterprise Message Service User’s Guide

168
| Chapter 6 Using the EMS Administration Tool

show users
show users

Shows all users.

For users defined externally, there is an asterisk in front of the user name. Only
currently connected external users are shown.

showacl admin
showacl admin

Shows all administrative permissions for all users and groups, but does not
include administrative permissions on destinations.

showacl group
showacl group group-name [ a d m i n ]
Shows all permissions set for a given group. Shows the group and the set of
permissions. You can optionally specify a d m i n to show only the administrative
permissions for destinations or principals. Specifying s h o w a c l a d m i n shows all
administrative permissions for all users and groups (not including administrative
permissions on destinations).

showacl queue
showacl queue queue-name [ a d m i n ]
Shows all permissions set for a queue. Lists all entries from the a c l file. Each
entry shows the “grantee” (user or group) and the set of permissions. You can
optionally specify a d m i n to show only the administrative permissions for
destinations or principals. Specifying s h o w a c l a d m i n shows all administrative
permissions for all users and groups (not including administrative permissions
on destinations).

showacl topic
showacl topic topic-name [ a d m i n ]
Shows all permissions set for a topic. Lists all entries from the a c l file. Each entry
shows the “grantee” (user or group) and the set of permissions. You can
optionally specify a d m i n to show only the administrative permissions for
destinations or principals. Specifying s h o w a c l a d m i n shows all administrative
permissions for all users and groups (not including administrative permissions
on destinations).

TIBCO Enterprise Message Service User’s Guide

 Command Listing 169
|

showacl user
showacl user user-name [ a d m i n | a l l | a d m i n - a l l ]
Shows the user and the set of permissions granted to the user for destinations and
principals.
showacl user username — displays permissions granted directly to the user. (An
administrator can use this form of the command to view own permissions, even
without permissions to view any other user permissions.)
showacl user username a d m i n — displays administrative permissions granted
directly to the user.
showacl user username a l l — displays direct and inherited (from groups to
which the user belongs) permissions.
showacl user username a d m i n - a l l — displays all administrative permissions for
a given user (direct and inherited)

The output from this command displays inherited permissions prefixed with a '*'.
Inherited permissions cannot be changed. An attempt to revoke an inherited
permission for the principal user will not change the permission.

shutdown
shutdown

Shuts down currently connected server.

suspend route
suspend route route-name
Suspends outgoing messages to the named route.
Message flow can be recovered later using the command r e s u m e route.

time
time [on | off]

Specifying o n places a timestamp before each command’s output. By default, the

timestamp is o f f .

timeout
t i m e o u t [ seconds]

TIBCO Enterprise Message Service User’s Guide

170
| Chapter 6 Using the EMS Administration Tool

Show or change the current command timeout value. The timeout value is the
number of seconds the Administration Tool will wait for a response from the
server after sending a command.
By default, the timeout is 30 seconds. When t i m e o u t is entered with the optional
seconds parameter, the timeout value is reset to the specified number of seconds.
When entered without parameter, the current timeout value is returned.

transaction commit
transaction commit XID
Commits the transaction identified by the transaction ID. The transaction must be
in the e n d e d or p r e p a r e d state. To obtain a transaction ID, issue the s h o w
t r a n s a c t i o n s command, and cut and paste the XID into this command.

transaction rollback
transaction rollback XID
Rolls back the transaction identified by the transaction ID. The transaction must
be in the e n d e d , r o l l b a c k o n l y, or the p r e p a r e d state. To obtain a transaction ID,
issue the show transactions command, and cut and paste the XID into this
command.

Messages sent to a queue with p r e f e t c h = n o n e and m a x R e d e l i v e r y = number

properties are not received number times by an EMS application that receives in a
loop and does an XA rollback after the XA prepare phase.

updatecrl
updatecrl

Immediately update the server’s certificate revocation list (CRL).

whoami
whoami

Alias for the show user command to display the currently logged in user.

TIBCO Enterprise Message Service User’s Guide

 | 171

Chapter 7 Using the Configuration Files

This chapter describes configuring TIBCO Enterprise Message Service.

Topics

• Location of Configuration Files, page 172

• Mechanics of Configuration, page 172
• tibemsd.conf, page 173
• Using Other Configuration Files, page 221

TIBCO Enterprise Message Service User’s Guide

172
| Chapter 7 Using the Configuration Files

Location of Configuration Files

The installation process places configuration files in two directories:

• config-file-directory/ c f m g m t / e m s / d a t a / contains a subset of configuration files
suitable for quickly testing the installation. The config-file-directory is specified
during the Configuration Directory step installation process.
• EMS_HOME/ s a m p l e s / c o n f i g / contains the more complete set of sample
configuration files. For deployment, we recommend copying files from this
directory to a production configuration directory, and modifying those copies.
When selecting a production configuration directory, we recommend using a file
system with regular backup commensurate with your need for reliability and
disaster recovery. It is essential that the EMS server have both read and write
privileges in the configuration directory.

Mechanics of Configuration

Configuration The EMS server reads configuration files only once, when the server starts. It
Files ignores subsequent changes to the configuration files. If you change a
configuration file, use the s h u t d o w n command from the EMS Administration Tool
to shutdown the server and then restart the server as described in Running the
EMS Server on page 101.

Administrative You can also change the server configuration with administrative requests, using
Requests either t i b e m s a d m i n (a command line tool), the Java or .NET administrative APIs,
or TIBCO Administrator™ (a separate TIBCO product).
When the server validates and accepts an administrative request, it writes the
change to the appropriate configuration file as well (overwriting any manual
changes to that file). This policy keeps configuration files current in case the
server restarts (for example, in a fault-tolerant situation, or after a hardware
failure).
Re-installing or updating EMS overwrites the files in the b i n / and
samples/config/ directories. Do not use these directories to configure your
deployment.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 173
|

tibemsd.conf

The main configuration file controls the characteristics of the EMS server. This file
is usually named t i b e m s d . c o n f , but you can specify another file name when
starting the server. You can find more information about starting the server in
Running the EMS Server on page 101.
An example of the t i b e m s d . c o n f file is included in the
config-file-directory/ c f m g m t / e m s / d a t a / directory, where config-file-directory is
specified during TIBCO Enterprise Message Service installation. You can edit this
configuration file with a text editor. There are a few configuration items in this file
that can be altered using the administration tool, but most configuration
parameters must be set by editing the file (that is, the server does not accept
changes to those parameters). See Chapter 6, Using the EMS Administration Tool,
on page 115 for more information about using the administration tool.
Several parameters accept boolean values. In the description of the parameter, one
specific set of values is given (for example, e n a b l e and d i s a b l e ), but all
parameters that accept booleans can have the following values:
• enable, enabled, true, yes, on

• disable, disabled, false, no, off

Parameters that take multiple elements cannot contain spaces between the
elements, unless the elements are enclosed in starting and ending double quotes.
Parameters are limited to line lengths no greater than 256,000 characters in length.
The following table summarizes the parameters in t i b e m s d . c o n f according to
category. The sections that follow provide more detail on each parameter.

Table 30 tibemsd.conf Parameters

Parameter Description See Page

Global System Parameters

allow_unsupported_tx_routed_q_con Allow transactional consumers on routed 184

sumers queues.

authorization Enable or disable server authorization. 184

compliant_queue_ack Guarantees that a message will not be 184

redelivered after a client has successfully
acknowledged its receipt from a routed
queue.

TIBCO Enterprise Message Service User’s Guide

174
| Chapter 7 Using the Configuration Files

Table 30 tibemsd.conf Parameters

Parameter Description See Page

flow_control Enable or disable flow control for 185
destinations.

listen Specifies the port on which the server is to 185

listen for connections from clients.

npsend_check_mode Specifies when the server is to provide 185

confirmation upon receiving a
N O N _ P E R S I S T E N T message from a
producer.

password Password used to authenticate with other 186

routed servers that have a u t h o r i z a t i o n
enabled.

routing Enable or disable routing functionality for 187

this server.

server Name of server. 187

startup_abort_list Specifies conditions under which the 187

server is to exit during its initialization
sequence.

user_auth Specifies the source of authentication 188

information used to authenticate users
attempting to access the EMS server.

Storage File Parameters

store Specifies the directory in which the server 189

stores data.

store_crc Specifies whether the EMS server 189

validates CRC checksum data when
reading the store files.

store_minimum Specifies the amount of disk space to 189

preallocate for EMS store files.

store_truncate Specifies whether the EMS server is to 190

periodically truncate the storage files to
relinquish unused disk space.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 175
|

Table 30 tibemsd.conf Parameters

Parameter Description See Page

Connection and Memory Parameters

destination_backlog_swapout Specifies the maximum number of 190

messages per destination that are stored in
the server before message swapping is
enabled.

max_client_msg_size Sets a maximum size for incoming 191

messages.

max_connections Specifies the maximum number of 191

simultaneous client connections to the
server.

max_msg_memory Specifies the maximum memory the server 191

can use for messages.

msg_swapping Enable or disable message swapping. 192

reserve_memory Specifies the amount of memory to reserve 192

for use in emergency situations.

msg_pool_block_size Specifies the size of the pool to be 193

msg_pool_size pre-allocated by the server to store
messages.

socket_send_buffer_size Sets the size of the send buffer used by 193

clients when connecting to the EMS server.

socket_receive_buffer_size Sets the size of the receive buffer used by 194

clients when connecting to the EMS server.

Detecting Network Connection Failure Parameters

client_heartbeat_server Specifies the interval clients are to send 194

heartbeats to the server.

server_timeout_client_connection Specifies the period of time server will 195

wait for a client heartbeat before
terminating the client connection.

server_heartbeat_server Specifies the interval this server is to send 195

heartbeats to another server.

TIBCO Enterprise Message Service User’s Guide

176
| Chapter 7 Using the Configuration Files

Table 30 tibemsd.conf Parameters

Parameter Description See Page

server_timeout_server_connection Specifies the period of time this server will 195
wait for a heartbeat from another server
before terminating the connection to that
server.

server_heartbeat_client Specifies the interval this server is to send 196

heartbeats to all of its clients.

client_timeout_server_connection Specifies the period of time a client will 196

wait for a heartbeat from the server before
terminating the connection.

Fault Tolerance Parameters

ft_active Specifies the URL of the active server. 196

ft_heartbeat Specifies the interval the active server is to 197

send a heartbeat signal to the backup
server to indicate that it is still operating.

ft_activation Specifies the maximum length of time 197

between heartbeat signals the backup
server is to wait before assuming the
active server has failed.

ft_reconnect_timeout Specifies the maximum length of time the 197

backup server is to wait for clients to
reconnect after assuming the role of
primary server in a failover situation.

ft_ssl_auth_only Specifies whether the server allows a fault 197

tolerant server to request the use of SSL
only for authentication.

ft_ssl_identity Specifies the server’s digital certificate. 198

ft_ssl_issuer Specifies the certificate chain member for 198

the server.

ft_ssl_private_key Specifies the server’s private key. 198

ft_ssl_password Specifies the password for private keys. 198

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 177
|

Table 30 tibemsd.conf Parameters

Parameter Description See Page

ft_ssl_trusted Specifies the list of trusted certificates. 199

ft_ssl_rand_egd Specifies the path for the installed entropy 199

gathering daemon (EGD).

ft_ssl_verify_host Specifies whether the fault-tolerant server 199

should verify the other server’s certificate.

ft_ssl_verify_hostname Specifies whether the fault-tolerant server 199

should verify the name in the CN field of
the other server’s certificate.

ft_ssl_expected_hostname Specifies the name the server is expected 200

to have in the CN field of the fault-tolerant
server’s certificate.

ft_ssl_ciphers Specifies the cipher suites used by the 200

server.

Message Tracking Parameters

track_message_ids Enable or disable message tracking by 200

message ID.

track_correlation_ids Enable or disable message tracking by 200

correlation ID.

Multicast Parameters

multicast Enables or disables multicast in the EMS 201

server.

multicast_channels Specifies the configuration file where 201

multicast channels are defined.

multicast_daemon_default Specifies the default port on which the 201

multicast daemon listens for connections
from EMS clients.

multicast_statistics_interval Specifies how often, in seconds, multicast 202

statistics are generated for each channel.

TIBCO Enterprise Message Service User’s Guide

178
| Chapter 7 Using the Configuration Files

Table 30 tibemsd.conf Parameters

Parameter Description See Page

TIBCO Rendezvous Parameters

tibrv_transports Enable or disable the TIBCO Rendezvous 202

transports defined in t r a n s p o r t s . c o n f
file.

tibrv_xml_import_as_string Enable or disable the translation of XML 202

fields to byte arrays when importing
messages from Rendezvous.

TIBCO SmartSockets Parameters

module_path Specify the directory containing the 203

TIBCO SmartSockets library files.

tibss_transports Enable or disable the TIBCO SmartSockets 203

transports defined in t r a n s p o r t s . c o n f
file.

tibss_config_dir Specifies the directory for SmartSockets 203

configuration and message files.

Tracing and Log File Parameters

logfile Name and location of the server log file. 204

log_trace Specifies the trace options on the file 204

defined by the l o g f i l e parameter.

logfile_max_size Specifies the maximum log file size before 204

the log file is copied to a backup and then
emptied.

console_trace Specifies the trace options for output to 205

s t d e r r.

client_trace Enable or disable client generation of trace 205

output for opening or closing a
connection, message activity, and
transaction activity.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 179
|

Table 30 tibemsd.conf Parameters

Parameter Description See Page

trace_client_host Specifies whether the trace statements 206
related to connections identify the host by
its hostname, its IP address, or both.

Statistic Gathering Parameters

server_rate_interval Specifies the interval at which overall 206

server statistics are averaged.

statistics Enables or disables statistic gathering for 206

producers, consumers, destinations, and
routes.

rate_interval Specifies the interval at which statistics for 206

routes, destinations, producers, and
consumers are averaged.

detailed_statistics Specifies which objects should have 207

detailed statistic tracking.

statistics_cleanup_interval Specifies how long the server should keep 207

detailed statistics if the destination has no
activity.

max_stat_memory Specifies the maximum amount of 207

memory to use for detailed statistic
gathering.

SSL Server Parameters

ssl_dh_size Specifies the size of the Diffie-Hellman 208

key.

ssl_server_ciphers Specifies the cipher suites used by the 208

server.

ssl_require_client_cert Specifies if the server is to only accept SSL 208

connections from clients that have digital
certificates.

ssl_use_cert_username Specifies if a client’s user name is to 208

always be extracted from the CN field of
the client’s digital certificate.

TIBCO Enterprise Message Service User’s Guide

180
| Chapter 7 Using the Configuration Files

Table 30 tibemsd.conf Parameters

Parameter Description See Page

ssl_cert_user_specname Specifies a special username to identify 209
which clients are to have their usernames
taken from their digital certificates.

ssl_server_identity Specifies the server’s digital certificate. 209

ssl_server_key Specifies the server’s private key. 210

ssl_password Specifies the password for private keys. 210

ssl_server_issuer Specifies the certificate chain member for 210

the server.

ssl_server_trusted Specifies the list of CA root certificates the 211

server trusts as issuers of client certificates.

ssl_rand_egd Specifies the path for the installed entropy 211

gathering daemon (EGD).

ssl_crl_path Specifies the pathname to the certificate 211

revocation list (CRL) files.

ssl_crl_update_interval Specifies the interval at which the server is 211

to update its CRLs.

ssl_auth_only Specifies whether the server allows clients 211

to request the use of SSL only for
authentication.

fips140-2 Enables the server for FIPS compliance. 212

LDAP Parameters

ldap_url Specifies the URL of the external directory 212

server.

ldap_principal Specifies the distinguished name (DN) of 212

the LDAP administrator.

ldap_credential Specifies the password associated with the 212

user defined in the l d a p _ p r i n c i p a l
property.

ldap_cache_enabled Enables or disables caching of LDAP data. 213

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 181
|

Table 30 tibemsd.conf Parameters

Parameter Description See Page

ldap_cache_ttl Specifies the maximum time that cached 213
LDAP data is retained before it is
refreshed.

ldap_conn_type Specifies the type of connection that the 213

server uses to get LDAP information.

ldap_tls_cacert_file Specifies the file that contains the CA 213

certificate the EMS server trusts to sign the
LDAP server’s certificate.

ldap_tls_cacert_dir When there are two or more CA 213

certificates in the verify chain, use this
parameter to specify the directory
containing the CA certificates.

ldap_tls_cipher_suite Specifies the cipher suite to use for 214

encryption on secure LDAP connections.

ldap_tls_rand_file Specifies the file containing random data 214

for encryption.

ldap_tls_cert_file Specifies the file containing the certificate 214

that identifies the EMS server to the LDAP
server.

ldap_tls_key_file Specifies the file containing the private 214

key required by the LDAP server to
authenticate the client.

ldap_user_class Specifies the name of the LDAP object 215

class that stores users.

ldap_user_attribute Specifies the name of the attribute on the 215

user object class that holds the name of the
user.

ldap_user_base_dn Specifies the base distinguished name 215

(DN) of the LDAP tree that contains the
users.

ldap_user_scope Specifies how deeply under the base DN 215

to search for users.

TIBCO Enterprise Message Service User’s Guide

182
| Chapter 7 Using the Configuration Files

Table 30 tibemsd.conf Parameters

Parameter Description See Page

ldap_user_filter Specifies the LDAP search filter for finding 215
a given user name.

ldap_all_users_filter Specifies the LDAP search filter for finding 216

all users beneath the user base DN.

ldap_group_base_dn Specifies the base distinguished name 216

(DN) of the LDAP tree that contains
groups.

ldap_group_scope Specifies how deeply under the base DN 216

to search for groups.

ldap_group_filter Specifies the LDAP search filter for finding 216

a group with a given group name.

ldap_all_groups_filter Specifies the LDAP search filter for finding 217

all groups beneath the group base DN.

ldap_static_group_class Specifies the name of the LDAP object 217

class that stores static groups.

ldap_static_group_attribute Specifies the name of the attribute on the 217

static group object class that holds the
name of the group.

ldap_static_member_attribute Specifies the attribute of an LDAP static 217

group object that specifies the
distinguished names (DNs) of the
members of the group.

ldap_dynamic_group_class Specifies the name of the LDAP object 217

class that stores dynamic groups.

ldap_dynamic_group_attribute Specifies the name of the attribute on the 218

dynamic group object class that holds the
name of the group.

ldap_dynamic_member_url_attribute Specifies the attribute of the dynamic 218

LDAP group object that specifies the URLs
of the members of the dynamic group.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 183
|

Table 30 tibemsd.conf Parameters

Parameter Description See Page

Extensible Security Parameters

jaas_classpath Includes the JAR files and dependent 218

classes used by the JAAS LoginModule.

jaas_config_file Specifies the location of the JAAS 218

configuration file used to run a custom
authentication LoginModule.

jaas_login_timeout Specifies the length of time, in 219

milliseconds, that the server waits for the
JAAS authentication module to execute
and respond.

jaci_classpath Includes the JAR files and dependent 219

classes used by the JACI custom
permissions module.

jaci_class Specifies the name of the class that 219

implements the extensible permissions
interface.

jaci_timeout Specifies the length of time, in 220

milliseconds, that the server waits for the
JACI permissions module to execute and
respond.

JVM Parameters

jre_library Enables the JVM in the EMS server. 220

jre_option Passes command line options to the JVM 220

at start-up.

TIBCO Enterprise Message Service User’s Guide

184
| Chapter 7 Using the Configuration Files

Global System Parameters

allow_unsupported_tx_routed_q_consumers
allow_unsupported_tx_routed_q_consumers = enabled | disabled

Enable or disable transactional consumers on routed queues. By default,

transactional consumers are not allowed.
TIBCO Enterprise Message Service does not support consuming messages
transactionally from a routed queue. However, previous versions of EMS did not
prevent applications from doing so. Starting in EMS 6.0, message consumption
from a routed queue is rejected. If you have existing applications which depend
on this behavior, you may use this parameter.

This parameter may be removed in future releases without notice. Applications

that depend on this behavior should be restructured.

authorization
authorization = enabled | disabled

Enable or disable server authorization.

Authorization is disabled by default. If you require that the server verify user
credentials and permissions on secure destinations, you must enable this
parameter.
See Enabling Access Control on page 257 for more information.
For example:
authorization = enabled

See Chapter 8, Authentication and Permissions, on page 247 for more information
about these parameters.

compliant_queue_ack
compliant_queue_ack = enable | disable

Guarantees that, once a client successfully acknowledges a message received from

a routed queue, the message will not be redelivered. This is accomplished by the
EMS server waiting until the message has been successfully acknowledged by the
queue’s home EMS server before sending the response to the client.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 185
|

The c o m p l i a n t _ q u e u e _ a c k parameter is enabled by default. Because of the extra

overhead incurred with compliant queue acknowledgments, you can disable this
feature when performance is an issue. If compliant queue acknowledgement is
disabled and a message is redelivered, the message’s J M S R e d e l i v e r e d indicator
will be set.

flow_control
flow_control = enable | disable

Specifies whether flow control for destinations is enabled or disabled.

By default, flow control is disabled. When flow control is enabled, the
f l o w C o n t r o l property on each destination specifies the target maximum storage
for pending messages on the destination.
See Flow Control on page 84 for more information about flow control.

listen
l i s t e n = protocol://servername:port

Specifies the port on which the server is to listen for connections from clients.
For example:
listen=tcp://localhost:7222

If you are enabling SSL, for example:

listen=ssl://localhost:7222

You can use multiple l i s t e n entries if you have computers with multiple
interfaces. For example:
listen=tcp://localhost:7222
listen=tcp://localhost:7224

If the hostname is not present then the default host and interface will be used. For
example:
listen=tcp://7222
listen=ssl://7243

npsend_check_mode
npsend_check_mode = [always | never | temp_dest | auth | temp_auth]

Specifies when the server is to provide confirmation upon receiving a

N O N _ P E R S I S T E N T message from a producer.

The n p s e n d _ c h e c k _ m o d e parameter applies only to producers sending messages

using N O N _ P E R S I S T E N T delivery mode and non-transactional sessions.

TIBCO Enterprise Message Service User’s Guide

186
| Chapter 7 Using the Configuration Files

Message confirmation has a great deal of impact on performance and should only
be enabled when necessary. The circumstances in which a producer might want
the server to send confirmation a N O N _ P E R S I S T E N T message are:
• When a u t h o r i z a t i o n is enabled, so the producer can take action if
permission to send the message is denied by the server.
• When sending to a temporary destination, so the producer can take action if
the message is sent to a temporary destination that has been destroyed.
• The message exceeded queue/topic limit (requires r e j e c t I n c o m i n g policy
for topics).
• Bridging of the message has failed.
• The server is out of memory or has encountered some other severe error.
The possible n p s e n d _ c h e c k _ m o d e parameter modes are:
• d e f a u l t (no mode specified) - same behavior as in EMS 4.3 and prior. This
means the server only provides confirmation of a N O N _ P E R S I S T E N T message if
a u t h o r i z a t i o n is enabled.

• always- the server always provides confirmation of a N O N _ P E R S I S T E N T

message.
• never - the server never provides confirmation of N O N _ P E R S I S T E N T messages.
• t e m p _ d e s t - the server provides confirmation of a N O N _ P E R S I S T E N T message
only when sending to a temporary destination.
• auth - the server provides confirmation of a N O N _ P E R S I S T E N T message only if
authorization was enabled when the connection was created.
• t e m p _ a u t h - the server provides confirmation of a N O N _ P E R S I S T E N T message
if sending to a temporary destination or if a u t h o r i z a t i o n was enabled when
the connection was created.

password
password = password
Password used to log in to other routed servers that have a u t h o r i z a t i o n
enabled.
See Routing and Authorization on page 507 for details.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 187
|

routing
routing = enabled | disable

Enables or disables routing functionality for this server.

For example:
routing = enabled

See Chapter 20, Working With Routes, on page 485 for more information about
routing.

server
server = serverName
Name of server.
Server names are limited to at most 64 characters.

startup_abort_list
startup_abort_list=[SSL,TRANSPORTS,CONFIG_FILES,CONFIG_ERRORS,
DB_FILES,MULTICAST]

Specifies conditions that cause the server to exit during its initialization sequence.
You may specify any subset of the conditions in a comma-separated list. The list
cannot contain spaces between the elements, unless the elements are enclosed in
starting and ending double quotes. If a space is included but not enclosed in
quotation marks, the server ignores any conditions following the space.
Conditions that do not appear in the list are ignored by the server. The default is
an empty list.
The conditions are:
• S S L —If SSL initialization fails, then it exits.
• T R A N S P O R T S —If any of the transports cannot be created as specified in the
configuration files, then it exits.
• C O N F I G _ F I L E S —If any configuration file listed in t i b e m s d . c o n f does not
exist, then it exits.
• C O N F I G _ E R R O R S —If the server detects any errors while reading the config
files, then it exits.
• D B _ F I L E S —If the server cannot find one or more of its stores, then it exits.
Stores include the default store files as well as any file or database stores
configured in the s t o r e s . c o n f configuration file.

TIBCO Enterprise Message Service User’s Guide

188
| Chapter 7 Using the Configuration Files

Note that if D B _ F I L E S is not included in the s t a r t u p _ a b o r t _ l i s t and the

server cannot find a store, the server will create the missing file or database.
For best results, do not include D B _ F I L E S the first time a server is started,
allowing it to create the files. After after initial startup or a major store
configuration change (such as the addition of a new store), include D B _ F I L E S
in the list so that on restart the server will only start if all the configured files
are present.
• M U L T I C A S T —If the server detects that it cannot send multicast messages, then
it exits.
Note that if M U L T I C A S T is not in the s t a r t u p _ a b o r t _ l i s t and multicast
initialization fails, applications creating consumers on multicast-enabled
topics will receive messages over TCP. This is important to consider if your
network cannot handle the bandwidth allocated for multicast when it is sent
over a TCP connection.

user_auth
user_auth = [local, ldap, jaas]

Specifies the source of user authentication information.

This parameter can have one or more of the following values (separated by
comma characters):
• l o c a l —obtain user authentication information from the local EMS server
user configuration.
• l d a p —obtain user authentication information from an LDAP directory server
(see the LDAP-specific configuration parameters).
• j a a s —obtain user authentication information from a custom authentication
module (see Extensible Authentication on page 274).
Each time a user attempts to authenticate, the server seeks corresponding
authentication information from each of the specified locations in the order that
this parameter specifies. The EMS server accepts successful authentication using
any of the specified sources.

The u s e r _ a u t h setting does not affect authentication of the default administrator.

The server always authenticates the a d m i n user from the local configuration file.
See Assign a Password to the Administrator on page 118 for more information.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 189
|

Storage File Parameters

The parameters described here configure file-based stores. For information about
database stores, see Chapter 10, Using Database Stores.

store
store = directory
Directory in which the server stores data files.
For example:
store = /usr/tmp

store_crc
store_crc = enable | disable

Specifies whether the EMS server validates CRC checksum data when reading the
store files.

This parameter is not compatible with the use of multiple store files. If you have
configured the s t o r e s . c o n f file, or enabled database stores, then including the
s t o r e _ c r c parameter will cause a mixed mode error. See Store Messages in
Multiple Stores on page 29 for more information.
This parameter is deprecated in Software Release 5.0. Prepare to migrate to a
multiple stores configuration, where the same functionality can be achieved
through store definitions in the s t o r e s . c o n f file.

store_minimum
s t o r e _ m i n i m u m = size [ K B | M B | G B ]
s t o r e _ m i n i m u m _ s y n c = size [ K B | M B | G B ]
s t o r e _ m i n i m u m _ a s y n c = size [ K B | M B | G B ]

This set of parameters preallocates disk space for EMS store files. Preallocation
occurs when the server first creates a store file.
You can specify units of K B , M B , or G B .
Zero is a special value, which specifies no minimum preallocation. Otherwise, the
value you specify must be greater than or equal to 8 M B .
If s t o r e _ m i n i m u m _ s y n c or s t o r e _ m i n i m u m _ a s y n c are absent, they default to
store_minimum.

If s t o r e _ t r u n c a t e is e n a b l e d , these parameters limit truncation to minimum

values.

TIBCO Enterprise Message Service User’s Guide

190
| Chapter 7 Using the Configuration Files

For example:
store_minimum_sync = 32MB

This parameter is not compatible with the use of multiple store files. If you have
configured the s t o r e s . c o n f file, or enabled database stores, then including the
s t o r e _ m i n i m u m parameter will cause a mixed mode error. See Store Messages in
Multiple Stores on page 29 for more information.
This parameter is deprecated in Software Release 5.0. Prepare to migrate to a
multiple stores configuration, where the same functionality can be achieved
through store definitions in the s t o r e s . c o n f file.

store_truncate
store_truncate = enable | disable

Specifies whether the EMS server occasionally attempts to truncate the storage
files, relinquishing unused disk space.
When e n a b l e d , the storage files may be truncated, but not below the size
specified in the s t o r e _ m i n i m u m parameters.

This parameter is not compatible with the use of multiple store files. If you have
configured the s t o r e s . c o n f file, or enabled database stores, then including the
s t o r e _ t r u n c a t e parameter will cause a mixed mode error. See Store Messages in
Multiple Stores on page 29 for more information.
This parameter is deprecated in Software Release 5.0. Prepare to migrate to a
multiple stores configuration, where the same functionality can be achieved
through store definitions in the s t o r e s . c o n f file.

Connection and Memory Parameters

destination_backlog_swapout
destination_backlog_swapout = number
Specifies the number of messages that may be stored in the server's memory
before message swapping is enabled. The limit given is for each destination. For
example, if the limit is 10,000 and you have three queues, the server can store up
to 30,000 unswapped messages in memory.
The specified number may be any positive value. When
d e s t i n a t i o n _ b a c k l o g _ s w a p o u t is 0 , the server attempts to immediately swap
out the message.
By default, the limit for each destination is 1 0 2 4 messages.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 191
|

max_client_msg_size
max_client_msg_size = size [ K B | M B | G B ]
Maximum size allowed for an incoming message.
This parameter setting instructs the server to reject incoming messages that are
larger than the specified size limit.
When omitted or zero, the EMS server accepts and attempts to process messages
of any size.

max_connections
max_connections = number
Maximum number of simultaneous client connections.
Set to 0 to allow unlimited simultaneous connections.

max_msg_memory
max_msg_memory = size [ K B | M B | G B ]
Maximum memory the server can use for messages.
This parameter lets you limit the memory that the server uses for messages, so
server memory usage cannot grow beyond the system’s memory capacity.
When m s g _ s w a p p i n g is enabled, and messages overflow this limit, the server
begins to swap messages from process memory to disk. Swapping allows the
server to free process memory for incoming messages, and to process message
volume in excess of this limit.
When the server swaps a message to disk, a small record of the swapped message
remains in memory. If all messages are swapped out to disk, and their remains
still exceed this memory limit, then the server has no room for new incoming
messages. The server stops accepting new messages, and send calls in message
producers result in an error. (This situation probably indicates either a very low
value for this parameter, or a very high message volume.)
Specify units as K B , M B or G B . The minimum value is 8 MB. The default value of 0
(zero) indicates no limit.
For example:
max_msg_memory = 512MB

TIBCO Enterprise Message Service User’s Guide

192
| Chapter 7 Using the Configuration Files

msg_swapping
msg_swapping = enable | disable

This parameter enables and disables the message swapping feature (described
above for m a x _ m s g _ m e m o r y ).
The default value is e n a b l e d , unless you explicitly set it to d i s a b l e d .

reserve_memory
reserve_memory = size
When r e s e r v e _ m e m o r y is non-zero, the daemon allocates a block of memory for
use in emergency situations to prevent the EMS server from being unstable in low
memory situations. When the daemon process exhausts memory resources, it
disables clients and routes from producing new messages, and frees this block of
memory to allow consumers to continue operation (which tends to free memory).
The EMS server attempts to reallocate its reserve memory once the number of
pending messages in the server has dropped to 10% of the number of pending
messages that were in the server when it experienced the allocation error. If the
server successfully reallocates memory, it begins accepting new messages.
The r e s e r v e _ m e m o r y parameter only triggers when the EMS server has run out
of memory and therefore is a reactive mechanism. The appropriate administrative
action when an EMS server has triggered release of reserve memory is to drain the
majority of the messages by consuming them and then to stop and restart the
EMS server. This allows the operating system to reclaim all the virtual memory
resources that have been consumed by the EMS server. A trace option, M E M O R Y , is
also available to help show what the server is doing during the period when it is
not accepting messages.
Specify size in units of MB. When non-zero, the minimum block is 16MB. When
absent, the default is zero.

There are a variety of limits that the user can set to prevent the EMS server from
storing excessive messages, which can lead to situations where the EMS server
runs out of memory. These include global parameters, such as m a x _ m s g _ m e m o r y ,
as well as destination properties such as m a x b y t e s . These limits should be used to
prevent the r e s e r v e _ m e m o r y mechanism from triggering.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 193
|

msg_pool_block_size
msg_pool_size
msg_pool_block_size size
m s g _ p o o l _ s i z e size

Consult with your TIBCO support representative before using either of these
commands.

To lessen the overhead costs associated with m a l l o c and f r e e , the server

pre-allocates pools of storage for messages. These parameters determine the
behavior of these pools. Performance varies depending on operating system
platform and usage patterns.
The size argument determines the approximate number of internal message
structs that a block or pool can accommodate (not the number of bytes).
msg_pool_block_size instructs the server to allocate an expandable pool. Each
time the server exhausts the pool, the server increases the pool by this size, as
long as additional storage is available. The value may be in the range 3 2 to 6 4 K .
m s g _ p o o l _ s i z e instructs the server to allocate a fixed pool. After the server
exhausts this pool, the server calls m a l l o c each time it requires additional storage.
The value may be in the range 1 6 K to 1 0 2 4 M .
When neither parameter is present, the default is m s g _ p o o l _ b l o c k _ s i z e 1 2 8 (an
expandable pool). These two parameters represent two different and mutually
exclusive modes for allocating storage pools. You may specify at most one of these
two parameters; it is illegal to set both parameters explicitly.

socket_send_buffer_size
socket_send_buffer_size = size
Sets the size (in kilobytes) of the send buffer used by clients when connecting to
the EMS server.
The specified size may be:
• any number greater than 5 1 2
• 0 to use the default buffer size
• -1 to skip the call for the specified buffer
When omitted or zero, the default buffer size is used.

On Linux platforms, omitting the parameter or specifying zero causes the EMS
server to skip the value. In this case, Linux auto-tuning controls buffering.

TIBCO Enterprise Message Service User’s Guide

194
| Chapter 7 Using the Configuration Files

socket_receive_buffer_size
socket_receive_buffer_size = size
Sets the size (in kilobytes) of the receive buffer used by clients when connecting to
the EMS server.
The specified size may be:
• any number greater than 5 1 2
• 0 to use the default buffer size
• -1 to skip the call for the specified buffer
When omitted or zero, the default buffer size is used.

On Linux platforms, omitting the parameter or specifying zero causes the EMS
server to skip the value. In this case, Linux auto-tuning controls buffering.

Detecting Network Connection Failure Parameters

This feature lets servers and clients detect network connection failures quickly.
When these parameters are absent, or this feature is disabled, t i b e m s d closes a
connection only upon the operating system notification.

client_heartbeat_server
client_heartbeat_server interval
In a server-to-client connection, clients send heartbeats to the server at this
interval (in seconds).
The client_heartbeat_server parameter must be specified when a
s e r v e r _ t i m e o u t _ c l i e n t _ c o n n e c t i o n is set. The c l i e n t _ h e a r t b e a t _ s e r v e r
interval should be no greater than one third of the
s e r v e r _ t i m e o u t _ c l i e n t _ c o n n e c t i o n limit.

This setting also ensures that garbage collection occurs on the connection.
Collection is triggered by incoming messages and heartbeats. If the size of
messages can vary widely or there is not a steady stream of message traffic, can
use this parameter to ensure that collection occurs.
When omitted or zero, c l i e n t _ h e a r t b e a t _ s e r v e r is disabled.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 195
|

server_timeout_client_connection
server_timeout_client_connection limit
In a server-to-client connection, if the server does not receive a heartbeat for a
period exceeding this limit (in seconds), it closes the connection.
We recommend setting this value to approximately 3 times the heartbeat interval,
as it is specified in c l i e n t _ h e a r t b e a t _ s e r v e r.

If you do not set the c l i e n t _ h e a r t b e a t _ s e r v e r parameter when a

s e r v e r _ t i m e o u t _ c l i e n t _ c o n n e c t i o n is specified, a configuration error is
generated during startup. If C O N F I G _ E R R O R S is part of the s t a r t u p _ a b o r t _ l i s t ,
the server will not start. If not, the error is printed but the server starts, and clients
will be disconnected after s e r v e r _ t i m e o u t _ c l i e n t _ c o n n e c t i o n seconds.

Zero is a special value, which disables heartbeat detection in the server (although
clients still send heartbeats).

server_heartbeat_server
server_heartbeat_server interval
In a server-to-server connection, this server sends heartbeats at this interval (in
seconds).
The two servers can be connected either by a route, or as a fault-tolerant pair.

server_timeout_server_connection
server_timeout_server_connection limit
In a server-to-server connection, if this server does not receive a heartbeat for a
period exceeding this limit (in seconds), it closes the connection. This parameter
applies to connections from other routes and to the backup server connection.
We recommend setting this value to approximately 3.5 times the heartbeat
interval of the other server. When the other server or the network are heavily
loaded, or when client programs send very large messages, we recommend a
larger multiple.

In a fault-tolerant configuration, the s e r v e r _ t i m e o u t _ s e r v e r _ c o n n e c t i o n

parameter has no effect on the backup server following a switchover. The backup
server activates only after the timeout set by the f t _ a c t i v a t i o n parameter.

TIBCO Enterprise Message Service User’s Guide

196
| Chapter 7 Using the Configuration Files

server_heartbeat_client
server_heartbeat_client interval
In a server-to-client connection, the server sends heartbeats to all clients at this
interval (in seconds).
When omitted or zero, the default is 5 seconds.

This parameter is new in release 4.4; it is disabled when either entity is from an
earlier release.

client_timeout_server_connection
client_timeout_server_connection limit
In a server-to-client connection, if a client does not receive a heartbeat for a period
exceeding this limit (in seconds), it closes the connection.
We recommend setting this value to approximately 3.5 times the heartbeat
interval.
Zero is a special value, which disables heartbeat detection in the client (although
the server still sends heartbeats).

This parameter is new in release 4.4; it is disabled when either entity is from an
earlier release.

Fault Tolerance Parameters

See Chapter 19, Fault Tolerance, on page 461 for more information about these
parameters.
The fault tolerance parameters that begin with the prefix f t _ s s l are used to
secure communications between pairs of fault tolerant servers. See SSL on
page 476 for additional information about this process.

ft_active
ft_active = URL
Specifies the URL of the active server. If this server can connect to the active
server, it will act as a backup server. If this server cannot connect to the active
server, it will become the active server.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 197
|

ft_heartbeat
ft_heartbeat = seconds
Specifies the interval (in seconds) the active server is to send a heartbeat signal to
the backup server to indicate that it is still operating. Default is 3 seconds.

ft_activation
ft_activation = seconds
Activation interval (maximum length of time between heartbeat signals) which
indicates that active server has failed. Set in seconds: default is 10. This interval
should be set to at least twice the heartbeat interval.
For example:
ft_activation = 60

The f t _ a c t i v a t i o n parameter is only used by the backup server after a

fault-tolerant switchover. The active server uses the
s e r v e r _ t i m e o u t _ s e r v e r _ c o n n e c t i o n to detect a failed server.

ft_reconnect_timeout
ft_reconnect_timeout = seconds
The amount of time (in seconds) that a backup server waits for clients to reconnect
(after it assumes the role of primary server in a failover situation). If a client does
not reconnect within this time period, the server removes its state from the shared
state files. The f t _ r e c o n n e c t _ t i m e o u t time starts once the server has fully
recovered the shared state, so this value does not account for the time it takes to
recover the store files.
The default value of this parameter is 60.

ft_ssl_auth_only
ft_ssl_auth_only = enable | disable

When e n a b l e d , the server allows a fault tolerant server to request the use of SSL
only for authentication (to protect user passwords). For an overview of this
feature, see SSL Authentication Only on page 458.
When d i s a b l e d , the server ignores requests for this feature. When absent, the
default value is d i s a b l e d .

TIBCO Enterprise Message Service User’s Guide

198
| Chapter 7 Using the Configuration Files

ft_ssl_identity
ft_ssl_identity = pathname
The path to a file that contains the certificate in one of the supported formats. The
supported formats are PEM, DER, or PKCS#12.
See File Names for Certificates and Keys on page 445 for more information on file
types for digital certificates.

ft_ssl_issuer
ft_ssl_issuer = chain_member
Certificate chain member for the server. Supply the entire chain, including the CA
root certificate. The server reads the certificates in the chain in the order they are
presented in this parameter.
The certificates must be in PEM, DER, PKCS#7, or PKCS#12 format.
See File Names for Certificates and Keys on page 445 for more information on file
types for digital certificates.

ft_ssl_private_key
ft_ssl_private_key = key
The server’s private key. If it is included in the digital certificate in
f t _ s s l _ i d e n t i t y, then this parameter is not needed.

This parameter supports private keys in the following formats: PEM, DER,
PKCS#12.
You can specify the actual key in this parameter, or you can specify a path to a file
that contains the key. See File Names for Certificates and Keys on page 445 for
more information on file types for digital certificates.

ft_ssl_password
ft_ssl_password = password
Private key or password for private keys.
You can set passwords by way of the t i b e m s a d m i n tool. When passwords are set
with this tool, the password is obfuscated in the configuration file. See Chapter 6,
Using the EMS Administration Tool, on page 115 for more information about
using t i b e m s a d m i n to set passwords.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 199
|

ft_ssl_trusted
ft_ssl_trusted = trusted_certificates
List of trusted certificates. This sets which Certificate Authority certificates should
be trusted as issuers of the client certificates.
The certificates must be in PEM, DER, or PKCS#7 format. You can either provide
the actual certificates, or you can specify a path to a file containing the certificate
chain.
See File Names for Certificates and Keys on page 445 for more information on file
types for digital certificates.

ft_ssl_rand_egd
ft_ssl_rand_egd = pathname
The path for the installed entropy gathering daemon (EGD), if one is installed.
This daemon is used to generate random numbers for the EMS server.

ft_ssl_verify_host
ft_ssl_verify_host = enabled | disabled

Specifies whether the fault-tolerant server should verify the other server’s
certificate. The values for this parameter are e n a b l e d or d i s a b l e d . By default,
this parameter is enabled, signifying the server should verify the other server’s
certificate.
When this parameter is set to d i s a b l e d , the server establishes secure
communication with the other fault-tolerant server, but does not verify the
server’s identity.

ft_ssl_verify_hostname
ft_ssl_verify_hostname = enabled | disabled

Specifies whether the fault-tolerant server should verify the name in the CN field
of the other server’s certificate. The values for this parameter are e n a b l e d and
d i s a b l e d . By default, this parameter is enabled, signifying the fault-tolerant
server should verify the name of the connected host or the name specified in the
f t _ s s l _ e x p e c t e d _ h o s t n a m e parameter against the value in the server’s
certificate. If the names do not match, the connection is rejected.
When this parameter is set to d i s a b l e d , the fault-tolerant server establishes
secure communication with the other server, but does not verify the server’s
name.

TIBCO Enterprise Message Service User’s Guide

200
| Chapter 7 Using the Configuration Files

ft_ssl_expected_hostname
ft_ssl_expected_hostname = serverName
Specifies the name the server is expected to have in the CN field of the
fault-tolerant server’s certificate. If this parameter is not set, the expected name is
the hostname of the server.
This parameter is used when the f t _ s s l _ v e r i f y _ h o s t n a m e parameter is set to
enabled.

ft_ssl_ciphers
ft_ssl_ciphers = cipherSuite
Specifies the cipher suites used by the server; each suite in the list is separated by
a colon (:). This parameter can use the OpenSSL name for cipher suites or the
longer, more descriptive names.
See Specifying Cipher Suites on page 452 for more information about the cipher
suites available in EMS and the OpenSSL names and longer names for the cipher
suites.

Message Tracking Parameters

track_message_ids
track_message_ids = enabled | disabled

Tracks messages by message ID. Default is disabled.

Enabling this parameter allows you to display messages using the s h o w message
messageID command in the administration tool.

track_correlation_ids
track_correlation_ids = enabled | disabled

Tracks messages by correlation ID. Disabled by default.

Enabling this parameter allows you to display messages using the s h o w
m e s s a g e s correlationID command in the administration tool.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 201
|

Multicast Parameters
See Chapter 13, Using Multicast, on page 345, for more information about
multicast.

multicast
multicast = enabled | disabled

Enables or disables multicast in the EMS server. For example:

multicast = enabled

By default this feature is disabled.

multicast_channels
multicast_channels = file
Specifies the configuration file where multicast channels are defined.
For example:
multicast_channels = mychannels.conf

When this parameter is not included, the EMS server looks for channel definitions
in the c h a n n e l s . c o n f file.

multicast_daemon_default
multicast_daemon_default = tcp-port
Specifies the TCP port on which the EMS client will attempt to connect to the
multicast daemon. For example:
multicast_daemon_default = 9999

This parameter determines the TCP port that EMS clients use to connect to the
multicast daemon, and is provided in the server to centrally configure all clients.
It determines the behavior of the EMS client but does not affect the multicast
daemon. The multicast daemon must listen for the client on the same port that the
client uses to connect. If the multicast daemon is not listening on the same port
that is specified by m u l t i c a s t _ d a e m o n _ d e f a u l t , the client will be unable to
connect to the daemon and an error will occur.
To change the TCP port that the multicast daemon listens on, use the - l i s t e n
command line argument in the daemon. See Command Line Options on page 352
for more information.
When this parameter is not included, the default port is 7 4 4 4 .

TIBCO Enterprise Message Service User’s Guide

202
| Chapter 7 Using the Configuration Files

multicast_statistics_interval
multicast_statistics_interval = seconds
Specifies how often, in seconds, multicast statistics are published to the
monitoring topic $ s y s . m o n i t o r . m u l t i c a s t . s t a t s for each channel. Intervals of
less than 5 seconds are not supported.
For example:
multicast_statistics_interval = 90

To disable multicast statistics, set the m u l t i c a s t _ s t a t i s t i c s _ i n t e r v a l to 0

(zero).
When this parameter is not included, the default value is 0 (disabled).

TIBCO Rendezvous Parameters

See also, Chapter 15, Working With TIBCO Rendezvous, on page 377.

tibrv_transports
tibrv_transports = enabled | disabled

Specifies whether TIBCO Rendezvous transports defined in t r a n s p o r t s . c o n f

are enabled or disabled.
Unless you explicitly set this parameter to e n a b l e d , the default value is
d i s a b l e d —that is, all transports are disabled and will neither send messages to
external systems nor receive message from them.

tibrv_xml_import_as_string
tibrv_xml_import_as_string = enabled | disabled

When importing messages from Rendezvous, t i b e m s d translates XML fields to

byte arrays. Releases earlier than 4.0 erroneously translated them to strings. If
your client programs process XML as strings, then enable this parameter to revert
to the earlier behavior (strings).
When absent, the default value is d i s a b l e d (byte arrays).
(When importing from SmartSockets, XML fields translate to strings. This
behavior is correct for SmartSockets, even though it differs from the correct
behavior for Rendezvous.)

This parameter is deprecated in Software Release 5.0. Prepare to migrate to the

correct behavior.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 203
|

TIBCO SmartSockets Parameters

See also, Chapter 16, Working With TIBCO SmartSockets, on page 401.

module_path
module_path = SmartSockets-shared-library-directory
where SmartSockets-shared-library-directory is the absolute path to the directory
containing the SmartSockets library files. For example:
module_path = c:\tibco\ss\bin\i86_w32

Please see the SmartSockets documentation to locate the directory where the
appropriate shared libraries are installed.

tibss_transports
tibss_transports = enabled | disabled

Specifies whether TIBCO SmartSockets transports defined in t r a n s p o r t s . c o n f

are enabled or disabled.
Unless you explicitly set this parameter to e n a b l e d , the default value is
d i s a b l e d —that
is, all transports are disabled and will neither send messages to
external systems nor receive message from them.

tibss_config_dir
tibss_config_dir = pathname
Specifies the directory for SmartSockets configuration files and message files:
• tal_ss.cat is a required file of messages. If it is missing, t i b e m s d outputs a
warning message.
• tibems_ss.cm is an optional file of SmartSockets RTclient configuration
options.
When this parameter is absent, t i b e m s d searches for these files in its current
working directory.
For more information about these files, see TIBCO SmartSockets User’s Guide.

TIBCO Enterprise Message Service User’s Guide

204
| Chapter 7 Using the Configuration Files

Tracing and Log File Parameters

See Chapter 17, Monitoring Server Activity, on page 421 for more information
about these parameters.

logfile
logfile = pathname
Name and location of the server log file.

log_trace
log_trace = traceOptions
Sets the trace preference on the file defined by the l o g f i l e parameter. If l o g f i l e
is not set, the values have no effect.
The value of this parameter is a comma-separated list of trace options. For a list of
trace options and their meanings, see Table 63, Server Tracing Options, on
page 424.
You may specify trace options in three forms:
• plain A trace option without a prefix character replaces any existing trace
options.
• + A trace option preceded by + adds the option to the current set of trace
options.
• - A trace option preceded by - removes the option from the current set of
trace options.
The following example sets the trace log to only show messages about access
control violations.
log_trace=ACL

The next example sets the trace log to show all default trace messages, in addition
to SSL messages, but ADMIN messages are not shown.
log_trace=DEFAULT,-ADMIN,+SSL

logfile_max_size
logfile_max_size = size [ K B | M B | G B ]
Specifies the recommended maximum log file size before the log file is rotated. Set
to 0 to specify no limit. Use KB, MB, or GB for units (if no units are specified, the
file size is assumed to be in bytes).
The server periodically checks the size of the current log file. If it is greater than
the specified size, the file is copied to a backup and then emptied. The server then

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 205
|

begins writing to the empty log file until it reaches the specified size again.
Backup log files are named sequentially and stored in the same directory as the
current log.

console_trace
console_trace = traceOptions
Sets trace options for output to s t d e r r. The possible values are the same as for
l o g _ t r a c e . However, console tracing is independent of log file tracing.

If l o g f i l e is defined, you can stop console output by specifying:

console_trace=-DEFAULT

Note that important error messages (and some other messages) are always
output, overriding the trace settings.
This example sends a trace message to the console when a TIBCO Rendezvous
advisory message arrives.
console_trace=RVADV

client_trace
c l i e n t _ t r a c e = { e n a b l e d | d i s a b l e d } [ t a r g e t = location]
[ u s e r | c o n n i d | c l i e n t i d = value]

Administrators can trace a connection or group of connections. When this

property is e n a b l e d , the server instructs each client to generate trace output for
opening or closing a connection, message activity, and transaction activity. This
type of tracing does not require restarting the client program.
Each client sends trace output to location, which may be either s t d e r r (the default)
or s t d o u t .

You can also direct client tracing output to a file, using the
t i b e m s _ S e t T r a c e F i l e , T i b j m s . s e t T r a c e F i l e and T i b e m s . S e t T r a c e F i l e in
the C, Java and .NET libraries, respectively.

The default behavior is to trace all connections. You can specify either u s e r,
connid or c l i e n t i d to selectively trace specific connections. The value can be a
user name or ID (as appropriate).
Setting this parameter using the administration tool does not change its value in
the configuration file t i b e m s d . c o n f ; that is, the value does not persist across
server restarts unless you set it in the configuration file.

TIBCO Enterprise Message Service User’s Guide

206
| Chapter 7 Using the Configuration Files

trace_client_host
trace_client_host = [hostname|address|both|both_with_port]

Trace statements related to connections can identify the host by its hostname, its
IP address, or both. When absent, the default is h o s t n a m e . The b o t h _ w i t h _ p o r t
option displays the ephemeral port used on the host as well as the IP address and
hostname.

Statistic Gathering Parameters

See Chapter 17, Monitoring Server Activity, on page 421 for more information
about these parameters.

server_rate_interval
server_rate_interval = seconds
Sets the interval (in seconds) over which overall server statistics are averaged.
This parameter can be set to any positive integer greater than zero.
Overall server statistics are always gathered, so this parameter cannot be set to
zero. By default, this parameter is set to 1.
Setting this parameter allows you to average message rates and message size over
the specified interval.

statistics
statistics = enabled | disabled

Enables or disables statistic gathering for producers, consumers, destinations, and

routes. By default this parameter is set to disabled.
Disabling statistic gathering resets the total statistics for each object to zero.

rate_interval
rate_interval = seconds
Sets the interval (in seconds) over which statistics for routes, destinations,
producers, and consumers are averaged. By default, this parameter is set to 3
seconds. Setting this parameter to zero disables the average calculation.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 207
|

detailed_statistics
detailed_statistics = NONE | [PRODUCERS,CONSUMERS,ROUTES,CHANNELS]

Specifies which objects should have detailed statistic tracking. Detailed statistic
tracking is only appropriate for routes, channels, producers that specify no
destination, or consumers that specify wildcard destinations. When detailed
tracking is enabled, statistics for each destination are kept for the object.
Setting this parameter to NONE disabled detailed statistic tracking. You can
specify any combination of PRODUCERS, CONSUMERS, ROUTES, or
CHANNELS to enable tracking for each object. If you specify more than one type
of detailed tracking, separate each item with a comma.
For example:
detailed_statistics = NONE

Turns off detailed statistic tracking.

detailed_statistics = PRODUCERS,ROUTES

Specifies detailed statistics should be gathered for producers and routes.

statistics_cleanup_interval
statistics_cleanup_interval = seconds
Specifies how long (in seconds) the server should keep detailed statistics if the
destination has no activity. This is useful for controlling the amount of memory
used by detailed statistic tracking. When the specified interval is reached,
statistics for destinations with no activity are deleted.

max_stat_memory
max_stat_memory = size [ K B | M B | G B ]
Specifies the maximum amount of memory to use for detailed statistic gathering.
If no units are specified, the amount is in bytes, otherwise you can specify the
amount using KB, MB, or GB as the units.
Once the maximum memory limit is reached, the server stops collecting detailed
statistics. If statistics are deleted and memory becomes available, the server
resumes detailed statistic gathering.

TIBCO Enterprise Message Service User’s Guide

208
| Chapter 7 Using the Configuration Files

SSL Server Parameters

See Chapter 18, Using the SSL Protocol, on page 441 for more information about
these parameters.

ssl_dh_size
ssl_dh_size = [512 | 768 | 1024 | 2048]

Size of the Diffie-Hellman key. Can be 512, 768, 1024, or 2048 bits. The default
value is 1024.
This key is not used for cipher suites available for export.

ssl_server_ciphers
ssl_server_ciphers = cipherSuites
Specifies the cipher suites used by the server; each suite in the list is separated by
a colon (:). This parameter must follow the OpenSSL cipher string syntax.
For example, you can enable two cipher suites with the following setting:
ssl_server_ciphers = RC4-MD5:RC4-SHA

See Specifying Cipher Suites on page 452 for more information about the cipher
suites available in EMS and the syntax for specifying them in this parameter.

ssl_require_client_cert
ssl_require_client_cert = enable | disable

If this parameter is set to e n a b l e , the server only accepts SSL connections from
clients that have digital certificates. Connections from clients without certificates
are denied.
If this parameter is set to d i s a b l e , then connections are accepted from clients that
do not have a digital certificate.
Whether this parameter is set to e n a b l e or d i s a b l e , clients that do have digital
certificates are always authenticated against the certificates supplied to the
s s l _ s e r v e r _ t r u s t e d parameter.

ssl_use_cert_username
ssl_use_cert_username = enable | disable

If this parameter is set to e n a b l e , a client’s user name is always extracted from the
CN field of the client’s digital certificate, if the digital certificate is specified. If a
different username is provided through the connection factory or API calls, then
that username is discarded. Only the username from the CN is used.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 209
|

The CN field is either a username, an email address, or a web address.

When s s l _ u s e _ c e r t _ u s e r n a m e is enabled, the username given by the CN

becomes the only valid username. Any permissions associated with a different
username, for example one assigned with an API call, are ignored.

ssl_cert_user_specname
ssl_cert_user_specname = username
This parameter is useful if clients are required to supply a username, but you
wish to designate a special username to use when the client’s username should be
taken from the client’s digital certificate.
For example, you may wish all clients to specify their username when logging in.
This means the s s l _ u s e _ c e r t _ u s e r n a m e parameter would be set to d i s a b l e .
The username is supplied by the user, and not taken from the digital certificate.
However, you may wish one username to signify that the client logging in with
that name should have the name taken from the certificate. A good example of
this username would be a n o n y m o u s . All clients logging in as a n o n y m o u s will have
their user names taken from their digital certificates.
The value specified by this parameter is the username that clients will use to log
in when the username should be taken from their digital certificate. A good
example of the value of this parameter would be a n o n y m o u s .
Also, the value of this parameter is ignored if s s l _ u s e _ c e r t _ u s e r n a m e is set to
enable, in which case all client usernames are taken from their certificates. This
parameter has no effect for users that have no certificate.

ssl_server_identity
ssl_server_identity = certificate
The server’s digital certificate in PEM, DER, or PKCS#12 format. You can specify
the path to a file that contains the certificate in one of the supported formats.
This parameter must be specified if any SSL ports are listed in the l i s t e n
parameter.
PEM and PKCS#12 formats allow the digital certificate to include the private key.
If these formats are used and the private key is part of the digital certificate, then
setting s s l _ s e r v e r _ k e y is optional.
For example:
ssl_server_identity = certs/server.cert.pem

TIBCO Enterprise Message Service User’s Guide

210
| Chapter 7 Using the Configuration Files

ssl_server_key
ssl_server_key = private_key
The server’s private key. If it is included in the digital certificate in
s s l _ s e r v e r _ i d e n t i t y, then this parameter is not needed.

This parameter supports private keys in the following formats: PEM, DER,
PKCS#12.
You must specify a path to a file that contains the key.

ssl_password
ssl_password = password
Private key or password for private keys.
This password can optionally be specified on the command line when t i b e m s d is
started.
If SSL is enabled, and the password is not specified with this parameter or on the
command line, t i b e m s d will ask for the password upon startup.
You can set passwords by way of the t i b e m s a d m i n tool. When passwords are set
with this tool, the password is obfuscated in the configuration file. See Chapter 6,
Using the EMS Administration Tool, on page 115 for more information about
using t i b e m s a d m i n to set passwords.

Because connection factories do not contain the s s l _ p a s s w o r d (for security

reasons), the EMS server uses the password that is provided in the "create
connection" call for user authentication. If the create connection password is
different from the s s l _ p a s s w o r d , the connection creation will fail.

ssl_server_issuer
ssl_server_issuer = chain_member
Certificate chain member for the server. The server reads the certificates in the
chain in the order they are presented in this parameter.
The same certificate can appear in multiple places in the certificate chain.
The certificates must be in PEM, DER, PKCS#7, or PKCS#12 format.
See File Names for Certificates and Keys on page 445 for more information on file
types for digital certificates.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 211
|

ssl_server_trusted
ssl_server_trusted = certificates
List of CA root certificates the server trusts as issuers of client certificates.
Specify only CA root certificates. Do not include intermediate CA certificates.
The certificates must be in PEM, DER, or PKCS#7 format. You can either provide
the actual certificates, or you can specify a path to a file containing the certificate
chain.
For example:
ssl_server_trusted = certs\CA1_root.pem
ssl_server_trusted = certs\CA2_root.pem

See File Names for Certificates and Keys on page 445 for more information on file
types for digital certificates.

ssl_rand_egd
ssl_rand_egd = pathname
The path for the installed entropy gathering daemon (EGD), if one is installed.
This daemon is used to generate random numbers for C clients and the EMS
server. Java clients do not use this parameter.

ssl_crl_path
ssl_crl_path = pathname
A non-null value for this parameter activates the server’s certificate revocation list
(CRL) feature.
The server reads CRL files from this directory. The directory should contain only
CRL files. If other files are located in the pathname directory, SSL initialization will
fail.

ssl_crl_update_interval
ssl_crl_update_interval = hours
The server automatically updates its CRLs at this interval (in hours).
When this parameter is absent, the default is 24 hours.

ssl_auth_only
ssl_auth_only = enable | disable

When e n a b l e d , the server allows clients to request the use of SSL only for
authentication (to protect user passwords). For an overview of this feature, see

TIBCO Enterprise Message Service User’s Guide

212
| Chapter 7 Using the Configuration Files

SSL Authentication Only on page 458.

When d i s a b l e d , the server ignores client requests for this feature. When absent,
the default value is d i s a b l e d .

fips140-2
fips140-2 = true | false

When t r u e , the EMS server is enabled to run in FIPS 140-2 compliant mode.
When f a l s e or excluded, the server is not FIPS compliant. For more information,
see Enabling FIPS Compliance on page 459.

LDAP Parameters
See Chapter 8, Authentication and Permissions, on page 247 for more information
about these parameters.

ldap_url
URL of the external directory server. This can take the following forms:
L D A P : / / host: tcp_port

or
L D A P S : / / host: ssl_port

For example:
LDAP://myLdapServer:1855

ldap_principal
ldap_principal = DN
The distinguished name (DN) of the LDAP user that the EMS sever uses to bind
to the LDAP server. This user must have privileges that allow it to bind and
browse group users, but does not necessarily need to have administrative
privileges.
For example:
ldap_principal = "cn=Manager"

ldap_credential
ldap_credential = password
The password associated with the user defined in the l d a p _ p r i n c i p a l property.
This value must be specified and cannot be an empty string.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 213
|

ldap_cache_enabled
ldap_cache_enabled = enable | disable

Enables caching of LDAP data.

ldap_cache_ttl
ldap_cache_ttl = seconds
Specifies the maximum time (in seconds) that cached LDAP data is retained
before it is refreshed.

ldap_conn_type
ldap_conn_type = [ldaps | startTLS]

Specifies the type of connection that the server uses to get LDAP information.
• When this parameter is absent, LDAP connections use TCP (non-secure). For
backward compatibility, this is the default setting.
• l d a p s —Use SSL on the LDAP connection (secure).
• s t a r t T L S —Use the startTLS extension to the LDAP version 3 protocol
(secure).

ldap_tls_cacert_file
ldap_tls_cacert_file = pathname
This file contains the CA certificate that the EMS server trusts to sign the LDAP
server’s certificate.
You must provide ldap_tls_cacert_file in order to create secure connections.
Optionally, l d a p _ t l s _ c a c e r t _ d i r can be used in addition to
l d a p _ t l s _ c a c e r t _ f i l e in order to specify a directory with additional individual
CA certificates.

ldap_tls_cacert_dir
ldap_tls_cacert_dir = pathname
When there are two or more CA certificates in the verify chain, the server scans
this directory for CA certificates.
You must also provide ldap_tls_cacert_file in order to create secure connections.
l d a p _ t l s _ c a c e r t _ d i r is an optional parameter that can be used in addition to
l d a p _ t l s _ c a c e r t _ f i l e in order to specify a directory with additional individual
CA certificates.

TIBCO Enterprise Message Service User’s Guide

214
| Chapter 7 Using the Configuration Files

ldap_tls_cipher_suite
ldap_tls_cipher_suite = cipher_suite
Optional. You can specify the cipher suite to use for encryption on secure LDAP
connections.
This parameter must follow the OpenSSL cipher string syntax; see Specifying
Cipher Suites on page 452. You must use short names when specifying the suite.
For example, use D E S - C B C - S H A rather than S S L _ R S A _ W I T H _ D E S _ C B C _ S H A . Using
long names results in an authorization error when connecting to a client.
In addition to the actual cipher names, you may specify cipher quality; for
example:
• HIGH
• HIGH:MEDIUM

ldap_tls_rand_file
ldap_tls_rand_file = pathname
When the operating system does not include a random data feature, this file is the
source of random data for encryption.

ldap_tls_cert_file
ldap_tls_cert_file = pathname
When the LDAP server requires client authentication, use the certificate in this file
to identify the EMS server.

ldap_tls_key_file
ldap_tls_key_file = pathname
When the LDAP server requires client authentication, use the private key in this
file.
When you plan to start the server remotely, we recommend that you do not
password-encrypt the key file.
See Chapter 8, Authentication and Permissions, on page 247 for more information
about these parameters.

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 215
|

ldap_user_class
ldap_user_class = class_name
Name of the LDAP object class that stores users.
For example:
ldap_user_class = person

ldap_user_attribute
ldap_user_attribute = attribute
Name of the attribute on the user object class that holds the name of the user.
For example:
ldap_user_attribute = uid

ldap_user_base_dn
ldap_user_base_dn = DN
Base distinguished name (DN) of the LDAP tree that contains the users.
For example:
ldap_user_base_dn = "ou=People,dc=Corp"

ldap_user_scope
ldap_user_scope = onelevel | subtree

Specifies how deeply under the base DN to search for users. You can specify
o n e l e v e l and s u b t r e e for this parameter. o n e l e v e l specifies to search only one
level below the DN, s u b t r e e specifies to search all sub-trees.
For example:
ldap_user_scope = subtree

ldap_user_filter
ldap_user_filter = filter
Optional LDAP search filter for finding a given user name. Use % s as the
placeholder for the user name in the filter. For example:
uid=%s

The full LDAP search grammar is specified in RFC 2254 and RFC 2251.
If unspecified, then a default search filter is generated based on the user object
class and user name attribute.

TIBCO Enterprise Message Service User’s Guide

216
| Chapter 7 Using the Configuration Files

ldap_all_users_filter
ldap_all_users_filter = filter
An optional LDAP search filter for finding all users beneath the user base DN.
If not specified, then a default search filter is generated based on the user object
class and user name attribute.
See Chapter 8, Authentication and Permissions, on page 247 for more information
about these parameters.

ldap_group_base_dn
ldap_group_base_dn = DN
Base distinguished name (DN) of the LDAP tree that contains groups.
For example:
ldap_group_base_dn = "ou=Groups,dc=Corp"

ldap_group_scope
ldap_group_scope = onelevel | subtree

Specifies how deeply under the base DN to search for groups. You can specify
o n e l e v e l and s u b t r e e for this parameter. o n e l e v e l specifies to search only one
level below the DN, s u b t r e e specifies to search all sub-trees.
For example:
ldap_group_scope = subtree

ldap_group_filter
ldap_group_filter = filter
Optional LDAP search filter for finding a group with a given group name. Use % s
as the placeholder for the group name in the filter.
The full LDAP search grammar is specified in RFC 2254 and RFC 2251.
If unspecified, then a default search filter is generated based on the group object
class and group attribute.
For example:
ldap_group_filter =
"(|(&(cn=%s)(objectClass=groupofUniqueNames))(&(cn=%s)
(objectClass=groupOfURLs)))"

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 217
|

ldap_all_groups_filter
ldap_all_groups_filter = filter
Optional LDAP search filter for finding all groups beneath the group base DN.
If unspecified, then a default search filter is generated based on the group object
class and group attribute.

ldap_static_group_class
ldap_static_group_class = name
Name of the LDAP object class that stores static groups.
For example:
ldap_static_group_class = groupofuniquenames

ldap_static_group_attribute
ldap_static_group_attribute = class
Name of the attribute on the static group object class that holds the name of the
group.
For example:
ldap_static_group_attribute = cn

ldap_static_member_attribute
ldap_static_member_attribute = attribute
Attribute of an LDAP static group object that specifies the distinguished names
(DNs) of the members of the group.
For example:
ldap_static_member_attribute = uniquemember

ldap_dynamic_group_class
ldap_dynamic_group_class = class
Name of the LDAP object class that stores dynamic groups.
For example:
ldap_dynamic_group_class = groupofURLs

TIBCO Enterprise Message Service User’s Guide

218
| Chapter 7 Using the Configuration Files

ldap_dynamic_group_attribute
ldap_dynamic_group_attribute = attribute
Name of the attribute on the dynamic group object class that holds the name of
the group. For example:
ldap_dynamic_group_attribute = cn

ldap_dynamic_member_url_attribute
ldap_dynamic_member_url_attribute = attribute
Attribute of the dynamic LDAP group object that specifies the URLs of the
members of the dynamic group.
For example:
ldap_dynamic_member_url_attribute = memberURL

Extensible Security Parameters

The extensible security feature allows you to write your own authentication and
permissions modules for the server. For more information on this feature, see
Chapter 9, Extensible Security, on page 271.

jaas_classpath
jaas_classpath = classpath
Includes the JAR files and dependent classes used by the JAAS LoginModule.
This parameter is required to enable the extensible security feature for
authentication.
For example:
jaas_classpath = .:/usr/local/custom/user_jaas_plugin.jar

jaas_config_file
jaas_config_file = file-name
Specifies the location of the JAAS configuration file used by the EMS server to run
a custom authentication LoginModule. For more information, see Loading the
LoginModule in the EMS Server on page 276.
This parameter is required to enable the extensible security feature for
authentication.
For example:
jaas_config_file = jaas.conf

TIBCO Enterprise Message Service User’s Guide

 tibemsd.conf 219
|

jaas_login_timeout
jaas_login_timeout = milliseconds
Specifies the length of time, in milliseconds, that the EMS server will wait for the
JAAS authentication module to execute and respond. This timeout is used each
time the server passes a username and password to the LoginModule. If the
module does not return a response, the server denies authentication.
This parameter is optional. If it is not included, the default timeout is 500
milliseconds.
For example:
jaas_login_timeout = 250

jaci_classpath
jaci_classpath = classpath
Includes the JAR files and dependent classes used by the JACI custom
permissions module. This parameter is required to enable the extensible security
feature for granting permissions.
For example:
jaci_classpath = .:/usr/local/custom/user_jaci_plugin.jar

jaci_class
jaci_class = class-name
Specifies the name of the class that implements the extensible permissions
interface. The class must be written using the Java Access Control Interface
(JACI). For more information about writing a custom application using JACI to
grant permissions, see Writing a Permissions Module on page 282.
For example:
jaci_class = com.userco.auth.CustomAuthorizer

TIBCO Enterprise Message Service User’s Guide

220
| Chapter 7 Using the Configuration Files

jaci_timeout
jaci_timeout = milliseconds
Specifies the length of time, in milliseconds, that the EMS server will wait for the
JACI permissions module to execute and respond. This timeout is used each time
the server passes a destination, username, and action to the permissions module.
If the module does not return a response, the server denies authorization.
This parameter is optional. If it is not included, the default timeout is 500
milliseconds.
For example:
jaci_timeout = 250

JVM Parameters
These parameters enable and configure the Java virtual machine (JVM) in the
EMS server. For more information on how JVM work in EMS, see Enabling the
JVM on page 284.

jre_library
jre_library = path
Enables the JVM in the EMS server, where path is the absolute path to the j v m . d l l
shared library file that is installed with JRE. If this parameter is not included, the
JVM is disabled by default.
If the path contains any spaces, the path must be enclosed in quotation marks.
For example:
jre_library = "C:\Program Files\Java\jdk1.6.0_04\jre\bin\server\jvm.dll"

jre_option
jre_option = JVMoption
Passes command line options to the JVM at start-up. The j r e _ o p t i o n parameter
can be used to define Java system properties, which are used by applications
running in the JVM, such as extensible security modules.
You can use multiple jre_option entries in order to pass more than one options to
the JVM. Permitted values for JVMoption include most JVM options that are
defined by Sun Microsystems.
For example, this restricts the maximum heap size of the JVM to 256 megabytes:
jre_option = -Xmx256m

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 221
|

Using Other Configuration Files

In addition to the main configuration file, there are several other configuration
files used for various purposes:

Table 31 Configuration Files

Configuration See
Description
File Page
acl.conf Defines EMS access control lists. 222

bridges.conf Defines bridges between destinations. 223

channels.conf Defines the multicast channels over which 224

multicast messages are broadcast.

durables.conf Defines static durable subscribers. 227

factories.conf Defines the connection factories stored as JNDI 228

names on the EMS server.

groups.conf Defines EMS groups. 233

jaas.conf Locates and loads the LoginModule. 234

queues.conf Defines EMS Queues. 234

routes.conf Defines routes between this and other EMS servers 235

stores.conf Defines the locations, either store files or a 237

database, where the EMS server will store
messages.

tibrvcm.conf Defines the TIBCO Rendezvous certified 241

messaging (RVCM) listeners for use by topics that
export messages to a t i b r v c m transport.

topics.conf Defines EMS Topics. 241

transports.conf Defines transports used by EMS to import 242

messages from or export messages to external
message service, such as Rendezvous and
SmartSockets.

users.conf Defines EMS users. 245

TIBCO Enterprise Message Service User’s Guide

222
| Chapter 7 Using the Configuration Files

These configuration files can be edited by hand, but you can also use the
administration tool or the administration APIs to modify some of these files. See
Chapter 6, Using the EMS Administration Tool, on page 115 for more information
about using the administration tool.
The following sections describe the configuration files.

acl.conf
This file defines all permissions on topics and queues for all users and groups.
The format of the file is:
T O P I C = topic U S E R = user P E R M = permissions
T O P I C = topic G R O U P = group P E R M = permissions
Q U E U E = queue U S E R = user P E R M = permissions
Q U E U E = queue G R O U P = group P E R M = permissions
A D M I N U S E R = user P E R M = permissions
A D M I N G R O U P = group P E R M = permissions

Parameter Name Description

TOPIC Name of the topic to which you wish to add permissions.

QUEUE Name of the queue to which you wish to add permissions.

ADMIN Specifies that you wish to add administrator permissions.

USER Name of the user to whom you wish to add permissions.

GROUP Name of the group to which you wish to add permissions.

The designation a l l specifies a predefined group that
contains all users.

PERM Permissions to add.

The permissions which can be assigned to queues are
s e n d , r e c e i v e and b r o w s e . The permissions which can be
assigned to topics are p u b l i s h , s u b s c r i b e and d u r a b l e
and u s e _ d u r a b l e . The designation a l l specifies all
possible permissions. For information about these
permissions, refer to When Permissions Are Checked on
page 268 and Inheritance of Permissions on page 78.
Administration permissions are granted to users to
perform administration activities. See Administrator
Permissions on page 249 for more information about
administration permissions.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 223
|

Example
ADMIN USER=sys-admins PERM=all
TOPIC=foo USER=user2 PERM=publish,subscribe
TOPIC=foo GROUP=group1 PERM=subscribe

bridges.conf
This file defines bridges between destinations. See Destination Bridges on page 79
for more information about destination bridges.
The format of the file is:
[destinationType:destinationName] # mandatory -- include brackets
destinationType=destinationToBridgeTo1 [selector="msg-selector"]
destinationType=destinationToBridgeTo2 [selector="msg-selector"]
...

The destination-name can be any specific destination or a wildcard pattern to

match multiple destinations.

Parameter Name Description

destinationType The type of the destination. That is, t o p i c or
queue.

destinationName The name of the destination.

destinationToBridgeTo One or more names of destinations to which to

create a bridge.

selector This optional property specifies a message

selector to limit the messages received by the
bridged destination.
For detailed information about message selector
syntax, see the ’Message Selectors’ section in
description for the M e s s a g e class in TIBCO
Enterprise Message Service Java API Reference.

Example
[topic:myTopic1]
topic=myTopic2
queue=myQueue1

TIBCO Enterprise Message Service User’s Guide

224
| Chapter 7 Using the Configuration Files

channels.conf
This file defines the multicast channels over which messages published to
multicast-enabled topics are broadcast. Each channel defined in this file has a
unique name, and can have a different multicast address, multicast port, and
property values.
The format of the file is:
[ multicast-channel-name]
a d d r e s s = multicast-group-address: multicast-port
[ t t l = hops]
[ p r i o r i t y = priority]
[ m a x r a t e = size [ K B | M B | G B ] ]
[ m a x t i m e = seconds]
[ i n t e r f a c e = ip-address]

Table 32 Channel Parameters

Parameter Name Description

[ multicast-channel-name] [ multicast-channel-name] is the name that identifies this
multicast channel.
Note that the square brackets [ ] DO NOT indicate
that the multicast-channel-name is an option; they must
be included around the name.

address Determines where messages will be sent, where:

• multicast-group-address is the multicast group IP
address to which messages will be sent. The
address must be between 2 2 4 . 0 . 0 . 0 and
239.255.255.255.

• multicast-port is the multicast port destination to

which messages will be sent. The multicast port
must be between 1 and 6 5 5 3 5 .
For example, this will cause messages sent over the
channel to be directed to the IP address 2 3 4 . 5 . 6 . 7
and multicast port 9 9 :
address = 234.5.6.7:99

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 225
|

Table 32 Channel Parameters

Parameter Name Description

ttl Specifies the maximum number of hops that
messages can make between the server and the
multicast daemon.
The number of hops between the server and
multicast daemon is one plus the number of routers
between them. For example, if the server and
multicast daemon are in the same subnet, then there
is one hop between them. If the server and multicast
daemon are separated by a router, then there are two
hops between them. Therefore, a t t l value of 1
means that the multicast data will remain on the local
subnet while a t t l value of 2 will allow the messages
to travel through one router into the next subnet.
When this parameter is absent, the default maximum
network hops allowed is 1 6 .

priority Specifies the channel's transmission priority when

bandwidth is allocated. p r i o r i t y is given as a
numerical ranking, where the highest priority is - 5
and the lowest is 5 .
When this parameter is absent, the default priority is
0 (zero).

maxrate Specifies the maximum rate at which messages can

be transmitted over the channel. You can specify
units of K B or M B .
When this parameter is absent, the default value is
12.5MB.

TIBCO Enterprise Message Service User’s Guide

226
| Chapter 7 Using the Configuration Files

Table 32 Channel Parameters

Parameter Name Description

maxtime Specifies the maximum length of time, in seconds,
that the server will retain sent messages for
retransmission. Messages are retransmitted when a
multicast daemon detects a lost message and sends a
negative acknowledgement to the EMS server.
Note that a long m a x t i m e will increase the amount of
memory used by the server. The maximum amount
of memory used by a channel will be m a x r a t e *
m a x t i m e . For example, specifying a m a x r a t e of 1 0 M B
and a m a x t i m e of 1 0 seconds may require the server
to buffer 100 megabytes of data for retransmissions.
When this parameter is absent, messages are kept for
35 seconds.

interface Specifies the IP address over which the server will

send multicast traffic on this channel.
The IP address must be a multicast capable interface.
On UNIX systems, you can determine whether an IP
interface is multicast capable by running the
i f c o n f i g UNIX command.

When this parameter is not included, the default

value is 0 . 0 . 0 . 0 , which causes the EMS server to use
the system’s default interface.

Example
[channel-1]
address=234.5.6.7:99
maxrate=10MB
maxtime=10
ttl=4

[channel-2]
address=234.5.3.9:99
maxrate=15MB
maxtime=10
ttl=3

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 227
|

durables.conf
This file defines static durable subscribers.
The file consists of lines with either of these formats:
topic-name durable-name
[route]
[ c l i e n t i d = id]
[nolocal]
[ s e l e c t o r = " msg-selector" ]

Parameter Name Description

topic-name The topic of the durable subscription.

durable-name The name of the durable subscriber.

route When present, the subscriber is another server, and

the durable-name is the name of that server.
When this property is present, no other properties
are permitted.

c l i e n t i d = id The client ID of the subscriber’s connection.

nolocal When present, the subscriber does not receive

messages published from its own connection.

s e l e c t o r = " string" When present, this selector narrows the set of

messages that the durable subscriber receives.
For detailed information about message selector
syntax, see the ’Message Selectors’ section in
description for the M e s s a g e class in TIBCO Enterprise
Message Service Java API Reference.

Example
topic1 dName1
topic2 dName2 clientid=myId,nolocal
topic3 dName3 selector="urgency in (’high’,’medium’)"
topic4 Paris route

Conflicting When the server detects an conflict between durable subscribers, it maintains the
Specifications earliest specification, and outputs a warning. Consider these examples:
• A static specification in this file takes precedence over a new durable
dynamically created by a client.

TIBCO Enterprise Message Service User’s Guide

228
| Chapter 7 Using the Configuration Files

• An existing durable dynamically created by a client takes precedence over a

new static durable defined by an administrator.
• A static durable subscription takes precedence over a client attempting to
dynamically unsubscribe (from the same topic and durable name).
Conflict can also arise because of wildcards. For example, if a client dynamically
creates a durable subscriber for topic f o o . * , and an administrator later attempts
to define a static durable for topic f o o . 1 , then the server detects this conflict and
warns the administrator.

Configuration To configure durable subscriptions in this file, we recommend using the c r e a t e

durable command in the t i b e m s a d m i n tool; see c r e a t e d u r a b l e on page 123.
If the c r e a t e d u r a b l e command detects an existing dynamic durable
subscription with the same topic and name, it promotes it to a static subscription,
and writes a specification to the file d u r a b l e s . c o n f .

factories.conf
This file defines the connection factories for the internal JNDI names.
The file consists of factory definitions with this format:
[factory-name] # mandatory -- square brackets included
type = generic|xageneric|topic|queue|xatopic|xaqueue|
url = url-string
metric = connections | byte_rate
clientID = client-id
[connect_attempt_count|connect_attempt_delay|
connect_attempt_timeout|reconnect_attempt_count|
reconnect_attempt_delay|reconnect_attempt_timeout = value]
[ssl-prop = value]*

Table 33 Connection Factory Parameters

Parameter Name Description

Mandatory Parameters
These parameters are required. Values given to these parameters cannot be overridden using API
calls.

[ factory-name] [ factory-name] is the name of the connection factory.

Note that the square brackets [ ] DO NOT indicate that the
factory-name is optional; they must be included around the name.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 229
|

Table 33 Connection Factory Parameters

Parameter Name Description

type Type of the connection factory. The value can be:
• generic: Generic connection (JMS 1.1)
• xageneric: Generic XA connection (JMS 1.1)
• topic: Topic connection (JMS 1.0.2b)
• queue: Queue connection (JMS 1.0.2b)
• xatopic: XA topic connection (JMS 1.0.2b)
• xaqueue: XA queue connection (JMS 1.0.2b)

url This string specifies the servers to which this factory creates
connections:
• A single URL specifies a unique server. For example:
tcp://host1:8222

• A pair of URLs separated by a comma specifies a pair of

fault-tolerant servers. For example:
tcp://host1:8222,tcp://backup1:8222

• A set of URLs separated by vertical bars specifies a load

balancing among those servers. For example:
tcp://a:8222|tcp://b:8222|tcp://c:8222

• You can combine load balancing with fault tolerance. For

example:
tcp://a1:8222,tcp://a2:8222|tcp://b1:8222,tcp://b2
:8222

The load balancing operator (| ) takes precedence over the

fault-tolerance operator (, ). This example defines two servers
(a and b ), each of which has a fault-tolerant backup. The client
program checks the load on the primary a server and the
primary b server, and connects to the one that has the smaller
load.
The connection URL cannot exceed 1000 characters.
For cautionary information, see Load Balancing on page 233.

TIBCO Enterprise Message Service User’s Guide

230
| Chapter 7 Using the Configuration Files

Table 33 Connection Factory Parameters

Parameter Name Description

Optional Parameters
These parameters are optional. The values of these parameters can be overridden using API calls.

metric The factory uses this metric to balance the load among a group of
servers:
• c o n n e c t i o n s —Connect to the server with the fewest client
connections.
• b y t e _ r a t e —Connect to the server with the lowest byte rate.
Byte rate is a statistic that includes both inbound and
outbound data.
When this parameter is absent, the default metric is c o n n e c t i o n s .
For cautionary information, see Load Balancing on page 233.

clientID The factory associates this client ID string with the connections
that it creates. The client ID cannot exceed 255 characters in
length.

connect_attempt_count A client program attempts to connect to its server (or in

fault-tolerant configurations, it iterates through its URL list) until
it establishes its first connection to an EMS server. This property
determines the maximum number of iterations. When absent, the
default is 2.

connect_attempt_delay When attempting a first connection, the client sleeps for this
interval (in milliseconds) between attempts to connect to its
server (or in fault-tolerant configurations, iterations through its
URL list). When absent, the default is 500 milliseconds.

connect_attempt_timeout When attempting to connect to the EMS server, you can set this
connection timeout period to abort the connection attempt after a
specified period of time (in milliseconds).

reconnect_attempt_count After losing its server connection, a client program configured

with more than one server URL attempts to reconnect, iterating
through its URL list until it re-establishes a connection with an
EMS server. This property determines the maximum number of
iterations. When absent, the default is 4.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 231
|

Table 33 Connection Factory Parameters

Parameter Name Description

reconnect_attempt_delay When attempting to reconnect, the client sleeps for this interval
(in milliseconds) between iterations through its URL list. When
absent, the default is 500 milliseconds.

reconnect_attempt_timeout When attempting to reconnect to the EMS server, you can set this
connection timeout period to abort the connection attempt after a
specified period of time (in milliseconds).

multicast_daemon Use the parameter to specify the TCP port that the client will use
when establishing a connection to the multicast daemon.
This parameter determines the behavior of the EMS client but
does not affect the multicast daemon. The multicast daemon must
listen for the client on the same port that the client uses to
connect. To change the TCP port that the multicast daemon listens
on, use the - l i s t e n command line argument in the daemon. See
Command Line Options on page 352 for more information.
See Chapter 13, Using Multicast for information on multicast.

multicast_enabled Use this property to disable multicast in the connection factory.

By default, a connection factory is always multicast-enabled if the
EMS server to which it is connecting is enabled for multicast. If a
client does not wish to receive messages over multicast from a
multicast-enabled server, then this property can be set to disabled:
• e n a b l e d —multicast is enabled in the factory.
• d i s a b l e d —multicast is disabled in the factory
See Chapter 13, Using Multicast, on page 345 for more
information on multicast.

ssl-prop SSL properties for connections that this factory creates.

For further information on SSL, refer to Chapter 18, Using the SSL
Protocol, page 441.

Example
[north_america]
type = topic
url = tcp://localhost:7222,tcp://server2:7222
clientID = "Sample Client ID"
ssl_verify_host = disabled

TIBCO Enterprise Message Service User’s Guide

232
| Chapter 7 Using the Configuration Files

Configuration To configure connection factories in this file, we recommend using the

t i b e m s a d m i n tool; see c r e a t e f a c t o r y on page 123.

Load Balancing

Do not specify load balancing in situations with durable subscribers.

If a client program that a creates durable subscriber connects to server A using a
load-balanced connection factory, then server A creates and supports the durable
subscription. If the client program exits and restarts, and this time connects to
server B, then server B creates and supports a new durable subscription—
however, pending messages on server A remain there until the client reconnects
to server A.
Do not specify load balancing when your application requires strict
message ordering.
Load balancing chooses from among multiple servers, which inherently violates
strict ordering.

groups.conf
This file defines all groups. The format of the file is:
group-name1: " description"
user-name1
user-name2
group-name2: " description"
user-name1
user-name2

Parameter Name Description

group-name The name of the group. The group name cannot
exceed 127 characters in length.

description A string describing the group.

user-name One or more users that belong to the group.

Example
administrators: "TIBCO Enterprise Message Service administrators"
admin
Bob

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 233
|

jaas.conf
This file directs the TIBCO Enterprise Message Service server to the JAAS
LoginModule. See Loading the LoginModule in the EMS Server on page 276 for
more information about the j a a s . c o n f file.

queues.conf
This file defines all queues. The format of the file is:
[ jndi-name1, jndi-name2, . . . ] queue-name property1, property2, . . .

Note that, while including JNDI names is optional, the square brackets [ ] must
be included around JNDI names if they are included. For more information about
setting JNDI names, see c r e a t e j n d i n a m e on page 124.

For example, you might enter:

test store=mystore,secure,prefetch=2

Only queues listed in this file or queues with names that match the queues listed
in this file can be created by the applications (unless otherwise permitted by an
entry in a c l . c o n f ). For example, if queue f o o . * is listed in this file, queues
f o o . b a r and f o o . b a z can be created by the application.

Properties of the queue are inherited by all static and dynamic queues with
matching names. For example, if t e s t . * has the property s e c u r e , then t e s t . 1
and t e s t . f o o are also secure. For information on properties that can be assigned
to queues, see Destination Properties on page 55.
For further information on the inheritance of queue properties, refer to Wildcards
* and > on page 74 and Inheritance of Properties on page 77.

In the sample file, a > wildcard at the beginning of the file allows the applications
to create valid queues with any name. A > at the beginning of the queue
configuration file means that name-matching is not required for creation of
queues.

Restrictions and rules on queue names are described in Destination Name Syntax
on page 52.

TIBCO Enterprise Message Service User’s Guide

234
| Chapter 7 Using the Configuration Files

routes.conf
This file defines routes between this TIBCO Enterprise Message Service server
and other TIBCO Enterprise Message Service servers.

Routes may only be configured administratively, using the administration tool

(see Chapter 6 on page 115), or the administration APIs (see
c o m . t i b c o . t i b j m s . a d m i n . R o u t e I n f o in the online documentation). Directly
editing the r o u t e s . c o n f file causes errors.

The format of the file is:

[ route-name] # m a n d a t o r y - - s q u a r e b r a c k e t s i n c l u d e d .
u r l = url-string
z o n e _ n a m e = zone_name
z o n e _ t y p e = zone_type
[ selector] *
[ ssl-prop = value] *

Parameter Name Description

[ route-name] [ route-name] is the name of the passive server (at the
other end of the route); it also becomes the name of
the route. Note that the square brackets [ ] DO NOT
indicate that the route-name is an option; they must be
included around the name.

url The URL of the server to and from which messages

are routed.

zone_name The route belongs to the routing zone with this

name. When absent, the default value is
d e f a u l t _ m h o p _ z o n e (this default yields backward
compatibility with configurations from releases
earlier than 4.0).
You can set this parameter when creating a route,
but you cannot subsequently change it.
For further information, see these sections:
• Zone on page 490
• Configuring Routes and Zones on page 494

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 235
|

Parameter Name Description

zone_type The zone type is either 1 h o p or m h o p . When omitted,
the default value is m h o p .
You can set this parameter when creating a route,
but you cannot subsequently change it.
The EMS server will refuse to start up if the zone
type in the r o u t e s . c o n f file does not match the
zone type already created in the $ s y s . m e t a file that
holds the shared state for the primary and backup
server.

selector Topic selectors (for i n c o m i n g _ t o p i c and

o u t g o i n g _ t o p i c parameters) control the flow of
topics along the route.
For syntax and semantics, see Selectors for Routing
Topic Messages on page 501.

ssl-prop SSL properties for this route.

For further information on SSL, refer to Chapter 18,
Using the SSL Protocol, page 441.

Example
[test_route_2]
url = tcp://server2:7222
ssl_verify_host = disabled

TIBCO Enterprise Message Service User’s Guide

236
| Chapter 7 Using the Configuration Files

stores.conf
This file defines the locations, either store files, mstore, or a database, where the
EMS server will store messages or metadata (if the default $ s y s . m e t a definition
is overridden). You can configure one or many stores in the s t o r e s . c o n f file.
Each store configured is either a file-based store, mstore, or a database store.
File-based store and mstore parameters are described here. Database store
parameters are described in Chapter 10, Using Database Stores.
The format of the file is:
[ store_name] # m a n d a t o r y - - s q u a r e b r a c k e t s i n c l u d e d
type=file
f i l e = name
[file_crc=true|false]
[ f i l e _ m i n i m u m = value]
[ f i l e _ t r u n c a t e = value]
[mode=async|sync]

[ store_name]
type=mstore
f i l e = name
[ s c a n _ i t e r _ i n t e r v a l = time m s e c | s e c | m i n | h o u r | d a y ]
[ s c a n _ t a r g e t _ i n t e r v a l = time m s e c | s e c | m i n | h o u r | d a y ]

Table 34 Store File Parameters

Parameter Name Description

[ store_name] [ store_name] is the name that identifies this store file configuration.
Note that the square brackets [ ] DO NOT indicate that the
store_name is an option; they must be included around the name.

type Identifies the store type. This parameter is required for all store
types. The t y p e can be:
• file — for file-based stores.
• mstore — for mstores.
• dbstore — for database stores.
For information about the parameters used to configure database
stores, see Configuration in stores.conf on page 289.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 237
|

Table 34 Store File Parameters

Parameter Name Description

f i l e = name The filename that will be used when creating this store file. This
parameter is required for both f i l e and m s t o r e types. For
example, m y s t o r e . d b .
The location for this file can be specified using absolute or relative
path names. If no path separators are present, the file will be saved
in the location specified by the s t o r e parameter in the
t i b e m s d . c o n f file, if any is specified there.

File-Based Store Parameters

file_crc This parameter specifies whether the EMS server uses CRC to
validate data integrity when reading the store files.
When this parameter is absent, the default is t r u e .

file_minimum This parameter preallocates disk space for the store file.
Preallocation occurs when the server first creates the store file.
You can specify units of M B or G B . Zero is a special value, which
specifies no minimum preallocation. Otherwise, the value
specified must be greater than 4 M B .
For example:
file_minimum = 32MB

If f i l e _ t r u n c a t e is set to t r u e , the f i l e _ m i n i m u m parameter

prevents the EMS server from truncating the file below the set size.
When this parameter is absent, there is no default minimum
preallocation.

file_truncate Determines whether the EMS server will occasionally attempt to

truncate the store file, relinquishing unused disk space.
When f i l e _ t r u n c a t e is t r u e , the store file may be truncated, but
not below the size set in f i l e _ m i n i m u m .
When this parameter is absent, the default is t r u e , and the server
will periodically attempt to truncate the store file.

TIBCO Enterprise Message Service User’s Guide

238
| Chapter 7 Using the Configuration Files

Table 34 Store File Parameters

Parameter Name Description

mode=async|sync The m o d e determines whether messages will be written to the store
file synchronously or asynchronously. Mode is either:
• a s y n c — the server stores messages in this file using
asynchronous I/O calls.
• s y n c — the server stores messages in this file using
synchronous I/O calls.
When absent, the default is a s y n c .

mstore Parameters

scan_iter_interval Determines the length of time between each interval of the store
scan. The EMS server begins scanning a new section of the mstore
at the time interval specified here.
Specify time in units of m s e c , s e c , m i n , h o u r or d a y to describe the
time value as being in milliseconds, seconds, minutes, hours, or
days, respectively. For example:
scan_iter_interval=100msec

By default, the mstore examines stores every 10 seconds.

For more information, see Understanding mstore Intervals on
page 32.

scan_target_interval Controls the approximate length of time taken to complete a full

scan of the mstore.
Specify time in units of m s e c , s e c , m i n , h o u r or d a y to describe the
time value as being in milliseconds, seconds, minutes, hours, or
days, respectively. For example:
scan_target_interval=12hour

By default, the scan interval is 24 hours.

For more information, see Understanding mstore Intervals on
page 32.

Example
[my_sync]
type = file
file = /var/local/tibems/my_sync.db
file_crc = true

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 239
|
file_minimum = 10MB
file_truncate = true
mode = sync

Example
[mstore1]
type = mstore
file = /var/local/tibems/mstore1.db
scan_iter_interval=100msec
scan_target_interval=12hour

TIBCO Enterprise Message Service User’s Guide

240
| Chapter 7 Using the Configuration Files

tibrvcm.conf
This file defines the TIBCO Rendezvous certified messaging (RVCM) listeners for
use by topics that export messages to a t i b r v c m transport. The server preregisters
these listeners when the server starts up so that all messages (including the first
message published) sent by way of the t i b r v c m transport are guaranteed. If the
server does not preregister the RVCM listeners before exporting messages, the
listeners are created when the first message is published, but the first message is
not guaranteed.
The format of this file is
transport listenerName subjectName

Parameter Name Description

transport The name of the transport for this RVCM listener.

listenerName The name of the RVCM listener to which topic

messages are to be exported.

subjectName The RVCM subject name that messages are

published to. This should be the same name as the
topic names that specify the e x p o r t property.

Example
RVCM01 listener1 foo.bar
RVCM01 listener2 foo.bar.bar

topics.conf
This file defines all topics. The format of the file is:
[ jndi-name1, jndi-name2, . . . ] topic-name property1, property2, . . .

Note that, while including JNDI names is optional, the square brackets [ ] must
be included around JNDI names if they are included. For more information about
setting JNDI names, see c r e a t e j n d i n a m e on page 124.

For example, you might enter:

business.inventory global, import="RV01,RV02", export="RV03",
maxbytes=1MB

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 241
|

Only topics listed in this file or topics with names that match the topics listed in
this file can be created by the applications (unless otherwise permitted by an
entry in a c l . c o n f ). For example, if topic f o o . * is listed in this file, topics
f o o . b a r and f o o . b a z can be created by the application.

Properties of the topic are inherited by all static and dynamic topics with
matching names. For example, if t e s t . * has the property s e c u r e , then t e s t . 1
and t e s t . f o o are also secure. For information on properties that can be assigned
to topics, see Destination Properties on page 55.
For further information on the inheritance of topic properties, refer to Wildcards *
and > on page 74 and Inheritance of Properties on page 77.
Restrictions and rules on topic names are described in Destination Name Syntax
on page 52.

transports.conf
This file defines transports for importing messages from or exporting messages to
external message services, such as TIBCO Rendezvous and TIBCO SmartSockets.
The format of the file is:
[transport_name] # mandatory -- square brackets included
type = tibrv | tibrvcm | tibss # mandatory
[topic_import_dm = TIBEMS_PERSISTENT |
TIBEMS_NON_PERSISTENT |
TIBEMS_RELIABLE]
[queue_import_dm = TIBEMS_PERSISTENT |
TIBEMS_NON_PERSISTENT |
TIBEMS_RELIABLE]
[export_headers = true | false]
[export_properties = true | false]
transport-specific-parameters

Parameter Name Description

[transport_name] The name of the transport. Note that the square
brackets [ ] DO NOT indicate that the transport_name
is an option; they must be included around the
name.

TIBCO Enterprise Message Service User’s Guide

242
| Chapter 7 Using the Configuration Files

Parameter Name Description

type Transport type.
• tibrv identifies TIBCO Rendezvous transport
• tibrvcm identifies TIBCO Rendezvous Certified
Messaging transport
• tibss identifies TIBCO SmartSockets transport
Each transport includes additional
transport-specific-parameters:

topic_import_dm EMS sending clients can set the J M S D e l i v e r y M o d e

queue_import_dm header field for each message. However,
Rendezvous clients cannot set this header. Instead,
these two parameters determine the delivery modes
for all topic messages and queue messages that
t i b e m s d imports on this transport.
TIBEMS_PERSISTENT | TIBEMS_NON_PERSISTENT |
TIBEMS_RELIABLE

When absent, the default is

T I B E M S _ N O N _ P E R S I S T E N T.

export_headers When t r u e , t i b e m s d includes JMS header fields in

exported messages.
When f a l s e , t i b e m s d suppresses JMS header fields
in exported messages.
When absent, the default value is t r u e .

export_properties When t r u e , t i b e m s d includes JMS properties in

exported messages.
When f a l s e , t i b e m s d suppresses JMS properties in
exported messages.
When absent, the default value is t r u e .

transport-specific- See Transport-specific Parameters.

parameters

If you have multiple TIBCO Rendezvous transports configured in your

transports.conf file, and if the EMS server fails to create a transport based on the
last entry, the server will continue to traverse through the entries and attempt to
create further transports.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 243
|

Transport-specific Parameters
If t y p e = t i b r v, the extended syntax is:
[ s e r v i c e = service]
[ n e t w o r k = network]
[ d a e m o n = daemon]
[ t e m p _ d e s t i n a t i o n _ t i m e o u t = seconds]
[rv_queue_policy = [TIBRVQUEUE_DISCARD_NONE |
TIBRVQUEUE_DISCARD_FIRST |
T I B R V Q U E U E _ D I S C A R D _ L A S T ] : max_msgs: qty_discard]

See Rendezvous Parameters on page 381 for descriptions.

If t y p e = tibrvcm, the extended syntax is:
r v _ t p o r t = name # m a n d a t o r y
[ c m _ n a m e = name]
[ l e d g e r _ f i l e = file-name]
[sync_ledger = true | false]
[request_old = true | false]
[explicit_config_only = true | false]
[ d e f a u l t _ t t l = seconds]
[rv_queue_policy = [TIBRVQUEUE_DISCARD_NONE |
TIBRVQUEUE_DISCARD_FIRST |
T I B R V Q U E U E _ D I S C A R D _ L A S T ] : max_msgs: qty_discard]

See Rendezvous Certified Messaging (RVCM) Parameters on page 382 for

descriptions.
If t y p e = tibss, the extended syntax is:
[username = name]
[password = password]
[server_names = single_or_list_of_servers]
[project = name]
[delivery_mode = best_effort | gmd_all | gmd_some | ordered]
[lb_mode = none | round_robin | weighted | sorted]
[override_lb_mode = enable | disable]
[gmd_file_delete = enable | disable]
[import_ss_headers = none | type_num | all]
[preserve_gmd = always | receivers | never]

See SmartSockets Parameters on page 404 for descriptions.

Example
[RV01]
type = tibrv
topic_import_dm = TIBEMS_RELIABLE
queue_import_dm = TIBEMS_PERSISTENT
service = 7780
network = lan0
daemon = tcp:host5:7885

TIBCO Enterprise Message Service User’s Guide

244
| Chapter 7 Using the Configuration Files

[RVCM01]
type = tibrvcm
export_headers = true
export_properties = true
rv_tport = RV02
cm_name = RVCMTrans1
ledger_file = ledgerFile.store
sync_ledger = true
request_old = true
default_ttl = 600

[SS01]
type = tibss
server_names = tcp:rtHost2A:5555, ssl:rtHost2B:5571
username = emsServer6
password = myPasswd
project = mfg_process_control
override_lb_mode = enable
delivery_mode = gmd_some

[RV02]
type = tibrv
topic_import_dm = TIBEMS_PERSISTENT
queue_import_dm = TIBEMS_PERSISTENT
service = 7780
network = lan0
daemon = tcp:host5:7885
rv_queue_policy = TIBRVQUEUE_DISCARD_LAST:10000:100

users.conf
This file defines all users. The format of the file is:
username: password: " description"

Parameter Name Description

username The name of the user. The username cannot exceed 127
characters in length.

password Leave this item blank when creating a new user. For
example:
bob::"Bob Smith"

There is one predefined user, the administrator.

User passwords are not entered in this configuration file,
and remain empty (and therefore not secure) until you
set them using the administration tool; see Assign a
Password to the Administrator on page 118. You can also
create users and assign passwords using API calls; see
the API reference for the language you are working with.

TIBCO Enterprise Message Service User’s Guide

 Using Other Configuration Files 245
|

Parameter Name Description

description A string describing the user.

Example
admin::"Administrator"
Bob::"Bob Smith"
Bill::"Bill Jones"

After the server has started and passwords have been assigned, the file will look
like this:
admin:$1$urmKVgq78:"Administrator"
Bob:$2$sldfkj;lsafd:"Bob Smith"
Bill:$3$tyavmwq92:"Bill Jones"

TIBCO Enterprise Message Service User’s Guide

246
| Chapter 7 Using the Configuration Files

TIBCO Enterprise Message Service User’s Guide

 | 247

Chapter 8 Authentication and Permissions

You can create users and assign passwords to the users to control access to the
EMS server. EMS can also be configured to use an external directory (such as an
LDAP server) to control access to the server.
You can also assign permissions to users and groups to control actions that can be
performed on destinations.
This chapter describes authentication and permissions in EMS.

Topics

• EMS Access Control, page 248

• Administrator Permissions, page 249
• Enabling Access Control, page 257
• Users and Groups, page 259
• User Permissions, page 265
• When Permissions Are Checked, page 268

TIBCO Enterprise Message Service User’s Guide

248
| Chapter 8 Authentication and Permissions

EMS Access Control

EMS supports two basic access levels: administrative and user.

Administrator permissions control the ability of a user to login as an
administrator to create, delete, or view the status of users, destinations,
connections, factories, and so on. Administrators with the correct permissions can
control user access to the EMS server by creating users, assigning passwords, and
setting permissions.
The following procedure describes the general process for administrators to
configure users, groups, and permissions and where to find more information on
performing each step.
1. Enable access control for the system. See Enabling Access Control on
page 257.
2. Determine which destinations require access control, and enable access
control for those destinations. See Destination Control on page 258.
3. Determine which users need administration permissions, and decide whether
administrators can perform actions globally or be restricted to a subset of
actions. See Administrator Permissions on page 249 for more information.
4. Determine the names of the authorized users of the system and create
usernames and passwords for these users. See Users and Groups on page 259.
5. Optionally, set up groups and assign users to groups. See Users and Groups
on page 259.
6. Optionally enable an external directory for storing users and group
information. See Configuring an External Directory on page 261.
7. Create the access control list by granting specific permissions to users (or
groups) for destinations that need to be secure. See User Permissions on
page 265.

TIBCO Enterprise Message Service User’s Guide

 Administrator Permissions 249
|

Administrator Permissions

Administrators are a special class of users that can manage the EMS server.
Administrators create, modify, and delete users, destinations, routes, factories,
and other items. In general, administrators must be granted permission to
perform administration activities when using the administration tool or API.
Administrators can be granted global permissions (for example, permission to
create users or to view all queues), and administrators can be granted permissions
to perform operations on specific destinations (for example, purging a queue, or
viewing properties for a particular topic).

Administrator permissions control what administrators can view and change in

the server only when using the administration tool or API. Administrator
commands create entries in each of the configuration files (for example,
t i b e m s d . c o n f , a c l . c o n f , r o u t e s . c o n f , and so on).

You should control access to the configuration files so that only certain system
administrators can view or modify the configuration files. If a user can view or
modify the configuration files, setting permissions to control which destination
that user can manage would not be enforced when the user manually edits the
files.
Use the facilities provided by your Operating System to control access to the
server’s configuration files.

Administrators must be created using the administration tool, the administration

APIs, or in the configuration files.

Predefined Administrative User and Group

There is a special, predefined user named a d m i n that can perform any
administrative action. You cannot grant or revoke any permissions to a d m i n . You
must assign a password for a d m i n immediately after installation. For more
information about changing the a d m i n password, see When You First Start
tibemsadmin on page 118.
There is also a special group named $ a d m i n for system administrator users. When
a user becomes a member of this group, that user receives the same permissions
as the a d m i n user. You cannot grant or revoke administrator permissions from any
user that is a member of the $ a d m i n group. You should only assign the overall
system administrator(s) to the $ a d m i n group.

TIBCO Enterprise Message Service User’s Guide

250
| Chapter 8 Authentication and Permissions

Granting and Revoking Administration Permissions

You grant and revoke administrator permissions to users using the g r a n t and
r e v o k e commands in t i b e m s a d m i n , or by means of the Java or .NET admin API.
You can either grant global administrator permissions or permissions on specific
destinations. See Global Administrator Permissions on page 251 for a complete
list of global administrator permissions. See Destination-Level Permissions on
page 254 for a description of administrator permissions for destinations.
Global and destination-level permissions are granted and revoked separately
using different administrator commands. See Command Listing on page 120 for
the syntax of the g r a n t and r e v o k e commands.
If a user has both global and destination-level administrator permissions, the
actions that user can perform are determined by combining all global and
destination-level administrator permissions granted to the user. For example, if
an administrator is granted the v i e w - d e s t i n a t i o n permission, that
administrator can view information about all destinations, even if the view
permission is not granted to the administrator for specific destinations.
The a d m i n user or all users in the $ a d m i n group can grant or revoke any
administrator permission to any user. All other users must be granted the
c h a n g e - a d m i n - a c l permission and the v i e w - u s e r and/or the v i e w - g r o u p
permissions before they can grant or revoke administrator permissions to other
users.
If a user has the c h a n g e - a d m i n - a c l permission, that user can only grant or
revoke permissions that have been granted to the user. For example, if user B O B is
not part of the $ a d m i n group and he has only been granted the
c h a n g e - a d m i n - a c l and v i e w - u s e r permissions, B O B cannot grant any
administrator permissions except the v i e w - u s e r or c h a n g e - a d m i n - a c l
permissions to other users.
Users have all administrator permissions that are granted to any group to which
they belong. You can create administrator groups, grant administrator
permissions to those groups, and then add users to each administrator group. The
users will be able to perform any administrative action that is allowed by the
permissions granted to the group to which the user belongs.
Any destination-level permission granted to a user or group for a wildcard
destination is inherited for all child destinations that match the parent
destination.
If protection permissions are set up, administrators can only grant or revoke
permissions to other users that have the same protection permission as the
administrator. See Protection Permissions on page 255 for more information about
protection permissions.

TIBCO Enterprise Message Service User’s Guide

 Administrator Permissions 251
|

Enforcement of Administrator Permissions

An administrator can only perform actions for which the administrator has been
granted permission. Any action that an administrator performs may be limited by
the set of permissions granted to that administrator.
For example, an administrator has been granted the v i e w permission on the
f o o . * destination. This administrator has not been granted the global
v i e w - d e s t i n a t i o n permission. The administrator is only able to view
destinations that match the f o o . * parent destination. If this administrator is
granted the global v i e w - a c l permission, the administrator is only able to view
the access control list for destinations that match the f o o . * parent. Any access
control lists for other destinations are not displayed when the administrator
performs the s h o w a c l t o p i c or s h o w a c l q u e u e commands.
If the administrative user attempts to execute a command without permission, the
user may either receive an error or simply see no output. For example, if the
administrator issues the s h o w a c l q u e u e b a r . f o o command, the administrator
receives a “Not authorized to execute command” error because the administrator
is not authorized to view any destination except those that match f o o . * .

An administrator can always change his/her own password, even if the

administrator is not granted the c h a n g e - u s e r permission.
An administrator can always view his/her own permissions by issuing the:
showacl username
command, even if the administrator is not granted the v i e w - a c l permission.

Global Administrator Permissions

Certain permissions allow administrators to perform global actions, such as
creating users or viewing all queues.
Table 35 describes the global administrator permissions.

Table 35 Global administrator permissions (Sheet 1 of 3)

Permission Allows Administrator To...

all Perform all administrative commands.

view-all View any item that can be administered

(for example, users, groups, topics, and
so on).

TIBCO Enterprise Message Service User’s Guide

252
| Chapter 8 Authentication and Permissions

Table 35 Global administrator permissions (Sheet 2 of 3)

Permission Allows Administrator To...

change-acl Grant and revoke user-level
permissions.

change-admin-acl Grant and revoke administrative

permissions.

change-bridge Create and delete destination bridges.

change-connection Delete connections.

create-destination Create any destination.

modify-destination Modify any destination.

delete-destination Delete any destination.

change-durable Delete durable subscribers.

change-factory Create, delete, and modify factories.

change-group Create, delete, and modify groups.

change-message Delete messages stored in the server.

change-route Create, delete, and modify routes

change-server Modify server parameters.

change-user Create, delete, and modify users.

purge-destination Purge destinations.

purge-durable Purge durable subscribers.

shutdown Shutdown the server.

view-acl View user-level permissions.

view-admin-acl View administrative permissions.

view-connection View connections, producers and

consumers.

view-bridge View destination bridges.

TIBCO Enterprise Message Service User’s Guide

 Administrator Permissions 253
|

Table 35 Global administrator permissions (Sheet 3 of 3)

Permission Allows Administrator To...

view-destination View destination properties and
information.

view-durable View durable subscribers.

To view a durable subscriber, you must
also have v i e w - d e s t i n a t i o n
permission (because information about
a durable subscriber includes
information about the destination to
which it subscribes.)

view-factory View factories.

view-group View all groups.

Granting this permission implicitly
grants v i e w - u s e r as well.

view-message View messages stored in the server.

view-route View routes.

view-server View server configuration and

information.

view-user View any user.

Any type of modification to an item requires that the user can view that item.
Therefore, granting any create, modify, delete, change, or purge permission
implicitly grants the permission to view the associated item.
Granting the view permissions is useful when you want specific users to only be
able to view items. It is not necessary to grant the view permission if a user
already has a permission that allows the user to modify the item.

Global permissions are stored in the a c l . c o n f file, along with all other
permissions. Global permissions in this file have the following syntax:
A D M I N U S E R = < username> P E R M = < permission>

or
A D M I N G R O U P = < groupname> P E R M = < permission>

TIBCO Enterprise Message Service User’s Guide

254
| Chapter 8 Authentication and Permissions

For example, if a user named B O B is granted the v i e w - u s e r global administration

permission and the group s y s - a d m i n s is granted the c h a n g e - a c l permission, the
following entries are added to the a c l . c o n f file:
ADMIN USER=BOB PERM=view-user
ADMIN GROUP=sys-admins PERM=change-acl

Destination-Level Permissions
Administrators can be granted permissions on each destination. Destination-level
permissions control the administration functions a user can perform on a specific
destination. Global permissions granted to a user override any destination-level
permissions.
The typical use of destination-level administration permissions is to specify
permissions on wildcard destinations for different groups of users. This allows
you to specify particular destinations over which a group of users has
administrative control. For example, you may allow one group to control all
A C C O U N T I N G . * topics, and another group to control all P A Y R O L L . * queues.

Table 36 describes the destination-level administration permissions.

Table 36 Destination-level administration permissions

Permission Allows Administrator To...

view View information for this destination.

create Create the specified destination. This permission is useful

when used with wildcard destination names. This allows the
user to create any destination that matches the specified
parent.

delete Delete this destination.

modify Change the properties for this destination.

purge Either purge this queue, if the destination is a queue, or

purge the durable subscribers, if the destination is a topic
with durable subscriptions.

TIBCO Enterprise Message Service User’s Guide

 Administrator Permissions 255
|

Any type of modification to an item requires that the user can view that item.
Therefore, granting create, modify, delete, change, or purge implicitly grants the
permission to view the associated item.
Granting the view permissions is useful when you want specific users to only be
able to view items. It is not necessary to grant the view permission if a user
already has a permission that allows the user to modify the item.

Administration permissions for a destination are stored alongside all other

permissions for the destination in the a c l . c o n f file. For example, if user B O B has
publish and subscribe permissions on topic f o o , and then B O B is granted view
permission, the acl listing would look like the following:
TOPIC=foo USER=BOB PERM=publish,subscribe,view

Both user and administrator permissions for a destination are stored in the same
entry in the a c l . c o n f file. This is for convenience rather than for clarity. User
permissions specify the actions a client application can perform on a destination
(publish, subscribe, send, receive, and so on). Administrator permissions specify
what administrative commands the user can perform on the destination when
using the administration tool or API.

Protection Permissions
Protection permissions allow you to group users into administrative domains so
that administrators can only perform actions within their domain. An
administrator can only perform administrative operations on a user that has the
same protection permission as the user. There are four protection permissions
(p r o t e c t 1 , p r o t e c t 2 , p r o t e c t 3 , and p r o t e c t 4 ) that allow you to create four
groups of administrators. Protection permissions do not apply to the a d m i n user
or users in the $ a d m i n group — these users can perform any action on any user
regardless of protection permissions.
To use protection permissions, grant one of the protection permissions to a set of
users (either individually, or to a defined group(s)). Then, grant the same
protection permission to the administrator that can perform actions on those
users.
For example, there are four departments in a company: sales, finance,
manufacturing, and system administrators. Each of these departments has a
defined group and a set of users assigned to the group. Within the system
administrators, there is one manager and three other administrators, each

TIBCO Enterprise Message Service User’s Guide

256
| Chapter 8 Authentication and Permissions

responsible for administering the resources of the other departments. The

manager of the system administrators can perform any administrator action. Each
of the other system administrators can only perform actions on members of the
groups for which they are responsible.
The user name of the manager is m g r, the user names of the other system
administrators are a d m i n 1 , a d m i n 2 , and a d m i n 3 . The following commands
illustrate the grants necessary for creating the example administration structure.
add member $admin mgr
grant admin sales protect1
grant admin admin1 protect1,all
grant admin manufacturing protect2
grant admin admin2 protect2,all
grant admin finance protect3
grant admin admin3 protect3,all

You can grant a protection permission, in addition to the a l l permission. This

signifies that the user has all administrator privileges for anyone who also has the
same protection permission. However, if you revoke the a l l permission from a
user, all permissions, including any protection permissions are removed from the
access control list for the user.

An administrator is able to view users that have a different protection permission

set, but the administrator can only perform actions on users with the same
protection permission.
For example, a d m i n 1 can perform any action on any user in the s a l e s group, and
can view any users in the m a n u f a c t u r i n g or f i n a n c e groups. However, a d m i n 1
is not able to grant permissions, change passwords, delete users from, or perform
any other administrative action on users of the m a n u f a c t u r i n g or f i n a n c e
groups. The m g r user is able to perform any action on any user, regardless of their
protection permission because m g r is a member of the $ a d m i n group.

TIBCO Enterprise Message Service User’s Guide

 Enabling Access Control 257
|

Enabling Access Control

Administrators can enable or disable access control for the server. Administrators
can also enable and disable permission checking for specific destinations.

Server Control
The property in the main configuration file enables or disables the checking of
permissions for all destinations managed by the server. The a u t h o r i z a t i o n
property also enables or disables verification of user names and passwords.

The default setting is d i s a b l e d . For secure deployments, the administrator must

explicitly set a u t h o r i z a t i o n to e n a b l e d .

When a u t h o r i z a t i o n is d i s a b l e d , the server grants any connection request, and

does not check permissions when a client accesses a destination (for example,
publishing a message to a topic).
When a u t h o r i z a t i o n is enabled, the server grants connections only from valid
authenticated users. The server checks permissions for client operations involving
secure destinations.
To enable a u t h o r i z a t i o n , either edit t i b e m s d . c o n f (set the a u t h o r i z a t i o n
property to e n a b l e d , and restart the server). Or you can use the t i b e m s a d m i n tool
to dynamically enable authorization with the following s e t s e r v e r command:
set server authorization=enabled

Authorization does affect connections between fault-tolerant server pairs; see

Authorization and Fault-Tolerant Servers on page 475.
Administrators must always log in with the correct administration username and
password to perform any administrative function—even when a u t h o r i z a t i o n is
disabled.

TIBCO Enterprise Message Service User’s Guide

258
| Chapter 8 Authentication and Permissions

Destination Control
When server a u t h o r i z a t i o n is enabled, the server checks user names and
password of all connections without exceptions. However, operations on
destinations, such as sending a message or receiving a message, are not verified
unless the destination has enabled the s e c u r e property on the destination. All
operations by applications on the destination with s e c u r e enabled are verified by
the server according to the permissions listed in a c l . c o n f . Destinations with
s e c u r e disabled continue to operate without any restrictions.

The s e c u r e property is independent of SSL-level security. The s e c u r e property

controls only basic authentication and permission verification. It does not affect
the security of communication between clients and server.

When a destination does not have the s e c u r e property set, any authenticated
user can perform any actions on that topic or queue.
See Destination Properties on page 55 for more information about destination
properties.

TIBCO Enterprise Message Service User’s Guide

 Users and Groups 259
|

Users and Groups

User permissions apply to the activities a user can perform on each destination
(topic and queue). Using permissions you can control which users have
permission to send, receive, or browse messages for queues. You can also control
who can publish or subscribe to topics, or who can create durable subscriptions to
topics. Permissions are stored in the access control list for the server.
Groups allow you to create classes of users and control permissions on a more
global level. Rather than granting and revoking permissions on destinations to
individual users, you can control destination access at the group level. Users
inherit any permissions from each of the groups they belong to, in addition to any
permissions that are granted to them directly.
Figure 15 illustrates the relationships between users, groups and permissions.

Figure 15 Users, groups, and permissions

Access Control List

Groups
accounting: topic=check.request
chris user=chris
pat perm=publish,subscribe
ryan
topic=purchase.order Destinations
group=accounting
Users perm=publish,subscribe Topics:
check.request
chris topic=all.news purchase.order
pat group=employees
ryan perm=subscribe

External Directory

Users Groups
Employees:
gale
gale
jean
jean
perry
perry

TIBCO Enterprise Message Service User’s Guide

260
| Chapter 8 Authentication and Permissions

Externally-configured users and groups are defined and managed using the
external directory. Locally-configured users and groups, as well as the access
control list, are configured using any of the administration interfaces (editing
configuration files, using the administration tool, or the administration APIs).

Access control and Secure Sockets Layer (SSL) have some similar characteristics.
SSL allows for servers to require user authentication by way of the user’s digital
certificate. SSL does not, however, specify any access control at the destination
level. SSL and the access control features described in this chapter can be used
together or separately to ensure secure access to your system. See Chapter 18,
Using the SSL Protocol, on page 441 for more information about SSL.

The following sections describe users and groups in EMS.

Users
Users are specific, named IDs that allow you to identify yourself to the server.
When a client logs in, the connect request should be accompanied by a username
and the password associated with the username.

In special cases, you may wish to allow anonymous access to the server. In this
case, a connect request does not have to supply a username or password. To
configure the server to allow anonymous logins, you must create a user named
a n o n y m o u s and specify no password. Anonymous logins are not permitted unless
the anonymous user exists.
Clients logging in anonymously are only able to perform the actions that the
a n o n y m o u s user has permission to perform.

There is one predefined user, a d m i n , that performs administrative tasks, such as

creating other users.
You can create and remove users and change passwords by specifying the users in
the u s e r s . c o n f configuration file, using the t i b e m s a d m i n tool, or by using the
administration APIs. For more information about specifying users in the
configuration file, see u s e r s . c o n f on page 245. For more information about
specifying users using the t i b e m s a d m i n tool, see Chapter 6, Using the EMS
Administration Tool, on page 115. For more information on the administration
APIs, see the online documentation.

TIBCO Enterprise Message Service User’s Guide

 Users and Groups 261
|

Groups
Groups allow you to create classes of users. Groups make access control
administration significantly simpler because you can grant and revoke
permissions to large numbers of users with a single operation on the group. Each
user can belong to as many groups as necessary. A user’s permissions are the
union of the permissions of the groups the user belongs to, in addition to any
permissions granted to the user directly.
You can create, remove, or add users to groups by specifying the groups in
g r o u p s . c o n f , using the t i b e m s a d m i n tool, or by using the administration APIs.
For more information about specifying groups in the configuration file, see
g r o u p s . c o n f on page 233. For more information about specifying groups using
the t i b e m s a d m i n tool, see Chapter 6, Using the EMS Administration Tool, on
page 115. For more information on the administration APIs, see the online
documentation.

Configuring an External Directory

You can define user authentication and group information either in EMS server
configuration files, or in an external directory (such as an LDAP server).

External User Authentication

EMS can be configured to authenticate users stored in an external directory
server, such as an LDAP server.
The parameter u s e r _ a u t h in t i b e m s d . c o n f guides the EMS server when
authenticating users. When a user attempts to authenticate to the EMS server, this
parameter specifies the source of authentication information. This parameter can
have one or more of the following values (separated by comma characters):
• l o c a l —obtain user authentication information from the local EMS server
user configuration.
• l d a p —obtain user authentication information from an LDAP directory server
(see the LDAP-specific configuration parameters).
• j a a s —obtain user authentication information from a custom authentication
module (see Extensible Authentication on page 274).
Each time a user attempts to authenticate, the server seeks corresponding
authentication information from each of the specified locations in the order that
this parameter specifies. The EMS server accepts successful authentication using
any of the specified sources.

TIBCO Enterprise Message Service User’s Guide

262
| Chapter 8 Authentication and Permissions

Group Information
Group information stored in an external directory can also be retrieved by the
EMS server. Static and dynamic groups are supported and you can configure the
EMS server to retrieve either or both.

Administration Commands and External Users and Groups

You can perform administrative commands on users and groups defined either
locally (in the EMS server’s local configuration files) or in an external LDAP.
Furthermore, you can combine users and groups that are defined in different
locations (for example, you can grant and revoke permissions for users and
groups defined in an LDAP, or add LDAP-defined users to locally-defined
groups).

Combining authentication sources requires that the configuration parameter

u s e r _ a u t h includes both l d a p and l o c a l .

When you attempt to view users and groups using the s h o w u s e r / s or s h o w

g r o u p / s commands, any users and groups that exist in external directories have
an asterisk next to their names. Users and groups from external directories will
only appear in the output of these commands in the following situations:
• an externally-defined user successfully authenticates
• a user belonging to an externally-defined group successfully authenticates
• an externally-defined user has been added to a locally-defined group
• permissions on a topic or queue have been granted to an externally-defined
user or group
Therefore, not all users and groups defined in the external directory may appear
when the s h o w u s e r / s or s h o w g r o u p / s commands are executed. Only the users
and groups that meet the above criteria at the time the command is issued will
appear.
You can create users and groups with the same names as externally-defined users
and groups. If a user or group exists in the server’s configuration and is also
defined externally, the local definition of the user takes precedence.
Locally-defined users and groups will not have an asterisk by their names in the
s h o w u s e r / s or s h o w g r o u p / s commands.

You can also issue the d e l e t e u s e r or d e l e t e g r o u p command to delete users

and groups from the local server’s configuration. The permissions assigned to the
user or group are also deleted when the user or group is deleted. If you delete a
user or group that is defined externally, this deletes the user or group from the
server’s memory and deletes any permissions assigned in the access control list,

TIBCO Enterprise Message Service User’s Guide

 Users and Groups 263
|

but it has no effect on the external directory. The externally-defined user can once
again log in, and the user is created in the server’s memory and any groups to
which the user belongs are also created. However, any permissions for the user or
group have been deleted and therefore must be re-granted.

Using LDAP Directory Servers

EMS has been tested with the following external directory servers:
• Netscape/SunOne iPlanet Directory Server version 5.1
• Microsoft Active Directory shipped as part of the Windows 2000 Server
However, you should be able to use any external directory server that is
compliant with LDAP V2.
The description for t i b e m s d . c o n f on page 173 provides the complete list of
configuration parameters for configuring an external directory server. Table 37
describes parameter settings for default configurations of popular LDAP servers.

Table 37 Default configuration for popular LDAP servers (Sheet 1 of 2)

External
Directory Server Parameter Configuration

iPlanet ldap_principal = cn=Directory Manager

ldap_user_class = Person
ldap_user_attribute = uid
ldap_user_base_dn = ou=people,
o = < your_organization>
ldap_user_filter =
(&(uid=%s)(objectclass=person))

ldap_group_base_dn = "ou=groups,
o = < your_organization>
ldap_group_filter =
(|(&(cn=%s)(objectclass=groupofUniqueNames))(&
(cn=%s)(objectclass=groupOfURLs)))
ldap_static_group_class = groupofuniquenames
ldap_static_group_attribute = cn
ldap_static_member_attribute = uniquemember
ldap_dynamic_group_class = groupofURLs
ldap_static_group_member_filter =
(&(uniquemember=%s)(objectclass=groupofuniquen
ames))
ldap_dynamic_group_class = groupofURLs
ldap_dynamic_group_attribute = cn
ldap_dynamic_member_url_attribute = memberURL

TIBCO Enterprise Message Service User’s Guide

264
| Chapter 8 Authentication and Permissions

Table 37 Default configuration for popular LDAP servers (Sheet 2 of 2)

External
Directory Server Parameter Configuration

Active Directory ldap_principal = CN=Administrator, CN=Users,

D C = < your_domain>

ldap_user_class = user
ldap_user_attribute = cn
ldap_user_filter = (&(cn=%s)(objectclass=user))

ldap_group_filter =
(&(cn=%s)(objectclass=group))
ldap_static_group_class = group
ldap_static_group_attribute = cn
ldap_static_member_attribute = member
ldap_static_group_member_filter =
(&(member=%s)(objectclass=group))

Open LDAP ldap_user_class = person

ldap_user_attribute = cn
ldap_user_base_dn = ou=people,
d c = < your_domain_component> , d c = < your_domain_component>
ldap_user_filter = (&(cn=%s)(objectclass=user))

ldap_group_base_dn = ou=groups,
d c = < your_domain_component> , d c = < your_domain_component>
ldap_group_filter =
(&(cn=%s)(objectclass=groupofnames))
ldap_static_group_class = groupofnames
ldap_static_group_attribute = cn
ldap_static_member_attribute = member
ldap_static_group_member_filter =
(&(member=%s)(objectclass=groupofnames))

Novell ldap_user_class = person

ldap_user_attribute = cn
ldap_user_base_dn = ou=people,
o = < your_organization>
ldap_user_filter =
(&(cn=%s)(objectclass=person))
ldap_group_base_dn = ou=groups,
o = < your_organization>
ldap_group_filter =
(&(cn=%s)(objectclass=groupofnames))
ldap_static_group_class = grouponames
ldap_static_group_attribute = cn
ldap_static_member_attribute = uniquemember
ldap_static_group_member_filter =
(&(uniquemember=%s)(objectclass=groupofnames))

TIBCO Enterprise Message Service User’s Guide

 User Permissions 265
|

User Permissions

User permissions are stored in the access control list and determine the actions a
user can perform on a destination. A user’s permissions are the union of the
permissions granted explicitly to that user along with any permissions the user
receives by belonging to a group.
When granting user permissions, you specify the user or group to whom you
wish to grant the permission, the name of the destination, and the permission(s)
to grant. Granting permissions is an action that is independent from both the
a u t h o r i z a t i o n server parameter, and the s e c u r e property of the relevant
destinations. The currently granted permissions are stored in the access control
file, however, the server enforces them only if the a u t h o r i z a t i o n is enabled, and
only for secure destinations.

When setting permissions for users and groups defined externally, user and
group names are case-sensitive. Make sure you use the correct case for the name
when setting the permissions.

User permissions can only be granted by an administrator with the appropriate

permissions described in Administrator Permissions on page 249.
You assign permissions either by specifying them in the a c l . c o n f file, using the
tibemsadmin tool, or by using the administration APIs. When setting user
permissions, you can specify either explicit destination names or wildcard
destination names. See Inheritance of User Permissions on page 266 for more
information on wildcard destination names and permissions.
The permissions that can be granted to users to access queues are listed in
Table 38; the permissions to access topics are listed in Table 39 on page 266.

Table 38 Queue Permission

Name Description
receive permission to create queue receivers

send permission to create queue senders

browse permission to create queue browsers

TIBCO Enterprise Message Service User’s Guide

266
| Chapter 8 Authentication and Permissions

Table 39 Topic Permission

Name Description
subscribe permission to create non-durable subscribers on the topic

publish permission to publish on the topic

durable permission to create, delete, or modify durable subscribers

on the topic

use_durable permission to use an existing durable subscriber on the topic,

but not to create, delete, or modify the durable subscriber

Example of Setting User Permissions

The user b o b has the following permission recorded in the a c l . c o n f file:
USER=bob TOPIC=foo PERM=subscribe,publish

This set of permissions means that b o b can subscribe to topic f o o and publish
messages to it, but b o b cannot create durable subscribers to f o o .
If b o b is a member of group e n g i n e e r i n g and the group has the following entry
in the acl file:
GROUP=engineering TOPIC=bar PERM=subscribe,publish

then b o b can publish and subscribe to topics f o o and b a r.

If both the user b o b and the group e n g i n e e r i n g have entries in the a c l . c o n f file,
then b o b has permissions that are a union of all permissions set for b o b directly
and the permissions of the group e n g i n e e r i n g .

Inheritance of User Permissions

When you grant permissions to users for topics or queues with wildcard
specifications, all created topics and queues that match the specification will have
the same granted permissions as the permissions on the parent topic. If there are
multiple parent topics, the user receives the union of all parent topic permissions
for any child topic. You can add permissions to a user for topics or queues that
match a wildcard specification, but you cannot remove permissions.
For example, you can grant user Bob the b r o w s e permission on queue f o o . * . The
user Bob receives the b r o w s e permission on the f o o . b a r queue, and you can also
grant Bob the s e n d permission on the f o o . b a r queue. However, you cannot take
away the inherited b r o w s e permission from Bob on the f o o . b a r queue.

TIBCO Enterprise Message Service User’s Guide

 User Permissions 267
|

See Wildcards on page 74 for more information about wildcards in destination

names.

Revoking User Permissions

Administrators can revoke permissions for users to create consumers on a
destination. Without permission, the user cannot create new consumers for a
destination—however, existing consumers of the destination continue to receive
messages.
You can only revoke a permission that is granted directly. That is, you cannot
revoke a permission from a user that the user receives from a group. Also, you
cannot revoke a permission that is inherited from a parent topic. The r e v o k e
command in t i b e m s a d m i n can only remove items from specific entries in the
a c l . c o n f file. The revoke command cannot remove items that are inherited from
other entries.
You can revoke permissions in several ways:
• Remove or edit entries in the a c l . c o n f file.
• Use the r e v o k e commands in t i b e m s a d m i n ; see page 133.
• Use the administration APIs.

TIBCO Enterprise Message Service User’s Guide

268
| Chapter 8 Authentication and Permissions

When Permissions Are Checked

If permissions are enforced (that is, the a u t h o r i z a t i o n configuration property is

set, and the s e c u r e property is set for the destination), the server checks them
when a user attempts to perform an operation on a destination. For example,
create a subscription to a topic, send a message to a queue, and so on. Since
permissions can be granted or revoked dynamically, the server checks them each
time an operation is performed on a destination (and each time a consumer or
producer is created).
For specific (non-wildcard) destination names, permissions are checked when a
user performs one of the following actions:
• creates a subscription to a topic
• attempts to become a consumer for a queue
• publishes or sends a message to a topic or queue
• attempts to create queue browser
A user cannot create or send a message to a destination for which he or she has
not explicitly been granted the appropriate permission. So, before creating or
sending messages to the destination, a user must be granted permissions on the
destination.
However, for wildcard topic names (queue consumers cannot specify wildcards),
permissions are not checked when users create non-durable subscriptions.
Therefore, a user can create a subscription to topic f o o . * without having explicit
permission to create subscriptions to f o o . * or any child topics. This allows
administrators to grant users the desired permissions after the user’s application
creates the subscriptions. You may wish to allow users to subscribe to unspecific
wildcard topics, then grant permission to specific topics at a later time. Users are
not able to receive messages based on their wildcard subscriptions until
permissions for the wildcard topic or one or more child topics are granted.

When creating a durable subscriber, users must have the d u r a b l e permission

explicitly set for the topic they are subscribing to. For example, to create a durable
subscriber to topic f o o . * , the user must have been granted the d u r a b l e
permission to create durable subscriptions for topic f o o . * . To subscribe an
existing durable subscriber to a topic, you must have either d u r a b l e or
u s e _ d u r a b l e permission set on that topic.

TIBCO Enterprise Message Service User’s Guide

 When Permissions Are Checked 269
|

Example of Permission Checking

This example walks through a scenario for granting and revoking permissions to
a user, and describes what happens as various operations are performed.
1. User b o b is working with a EMS application that subscribes to topics and
displays any messages sent to those topics.
2. User b o b creates a subscription to u s e r . * . This topic is the parent topic of
each user. Messages are periodically sent to each user (for example, messages
are sent to the topic u s e r . b o b ). Because the same application is used by many
users, the application creates a subscription to the parent topic.
3. User b o b creates a subscription to topic c o r p . n e w s . This operation fails
because bob has not been granted access to that topic yet.
4. A message is sent to the topic u s e r . b o b , but the application does not receive
the message because b o b has not been granted access to the topic yet.
5. The administrator, as part of the daily maintenance for the application, grants
access to topics for new users. The administrator grants the subscribe
permission to topic u s e r . b o b and c o r p . * to user b o b . These grants occur
dynamically, and user b o b is now able to receive messages sent to topic
u s e r . b o b and can subscribe to topic c o r p . n e w s .

6. The administrator sends a message on the topic u s e r . b o b to notify b o b that

access has been granted to all c o r p . * topics.
7. The application receives the new message on topic u s e r . b o b and displays the
message.
8. User b o b attempts to create a subscription for topic c o r p . n e w s and succeeds.
9. A message is sent to topic c o r p . n e w s . User b o b ’s application receives this
message and displays it.
10. The administrator notices that b o b is a contractor and not an employee, so the
administrator revokes the subscribe permission on topic c o r p . * to user b o b .
The subscription to c o r p . n e w s still exists for user b o b ’s application, but b o b
cannot create any new subscriptions to children of the c o r p . * topic.

TIBCO Enterprise Message Service User’s Guide

270
| Chapter 8 Authentication and Permissions

TIBCO Enterprise Message Service User’s Guide

 | 271

Chapter 9 Extensible Security

This chapter outlines how to develop and implement custom authentication and
permissions modules.

Topics

• Overview of Extensible Security, page 272

• Extensible Authentication, page 274
• Extensible Permissions, page 277
• The JVM in the EMS Server, page 284

TIBCO Enterprise Message Service User’s Guide

272
| Chapter 9 Extensible Security

Overview of Extensible Security

The extensible security feature allows you to use your own authentication and
permissions systems, in addition to the default LDAP server included in EMS, to
authenticate users and authorize them to perform actions such as publish and
subscribe operations. Developing custom applications to grant authentication and
permissions gives you more flexibility in architecting your system.

How Extensible Extensible security works by allowing you to write your own authentication and
Security Works permissions modules, which run in a Java virtual machine (JVM) in the EMS
server. The modules connect to the server using the Java Authentication and
Authorization Service (JAAS) for authentication modules, and the Java Access
Control Interface (JACI) for permissions modules.
If the extensible security features are enabled when the EMS server starts, the
server checks each user as it connects for authentication, and checks user
permissions when they attempt to perform actions that require authorization.
Permission results are cached in the server for specified timeouts, and the
permissions module is re-invoked when a cached permission expires. The server
then replaces the old permission data with new data.
Extensible authentication and extensible permissions are enabled in the
t i b e m s d . c o n f configuration file. Extensible security modules can connect to
external security services, such as single sign on (SSO) servers or LDAP
directories, which operate outside of the TIBCO Enterprise Message Service
framework. Extensible security modules can work in tandem with other
authorization and permissions methods, such as LDAP or the EMS a c l . c o n f
configuration file. Figure 16 on page 273 shows the different security methods
available in the server.

TIBCO Enterprise Message Service User’s Guide

 Overview of Extensible Security 273
|

Figure 16 Methods for authenticating users and checking permissions

EMS Server

Local Configuration Files

users.conf acl.conf

External User Authentication

LDAP from an LDAP directory server

JVM

External Security JAAS JACI External Security

Services LoginModule Authorization Services
Module

TIBCO Enterprise Message Service User’s Guide

274
| Chapter 9 Extensible Security

Extensible Authentication

The extensible authentication feature uses the Java virtual machine (JVM) and the
Java Authentication and Authorization Service (JAAS) to allow you to run your
own Java-based authentication module in the EMS server.
Your authentication module, or LoginModule, runs in the JVM within the EMS
server, and is accessed by t i b e m s d using the JAAS interface. This is a flexible way
to extend the security of your EMS application. The LoginModule can be used to
augment existing authentication processes, or can be the sole method of
authentication used by the EMS server. The u s e r _ a u t h parameter in the main
configuration file determines when the LoginModule is used.
Each time an EMS client attempts to create a connection to the server, the server
will authenticate the client before accepting the connection. When extensible
authentication is enabled, t i b e m s d passes the username and password to the
LoginModule, which returns an allow or deny response.
If more than one authentication mechanism is enabled, it’s important to note the
order that the authentication processes are employed, as determined by their
order in the u s e r _ a u t h parameter. The server will search each authentication
source in order, and if the user does not exist there, t i b e m s d passes the username
and password to the next source.
For example, if local authentication appears before JAAS authentication, the
server will search for the provided username and password first in the
u s e r s . c o n f file. If the user does not exist there, t i b e m s d passes the username
and password to the LoginModule, which allows or denies the connection
attempt.
Consider a connection request from a client with the username a v o g u s . If a v o g u s
exists in the u s e r s . c o n f , the EMS server will either authenticate or deny access to
a v o g u s based on the username and password located there. Only if a v o g u s does
not exist in the u s e r s . c o n f does the server pass the username and password to
the LoginModule.

Enabling Extensible Authentication

Extensible authentication is enabled in the EMS server, through parameters in the
t i b e m s d . c o n f configuration file. The required parameters are:

• a u t h o r i z a t i o n —directs the server to verify user credentials and permissions

on secure destinations.
• u s e r _ a u t h —directs the EMS server to use the LoginModule for
authentication.

TIBCO Enterprise Message Service User’s Guide

 Extensible Authentication 275
|

• j a a s _ c l a s s p a t h —specifies the JAR files and dependent classes used by the

LoginModule.
• j a a s _ c o n f i g _ f i l e —specifies the configuration file, usually j a a s . c o n f , that
loads the LoginModule. For more information, see the Example jaas.conf
Configuration File on page 276.
Because the LoginModule runs in the Java virtual machine, you must also enable
the JVM in the EMS server. See Enabling the JVM on page 284 for more
information.

Writing an Authentication Module

The LoginModule is a custom module that runs inside the EMS server within a
JVM. The LoginModule is written using JAAS, a set of APIs provided by Sun
Microsystems, and used to create plugable Java applications. JAAS provides the
interface between your code and the EMS server. JAAS is a standard part of JRE,
and is installed with EMS.

LoginModule In order to implement extensible authentication, you must write a LoginModule

Requirements implementing the JAAS interface. There are some requirements for a
LoginModule that will run in the EMS server:
• The LoginModule must accept the username and password from the EMS
server by way of the N a m e C a l l b a c k and P a s s w o r d C a l l b a c k callbacks. The
EMS server passes the username and password to the LoginModule using
these callbacks, ignoring the p r o m p t argument.
• If the username and password combination is invalid, the LoginModule must
throw a F a i l e d L o g i n E x c e p t i o n . The EMS server then rejects the
corresponding connection attempt.
• The LoginModule must be thread-safe. That is, the LoginModule must be able
to function both in a multi-threaded environment and in a single-threaded
environment.
• The LoginModule should perform authentication only, by determining
whether a username and password combination is valid. For information
about custom permissions, see Extensible Permissions on page 277.
• The LoginModule, like the Permissions Module, should not perform long
operations, and should return values quickly. As these modules become part
of the EMS server’s message handling process, slow operations can have a
severe effect on performance.
• The LoginModule must be named E M S U s e r A u t h e n t i c a t i o n .
More information about JAAS, including documentation of JAAS classes and
interfaces, is available through http://java.sun.com/products/jaas/.

TIBCO Enterprise Message Service User’s Guide

276
| Chapter 9 Extensible Security

Loading the The EMS server locates and loads the LoginModule based on the contents of the
LoginModule in configuration file specified by the j a a s _ c o n f i g _ f i l e parameter in the
the EMS Server t i b e m s d . c o n f file. Usually, the JAAS configuration file is named j a a s . c o n f . This
file contains the configuration information used to invoke the LoginModule.
The contents of the j a a s . c o n f file should follow the JAAS configuration syntax,
as documented at:
http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html

The LoginModule in the JAAS configuration file must have the name
EMSUserAuthentication.

Example jaas.conf Configuration File

EMSUserAuthentication {
com.tibco.tibems.tibemsd.security.example.FlatFileUserAuthLoginMod
ule required debug=true filename=jaas_users.txt;
};

TIBCO Enterprise Message Service User’s Guide

 Extensible Permissions 277
|

Extensible Permissions

The extensible permissions feature uses the Java virtual machine (JVM) and the
Java Access Control Interface (JACI) to allow you to run your own Java-based
permissions module in the EMS server.
Your Permissions Module runs in the JVM within the EMS server, and connects to
t i b e m s d using the JACI interface. Like the LoginModule, the Permissions Module
provides an extra layer of security to your EMS application. It does not supersede
standard EMS procedures for granting permissions. Instead, the module
augments the existing process.
When a user attempts to perform an action, such as subscribing to a topic or
publishing a message, the EMS server checks the a c l . c o n f file, the Permissions
Module, and cached results from previous Permissions Module queries, for
authorization. This process is described in detail in How Permissions are Granted
on page 278.

Cached Permissions
In order to speed the authorization process, the EMS server caches responses
received from the Permissions Module in two pools, the allow cache and the deny
cache. Before invoking the Permissions Module, the server first checks these
caches for a cache entry matching the user’s request.

What is Cached Each cache entry consists of a username and action, and the authorization result
response from the Permissions Module:
• The username is specific; the cached permission applies only to this user.
• The action is also specific. Only one action is included in each cache entry.
Actions that require authorization are the same as those listed in the a c l . c o n f
file.
• The destination can include wildcards. That is, a single cache entry can
determine the user’s authorization to perform the action on multiple
destinations.
If the response from the Permissions Module authorized the action, the
permission is cached in the allow cache. If the action was denied, it is cached in
the deny cache.

TIBCO Enterprise Message Service User’s Guide

278
| Chapter 9 Extensible Security

How Long Permissions Module results also include timeouts, which determine how long the
Permissions are cache entry is kept in the cache before it expires. When a timeout has expired, the
Cached entry is removed from the cache. Because these timeouts are assigned by the
Permissions Module, you can control how often the Permissions Module is called,
and therefore how much load it puts on the EMS server.

Long timeouts on permissions cache entries can increase performance, but they
also lower the system’s responsiveness to changes in permissions. Consider
timeout lengths carefully when writing your Permissions Module.

Administering the You can view and reset cache statistics, as well as clear all cache entries. These
Cache commands are available in the administration tool:
• jaci showstats on page 131
• jaci resetstats on page 131
• jaci clear on page 131

How Permissions are Granted

When an EMS client attempts to perform an action that requires permissions, the
EMS server looks in each of the following locations in turn:
1. First, the server checks the a c l . c o n f for authorization. This is the standard
EMS mechanism for granting permissions, as is documented in Chapter 8,
Authentication and Permissions, on page 247.
2. Next, the server checks the Permissions Module allow cache for authorization.
If an entry matching the username, action, and destination exists in the cache,
the request is allowed.
Because destinations with wildcards can exist in the cache, an entry can have a
wildcard destination that contains the requested destination. If that entry
specifies the same username and action, the request is allowed. For more
information on this topic, see Implications of Wildcards on Permissions below.
3. The server then checks the deny cache for a matching entry. If an entry exists
in the deny cache, the request is denied.
As in the allow cache, wildcards used in destinations can result in a cache
entry with a destination that contains the requested destination. If that entry
matches the username and action, the request is denied. For more information
on this topic, see Implications of Wildcards on Permissions below.
4. Finally, if there are no matching entries in either cache, the server passes the
username, action type, and destination to the Permissions Module, which
returns an allow or deny authorization response. The response is also saved to
the cache for the timeout specified in the response.

TIBCO Enterprise Message Service User’s Guide

 Extensible Permissions 279
|

If the Permissions Module does not respond to the request within the timeout
specified by the j a c i _ t i m e o u t parameter in the tibemsd.conf file, the server
denies authorization by default.
Actions that require permissions are the same as those listed in the a c l . c o n f file,
and include operations such as subscribe to a topic and publishing to a queue.
Permissions are described in a c l . c o n f on page 222. Figure 17 shows the decision
tree the server follows when granting or denying permissions.

Figure 17 The Permissions Decision Tree

Yes Authorized in the acl.conf file?

No

Matched in the allow cache?

Yes

No

Matched in the deny cache? Yes

No

Allow Ask the AuthorizationModule Deny

Allow Timeout Deny

reached

In general, permissions are checked when a client initiates an operation. In the

case of a browsing request, it’s useful to note that the server reviews permissions
only at certain points during the browsing operation.
The server checks for browsing permission when a client starts to browse a queue
and whenever the client needs to refresh its list of browse-able messages. The
client receives the list of messages from the server when it first begins browsing.
The server refreshes the list and rechecks permissions whenever the client
browses to the end of the current list.

TIBCO Enterprise Message Service User’s Guide

280
| Chapter 9 Extensible Security

Durable When a durable subscriber is disconnected from the EMS server, the server
Subscribers continues to accumulate messages for the client. However, while the client is
disconnected, there is no user associated with the durable subscriber. Because of
this, the server cannot immediately check permissions for a message that is
received when the client is not connected.
When a user later reconnects to the server and resubscribes to the durable
subscription, the server checks permissions for the subscribe operation itself, but
all messages in the backlog are delivered to the consumer without additional
permission checks.

Special There are some special circumstances under which the request, although it is not
Circumstances exactly matched in the a c l . c o n f file, will be denied without reference to either
the permissions cache or the Permissions Module. Any request will be denied if,
in the a c l . c o n f
• The username exists but is not associated with any destinations.
• The username exists and is associated with destinations, but not with the
specific destination in the request.
• The username is part of a group, but the group is not associated with any
destinations.
• The username is part of a group and the group is associated with destinations,
but not with the specific destination in the request.
In general entries in the a c l . c o n f file supersede entries in the Permissions
Module, allowing you to optimize permission checks in well-defined static cases.
When the a c l . c o n f does not mention the user, the Permissions Module is fully
responsible for permissions.

Implications of Wildcards on Permissions

A permission result from the Permissions Module can allow or deny the user
authorization to perform the action on a range of destinations by including
wildcards in the destination name. For example, even though the application
attempts to have user m w a l t o n publish on topic f o o . b a r . 1 , the Permissions
Module can grant permission to user m w a l t o n to publish messages to the topic
f o o . b a r . * . For as long as this authorization is cached, m w a l t o n can also publish
to the topics f o o . b a r . b a z and f o o . b a r . b o o , because f o o . b a r . * contains both
those topics.
As long as a permission to perform an action on a destination is cached in the
allow cache, the user will be authorized to perform that action, even if the
permission is revoked in the external system used by the Permissions Module.
This permission also extends to any destination contained by the authorized
destination through the use of wildcards. The EMS server checks the allow cache

TIBCO Enterprise Message Service User’s Guide

 Extensible Permissions 281
|

for permissions before checking the deny cache and before sending an uncached
permission request to the Permissions Module. In other words, the authorization
status cannot be changed until the timeout on the cache entry expires and it is
removed from the cache.
Similarly, an entry in the deny cache remains there until the timeout has expired
and the entry is removed. Only then does the EMS server send the request to the
Permissions Module, so that a change in status can take effect.
Overlapping wildcards can make this situation even more complex. For example,
consider these three destinations:
foo.*.baz
foo.bar.*
foo.>

It might seem that, if f o o . * . b a z were in a cache, then f o o . b a r . * would match it

and permissions for that destination would come from the cache. In fact, however,
permissions could not be determined by the cache entry, because f o o . b a r . *
intersects but is not a subset of f o o . * . b a z . That is, not every destination that
matches f o o . b a r . * will also match f o o . * . b a z . The destination f o o . b a r . b o o , for
example, would be granted permissions by f o o . b a r . * , but not by f o o . * . b a z .
Since not all destinations that f o o . b a r . * matches will also match f o o . * . b a z , we
say that f o o . * . b a z intersects f o o . b a r . * . The cache entry can determine a
permission if the requested destination is a subset of the cache entry, but not if it is
merely an intersection. In this case, permissions cannot be determined by the
cache.
The destination f o o . > , on the other hand, contains as subsets both f o o . b a r . *
and f o o . * . b a z , because any destination name that matches either f o o . b a r . * or
f o o . * . b a z will also match f o o . > . If f o o . > is in the cache, permissions will be
determined by the cache.

Enabling Extensible Permissions

Extensible permissions are enabled in the EMS server, through parameters in the
t i b e m s d . c o n f configuration file. The required parameters are:

• a u t h o r i z a t i o n —enables authorization.
• j a c i _ c l a s s —specifies the class that implements the Permissions Module.
• j a c i _ c l a s s p a t h —specifies the JAR files and dependent classes used by the
Permissions Module.

TIBCO Enterprise Message Service User’s Guide

282
| Chapter 9 Extensible Security

The Permissions Module will be used to grant permissions only to those

destinations that are defined as secure in the t o p i c s . c o n f and q u e u e s . c o n f
configuration files. If there are no topics or queues that include the s e c u r e
property, then the Permissions Module will never be called because the server
does not check permissions at all.
Because the Permissions Module runs in the Java virtual machine, you must also
enable the JVM in the EMS server. See Enabling the JVM on page 284 for more
information.

Writing a Permissions Module

The Permissions Module is a custom module that runs inside the EMS server
within a JVM. The Permissions Module is written using JACI, a set of APIs
developed by TIBCO Software Inc. that you can use to create a Java module that
will authorize EMS client requests. JACI provides the interface between your code
and the EMS server. JACI is a standard component of EMS, and JACI classes and
interfaces are documented in c o m . t i b c o . t i b e m s . t i b e m s d . s e c u r i t y.

Requirements In order to implement extensible permissions, you must write a Permissions

Module implementing the JACI interface. There are some requirements for a
Permissions Module that will run in the EMS server:
• The Permissions Module must implement the JACI A u t h o r i z e r interface,
which accepts information about the operation to be authorized.
• The Permissions Module must return a permission result, by way of the
AuthorizationResult class. Permission results contain:
— An a l l o w e d parameter, where t r u e means that the request is allowed and
f a l s e means the request is denied.

— A timeout, which determines how long the permission result will be

cached. Results can be cached for a time of up to 24 hours, or not at all.
— The destination on which the user is authorized to perform the action. The
destination returned can be more inclusive than the request. For example,
if the user requested to subscribe to the topic f o o . b a r, the permission
result can allow the user to subscribe to f o o . * . If a destination is not
included in the permission result, then the allow or deny response is
limited to the originally requested destination.
— The action type that the permission result replies to. For example,
authorization to publish to the destination, or authorization to receive
messages from a queue. Permissions can be granted to multiple action
types, for example permission to publish and subscribe on f o o . > . Note that
the EMS server creates one cache entry for each action specified in the
result.

TIBCO Enterprise Message Service User’s Guide

 Extensible Permissions 283
|

• The Permissions Module must be thread-safe. That is, the Permissions Module
must be able to function both in a multi-threaded environment and in a
single-threaded environment.
• The Permissions Module, like the LoginModule, should not employ long
operations, and should return values quickly. As these modules become part
of the EMS server’s message handling process, slow operations can have a
severe effect on performance.
Documentation of JACI classes and interfaces is available through
c o m . t i b c o . t i b e m s . t i b e m s d . s e c u r i t y.

TIBCO Enterprise Message Service User’s Guide

284
| Chapter 9 Extensible Security

The JVM in the EMS Server

The Java virtual machine (JVM) is a virtual machine on the Java platform, capable
of running inside the EMS server. Select independent Java modules can operate in
the JVM and plug into the EMS server. The JVM is required to use the following
TIBCO Enterprise Message Service features:
• Extensible Security—see Chapter 9, Extensible Security, on page 271.
• Database Stores—see Chapter 10, Using Database Stores, page 285.

Enabling the JVM

The Java virtual machine is enabled in the EMS server, through parameters in the
t i b e m s d . c o n f configuration file. The parameters that enable and configure the
JVM are:
• j r e _ l i b r a r y —enables the JVM.
• j r e _ o p t i o n —allows you to pass standard JVM options, defined by Sun
Microsystems, to the JVM at start-up.
For more information about these parameters, see JVM Parameters on page 220.

TIBCO Enterprise Message Service User’s Guide

 | 285

Chapter 10 Using Database Stores

This chapter describes how to configure the TIBCO Enterprise Message Service
server to store messages in a database. This chapter discusses only database
stores. For more information about file-based stores, see Store Messages in
Multiple Stores on page 29.

The optional database store feature requires the installation and use of Hibernate
Core for Java and associated jar files.

Topics

• Database Store Overview, page 286

• Configuring Database Stores, page 287
• EMS Schema Export Tool, page 293

TIBCO Enterprise Message Service User’s Guide

286
| Chapter 10 Using Database Stores

Database Store Overview

The EMS server can connect to a database, and store messages in one or more
database instances. The server connects to the database using Hibernate Core for
Java to interface between the database and the EMS server.

Requirements To create database stores, you must have:

• Hibernate Core for Java and related jar files.
Hibernate Core for Java is available, along with your TIBCO Enterprise
Message Service product distribution, from download.tibco.com.
• A database server that is supported by Hibernate, the corresponding dialect,
and the appropriate JDBC driver.
The database server must be running, and the databases that the EMS server
will connect to must have already been created by the database administrator.
• A username with read-write permissions and a password to the database
server.

TIBCO Enterprise Message Service User’s Guide

 Configuring Database Stores 287
|

Configuring Database Stores

This section describes the steps required to configure and deploy database stores.
For general conceptual information about the multiple store feature, see Store
Messages in Multiple Stores on page 29.
Settings for creating and configuring database stores are managed in the EMS
server, and are transparent to clients. To configure the database stores feature,
follow these steps:
1. Enable the database store feature in the t i b e m s d . c o n f by setting the
parameters:
— dbstore_classpath
— dbstore_driver_name
— dbstore_driver_dialect

— jre_library

For detailed information about the d b s t o r e parameters, see C o n f i g u r a t i o n

in tibemsd.conf. The j r e _ l i b r a r y parameter, which enables the JVM in
the EMS server, is described in JVM Parameters on page 220.
2. Setup and configure stores in the s t o r e s . c o n f file.
You can create multiple database stores, or a combination of database and
file-based stores. Each store must have a unique name. Parameters determine
whether the store is a database store, provide the location of the database
server, and specify the username and password that the EMS server uses to
access the database.
For a list of database store parameters, see C o n f i g u r a t i o n in stores.conf
below.
3. Associate destinations with the configured stores.
Messages are sent to different stores according to their destinations. You
associate a destination with a specific store using the s t o r e parameter in the
t o p i c s . c o n f and q u e u e s . c o n f files. You can also change store associations
using the s e t p r o p t o p i c or s e t p r o p q u e u e command in the EMS
Administration Tool.
Multiple destinations can be mapped to the same store, either explicitly or
using wildcards. Even if no stores are configured, the server sends persistent
messages that are not associated with a store to default stores. See Default
Store Files for more information.
For details about the s t o r e parameter, see s t o r e on page 70.
4. Export database tables.

TIBCO Enterprise Message Service User’s Guide

288
| Chapter 10 Using Database Stores

When the EMS server is configured to store messages in a database, the

database schema must be exported before the server is started. Use the EMS
Schema Export Tool to create, drop, and update the database tables.
For details, see EMS Schema Export Tool on page 293.

Configuration in tibemsd.conf
These parameters are set in the t i b e m s d . c o n f configuration file.

dbstore_classpath
dbstore_classpath = pathname
Includes all the JAR files required by the EMS server when employing the
database store feature. This parameter must be set when a store of type d b s t o r e
has been created in the s t o r e s . c o n f file.
Required JAR files are determined by the installed Hibernate release, and are
documented in the R E A D M E . t x t file that is located in the l i b / directory of the
Hibernate distribution. Many of these JAR files are version-specific, and the
required versions may change with new Hibernate releases. You should verify the
required version and modify the d b s t o r e _ c l a s s p a t h variable accordingly.
If you are using Hibernate release 3.2.5, for example, the d b s t o r e _ c l a s s p a t h
should include paths to the following JAR files:
• hibernate3.jar

• dom4j-1.6.1.jar

• commons-collections-2.1.1.jar

• commons-logging-1.0.4.jar

• ehcache-1.2.3.jar

• jta.jar

• cglib-2.1.3.jar

• antlr-2.7.6.jar

• c3p0-0.9.1.jar

• asm.jar

• asm-attrs.jar

• Database-specific driver JAR file. Supported jar files are listed in Database
Servers and Drivers in TIBCO Enterprise Message Service Installation.
For an example, see EMS_HOME/ s a m p l e s / c o n f i g / t i b e m s d - d b . c o n f .

TIBCO Enterprise Message Service User’s Guide

 Configuring Database Stores 289
|

dbstore_driver_name
dbstore_driver_name = name
Specifies the name of the JDBC driver used by Hibernate.
For example:
• If you are using the MySQL InnoDB database server:
dbstore_driver_name=com.mysql.jdbc.Driver

• If you are using the Microsoft SQL Server:

dbstore_driver_name=
com.microsoft.sqlserver.jdbc.SQLServerDriver

• If you are using Oracle 10g:

dbstore_driver_name=oracle.jdbc.driver.OracleDriver

• If you are using IBM DB2 Server:

dbstore_driver_name=com.ibm.db2.jcc.DB2Driver

dbstore_driver_dialect
dbstore_driver_dialect = dialect
Specifies the Hibernate SQL dialect used to construct SQL commands.
For example, if you are using the MySQL with InnoDB database server:
dbstore_driver_dialect = org.hibernate.dialect.MySQLInnoDBDialect

The SQL dialect is defined by Hibernate. For a list of databases and the associated
dialects, see the readme.txt file located in the Hibernate install directory archive.

Configuration in stores.conf
This section describes parameters configured for each database store in the
s t o r e s . c o n f file. The s t o r e s . c o n f includes definitions for both database and
file-based stores. For information about configuring file-based stores, see
s t o r e s . c o n f on page 237.

The format of the file is:

[ store_name] # m a n d a t o r y - - s q u a r e b r a c k e t s i n c l u d e d .
type = dbstore
d b s t o r e _ d r i v e r _ u r l = JDBCURL
d b s t o r e _ d r i v e r _ u s e r n a m e = username
d b s t o r e _ d r i v e r _ p a s s w o r d = password

TIBCO Enterprise Message Service User’s Guide

290
| Chapter 10 Using Database Stores

Table 40 Database Store File Parameters

Parameter Name Description

[ store_name] is the name that identifies this store
[ store_name]
configuration.
Note that the square brackets [ ] DO NOT
indicate that the store_name is an option; they
must be included around the name.

type=dbstore Identifies the store as either a file-based store or

a database store. The t y p e can be:
• file — for file-based stores.
• dbstore — for database stores.
For information about the parameters used to
configure file-based stores, see s t o r e s . c o n f on
page 237.

dbstore_driver_url Provides the location of the database server. The

URL entered uses the syntax specified by the
JDBC driver for your database.
Please see documentation specific to your JDBC
driver for more information. If you are using an
Oracle RAC database, also see Using a TAF
Configured URL on page 292.

dbstore_driver_username The username that the EMS server uses to

access the database.
Note that this user must have read and write
permissions to the database.

dbstore_driver_password The password that the server uses, in

conjunction with the username provided in
d b s t o r e _ d r i v e r _ u s e r n a m e , to access the
database.
You can mangle this and other passwords by
way of the t i b e m s a d m i n tool. See Table 15,
tibemsadmin Options, on page 116 for more
information about using t i b e m s a d m i n to
mangle passwords.

TIBCO Enterprise Message Service User’s Guide

 Configuring Database Stores 291
|

Example Using MySQL Server

[$sys.failsafe]
type=dbstore
dbstore_driver_url=jdbc:mysql://mysqlsrv_1:3306/sysfs
dbstore_driver_username=admin
dbstore_driver_password=admin123

[$sys.meta]
type=dbstore
dbstore_driver_url=jdbc:mysql://mysqlsrv_1:3306/sysmeta
dbstore_driver_username=admin
dbstore_driver_password=admin123

Example Using Microsoft SQL Server

[$sys.meta]
type=dbstore
dbstore_driver_url=jdbc:sqlserver://sqlsrv_1:3415;databaseName=sysmeta
dbstore_driver_username=admin
dbstore_driver_password=admin123

[$sys.failsafe]
type=dbstore
dbstore_driver_url=jdbc:sqlserver://sqlsrv_1:3415;databaseName=sysfs
dbstore_driver_username=admin
dbstore_driver_password=admin123

Example Using Oracle 10g

[$sys.meta]
type=dbstore
dbstore_driver_url=jdbc:oracle:thin:adminmeta/admin123@//osrv_1:1521/orclperf
dbstore_driver_username=adminmeta
dbstore_driver_password=admin123

[$sys.failsafe]
type=dbstore
dbstore_driver_url=jdbc:oracle:thin:adminfs/admin123@//osrv_1:1521/orclperf
dbstore_driver_username=adminfs
dbstore_driver_password=admin123

Example Using Oracle RAC 10g

[$sys.failsafe]
type=dbstore
dbstore_driver_url=jdbc:oracle:oci:<user>/<passwd>@(DESCRIPTION=
(ADDRESS=(PROTOCOL=TCP)(HOST=<host1>)(PORT=1521))(ADDRESS=(PROTOCO
L=TCP)(HOST=<host2>)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=orcl)(
FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC)(RETRIES=180)(DELAY=5))))
dbstore_driver_username=admin
dbstore_driver_password=admin123

For more information, see Configuration for the Oracle RAC Database below.

TIBCO Enterprise Message Service User’s Guide

292
| Chapter 10 Using Database Stores

Example Using IBM DB2 Server

[$sys.meta]
type=dbstore
dbstore_driver_url=jdbc:db2://db2srv_1:50000/SYSMETA
dbstore_driver_username=admin
dbstore_driver_password=admin123

[$sys.failsafe]
type=dbstore
dbstore_driver_url=jdbc:db2://db2srv_1:50000/SYSFS
dbstore_driver_username=admin
dbstore_driver_password=admin123

Configuration for the Oracle RAC Database

The TIBCO Enterprise Message Service server must connect to the Oracle RAC
10g database using the Oracle JDBC OCI driver and TAF configuration.

Installing the OCI Driver

We recommend using the Oracle Instant Client, which is an optimized
light-weight OCI driver package available from Oracle:
http://www.oracle.com/technology/tech/oci/instantclient/index.html
Follow the instructions provided to install the Oracle Instant Client.

Using a TAF Configured URL

To ensure that the EMS server does not lose its connection to the database during
a database failover, the server should connect to the database using a Transparent
Application Failover (TAF) configured URL. For example:
jdbc:oracle:oci:@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=host1)(
PORT=1521))(ADDRESS=(PROTOCOL=TCP)(HOST=host2)(PORT=1521))(CONNECT
_DATA=(SERVICE_NAME=orcl)(FAILOVER_MODE=(TYPE=SELECT)(METHOD=BASIC
)(RETRIES=180)(DELAY=5))))

TIBCO Enterprise Message Service User’s Guide

 EMS Schema Export Tool 293
|

EMS Schema Export Tool

Each database store that appears in the s t o r e s . c o n f file includes a configuration

parameter pointing to a database. The EMS Schema Export Tool creates and
exports database tables for the database stores that are configured there. Database
administrators can use the Schema Export Tool to selectively export and tune
schemas to suit your database and messaging system.

The EMS Schema Export Tool must be used to export database tables when one or
more database stores are configured in the s t o r e s . c o n f file. That is, if any stores
of type d b s t o r e are configured, you must export the database schema before
starting the EMS server.

The Schema Export Tool is a JAR file, t i b e m s d _ u t i l . j a r, located in the same

directory as t i b e m s d . Command line options, described in Table 15 on page 116,
determine whether database tables are created or dropped, and whether they are
printed to the console, saved to a file, or exported to the database.
Before invoking the Schema Export Tool, you must:
• Configure the global database store parameters in the t i b e m s d . c o n f file. The
parameters that configure the global database store settings begin with
d b s t o r e _ . See Configuration in tibemsd.conf on page 288 for details about
these parameters.
• Configure at least one store of type d b s t o r e in the s t o r e s . c o n f file. See
Configuration in stores.conf on page 289 for more information about
configuring database stores.

How the Schema When it is invoked, the Schema Export Tool accepts the t i b e m s d . c o n f file and
Export Tool reviews the database store parameters, then parses the s t o r e s . c o n f file.
Works Depending on the options specified when it was invoked, the Schema Export Tool
will create, drop, or update the database tables for the stores of type d b s t o r e that
are configured in the s t o r e s . c o n f file.
The tool can perform the selected actions on all database stores, or only on specific
stores. The Schema Export Tool can also print the database tables it creates to the
console, or export them either to the database or to a specified file.

TIBCO Enterprise Message Service User’s Guide

294
| Chapter 10 Using Database Stores

Running the The Schema Export Tool is invoked from the command line. The tool can be
Schema Export invoked from its directory, or by giving the absolute path to the
Tool t i b e m s _ u t i l . j a r file. For example:

On Windows
> java -jar EMS_HOME\ b i n \ t i b e m s d _ u t i l . j a r options
Or
> java -jar c:\tibco\ems\6.0\bin\tibemsd_util.jar options

On Unix
> java -jar EMS_HOME/ b i n / t i b e m s d _ u t i l . j a r options
Or
$ java -jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar options

This table shows the options that are used with the Schema Export Tool:

Table 41 EMS Schema Export Tool options

Option Description
-tibemsdconf pathname The absolute path to the t i b e m s d . c o n f file. For
example, on a UNIX system:
/opt/tibco/ems/6.0/samples/config/tibemsd.conf

-e x p o r t t o f i l e Export the schema to a file named store-name. d d l . l o g ,

where store-name is the name of the database store. If
multiple database stores are configured in
s t o r e s . c o n f , then one file is created for each database
store.
If neither e x p o r t t o f i l e nor e x p o r t option is included,
the schema export tool prints the schema to the console.
If both - e p o r t t o f i l e and - e x p o r t are included, the
Schema Export Tool exports the database schema to
both locations.

-e x p o r t Export the schema to the database configured for the

store.
If neither e x p o r t nor e x p o r t t o f i l e option is included,
the schema export tool prints the schema to the console.
If both - e p o r t and - e x p o r t t o f i l e are included, the
Schema Export Tool exports the database schema to
both locations.

TIBCO Enterprise Message Service User’s Guide

 EMS Schema Export Tool 295
|

Table 41 EMS Schema Export Tool options

Option Description
-store storename= c r e a t e | u p d a t e | d r o p Create, update, or drop the schema for one or more
specific stores that are named in the stores configuration
file.
If you choose the c r e a t e option for a schema that
already exists, the Schema Export Tool recreates the
schema.
Note that c r e a t e prints the schema to screen but does
not deploy it. You must use e x p o r t or e x p o r t t o f i l e in
order to implement the schema.

-createall Create all the stores found in the stores configuration

file. Note that this option drops any existing
configurations when creating the new stores.

-dropall Drop all the stores found in the stores configuration file.

-updateall Update the schema for all stores configured in the found
in stores configuration file.

-help Print information about the schema export tool and its
options, and exit the tool.

Examples
The following examples show how the Schema Export Tool can be used to create
database schemas in various configurations.

Example 1 This example shows how the Schema Export Tool can be invoked from any
directory by giving the absolute path to the t i b e m s d _ u t i l . j a r :
$ java -jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar -help

Example 2 In this example, the Schema Export Tool creates and exports database schemas for
all the stores found in the s t o r e s . c o n f that is set in the specified
t i b e m s d - m s s q l s e r v e r . c o n f file:

java -jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar -tibemsdconf

/opt/tibco/ems/6.0/samples/config/tibemsd.conf -createall -export

Example 3 In this example, the Schema Export Tool exports the database schema for the
$ s y s . f a i l s a f e store to the database:

TIBCO Enterprise Message Service User’s Guide

296
| Chapter 10 Using Database Stores

jar -jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar -tibemsdconf

/opt/tibco/ems/6.0/samples/config/tibemsd.conf –export –store
\$sys.failsafe=create

Example 3 In this example, the Schema Export Tool writes the database schema for the
$ s y s . f a i l s a f e store to the file $ s y s . f a i l s a f e . d d l . l o g :

$ jaav -jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar -tibemsdconf

/opt/tibco/ems/6.0/samples/config/tibemsd.conf –exporttofile
–store \$sys.failsafe=create

Example 4 In this example the Schema Export Tool creates and exports the database schema
for the store m y s t o r e 1 , but drops the schema associated with m y s t o r e 2 and
exports the change:
java –jar /opt/tibco/ems/6.0/bin/tibemsd_util.jar –tibemsdconf
/opt/tibco/ems/6.0/samples/config/tibemsd.conf -store
mystore1=create -store mystore2=drop -export

TIBCO Enterprise Message Service User’s Guide

 | 297

Chapter 11 Developing an EMS Client Application

This chapter outlines how to develop EMS client applications in Java, C and C#.

Topics

• JMS Specification, page 298

• Sample Clients, page 301
• Programmer Checklists, page 302
• Connection Factories, page 312
• Connecting to the EMS Server, page 315
• Creating a Session, page 317
• Setting an Exception Listener, page 318
• Dynamically Creating Topics and Queues, page 320
• Creating a Message Producer, page 322
• Creating a Message Consumer, page 325
• Working with Messages, page 330

TIBCO Enterprise Message Service User’s Guide

298
| Chapter 11 Developing an EMS Client Application

JMS Specification

EMS implements the JMS 1.1 specification, as well as the earlier JMS 1.0.2b
specification for older clients. While the JMS 1.0.2b interfaces continue to be
supported, they may be deprecated in future releases of the JMS specification.
Newly developed applications should use the JMS 1.1 interfaces, and you should
discontinue the use of the older interfaces as soon as possible.
The code examples in this chapter illustrate the use of the JMS 1.1 interfaces.

JMS 1.1 Specification

In the JMS 1.1 specification, applications using the point to point (queues) or
publish and subscribe (topics) models use the same interfaces to create objects.
The JMS specification refers to these interfaces as common facilities because these
interfaces create objects that can be used for either topics or queues.
Figure 18 illustrates the interfaces involved in the JMS API.

Figure 18 JMS 1.1 Programming Model

Connection Factory

Creates

Connection

Creates

Session Message

Creates
Creates

Message Producer Message Consumer

Registers With
Sends To
Receives From (Asynch Messages)
(Synch Messages)
Message Listener

Topic or Queue

TIBCO Enterprise Message Service User’s Guide

 JMS Specification 299
|

JMS 1.0.2b Specification

The JMS 1.0.2b specification defined specific interfaces for topics and for queues.
The JMS 1.0.2b interfaces have the same structure as the JMS 1.1 common
facilities, but the interfaces are specific to topics or queues. Figure 19 illustrates
the previous interface model used by the JMS API.

Figure 19 JMS 1.0.2b Programming Model

Queue Connection Factory
or
Topic Connection Factory

Creates

Queue Connection
or
Topic Connection

Creates

Queue Session
or Message
Topic Session
Creates
Creates

Queue Receiver,
Queue Sender Queue Browser,
or or
Topic Publisher Topic Subscriber

Registers With
Sends To Receives From
Message Listener

Queue
or
Topic

TIBCO Enterprise Message Service User’s Guide

300
| Chapter 11 Developing an EMS Client Application

Summary of JMS 1.1 and 1.0.2b Interfaces

Table 42 summarizes the interfaces used in the JMS API to support both the
common facilities and specific interfaces.

Table 42 JMS API object summary (Sheet 1 of 2)

Common Facilities
Interfaces Specific Interfaces Description
(JMS 1.1) (JMS 1.0.2b)

ConnectionFactory QueueConnectionFactory Object used to create connections to EMS

server.
TopicConnectionFactory

Connection QueueConnection A connection encapsulates a physical

connection with a provider (server).
TopicConnection
Connections are used to create sessions.

Session QueueSession A session is a single-threaded object that

creates instances of message producers,
TopicSession
message consumers, messages and
transacted message groups.
Sessions can also be transacted. In a
transacted session, a group of messages are
sent and received in a single transaction.

MessageProducer QueueSender A message producer is an object created by a

session that is used for sending messages to
TopicPublisher
a destination.

MessageConsumer QueueBrowser A message consumer is an object created by

a session that receives messages sent to a
QueueReceiver
destination.
TopicSubscriber

MessageListener MessageListener A message listener is an object that acts as an

asynchronous event handler for messages.
Message listeners must be registered with a
specific MessageConsumer.

TIBCO Enterprise Message Service User’s Guide

 Sample Clients 301
|

Table 42 JMS API object summary (Sheet 2 of 2)

Common Facilities
Interfaces Specific Interfaces Description
(JMS 1.1) (JMS 1.0.2b)

MessageSelector MessageSelector Message selectors are optional filters that can

be used by the application. They transfer the
filtering work to the message provider,
rather than the message consumer.
A message selector is a String that contains
an expression. The syntax of the expression
is based on a subset of the SQL92 conditional
expression syntax.

Message Message Several types of message bodies are available

for queues and topics.

Queue Queue The destination that messages can be sent to

or received from.
Topic Topic
Normally these are created and managed by
the server, but clients can create destinations
dynamically by using methods on the
S e s s i o n object.

Sample Clients

TIBCO Enterprise Message Service includes several sample client applications

that illustrate various features of EMS. You may wish to view these sample clients
when reading about the corresponding features in this manual.
The samples are included in the EMS_HOME/ s a m p l e s / j a v a ,
EMS_HOME/ s a m p l e s / c , and EMS_HOME/ s a m p l e s / c s subdirectories of the EMS
installation directory. Each subdirectory includes a README file that describes
how to compile and run the sample clients.
Chapter 4, Getting Started, on page 87 walks through the procedures for setting
up your EMS environment and running some of the sample clients.

TIBCO Enterprise Message Service User’s Guide

302
| Chapter 11 Developing an EMS Client Application

Programmer Checklists

This section provides a checklist that outlines the steps for creating an EMS
application in each language:
• Java Programmer’s Checklist on page 302
• C Programmer’s Checklist on page 303
• C# Programmer’s Checklist on page 308

Java Programmer’s Checklist

Install
• Install the EMS software release, which automatically includes the EMS j a r
files in the EMS_HOME/ l i b subdirectory.
• Add the full pathnames for the following j a r files to your C L A S S P A T H :
jms.jar
tibjms.jar

• If SSL is used for communication, add the following file to the C L A S S P A T H :

tibcrypt.jar

All jar files listed in this section are located in the l i b subdirectory of the TIBCO
Enterprise Message Service installation directory.

To use Entrust with an EMS client, you must separately purchase and install the
Entrust libraries. If you use the Entrust libraries, you must include them in the
CLASSPATH before the JSSE JAR files. To use Entrust with JDK, you must
download the unlimited strength policy JAR files from Sun's website and install
them in your local installation of JDK. For installation and configuration details,
see Entrust documentation.
See , Security Considerations, on page 109 for a complete discussion of what is
needed for a secure deployment.

Code
Import the following packages into your EMS application:
import javax.jms.*;
import javax.naming.*;

TIBCO Enterprise Message Service User’s Guide

 Programmer Checklists 303
|

Compile
Compile your EMS application with the j a v a c compiler to generate a . c l a s s file.
For example:
javac MyApp.java

generates a M y A p p . c l a s s file.

Run
Use the j a v a command to execute your EMS . c l a s s file.
For example:
java MyApp

C Programmer’s Checklist
Developers of EMS C programs can use this checklist during the five phases of the
development cycle.

Install
• Install the EMS software release, which automatically includes the EMS client
libraries, binaries, and header files in the EMS_HOME/ l i b subdirectory.

Code
Application programs must:
• Add EMS_HOME/ i n c l u d e to the include path. (OpenVMS environments do
not require an include path; skip this item.)
• Include the t i b e m s . h header file:
#include <tibems/tibems.h>

• Programs that use the C administration API must also include the
e m s a d m i n . h header file:
#include <tibems/emsadmin.h>

• Call t i b e m s _ O p e n ( ) to initialize the EMS C API and t i b e m s _ C l o s e ( ) to

deallocate the memory used by EMS when complete.

TIBCO Enterprise Message Service User’s Guide

304
| Chapter 11 Developing an EMS Client Application

Compile and Link

• Compile programs with an ANSI-compliant C compiler.
• Link with the appropriate EMS C library files; see Link These Library Files on
page 304.
See the s a m p l e s / c / r e a d m e file for details.

Run
• UNIX If you use dynamic EMS libraries on a UNIX platform, the environment
variable $ L D _ L I B A R Y _ P A T H must include the EMS_HOME/ l i b directory
(which contains the shared library files). (On some UNIX platforms, this
variable is called $ S H L I B _ P A T H or $ S Y L I B _ L I B R A R Y _ P A T H ).
• Windows The P A T H must include the e m s \ 6 . 0 \ b i n directory.
• OpenVMS The installation procedure automatically installs the shareable
images required for using EMS dynamic libraries.
• All Platforms The application must be able to connect to a EMS server process
(t i b e m s d ).

Link These Library Files

EMS C programs must link the appropriate library files. The following sections
describe which files to link for your operating system platform:
• 32-Bit UNIX on page 304
• 64-Bit UNIX on page 305
• Microsoft Windows on page 306
• OpenVMS on page 307

32-Bit UNIX
In 32-bit UNIX environments, both shared and static libraries are available. We
recommend shared libraries to ease forward migration.

Table 43 Linker Flags for 32-Bit UNIX (Sheet 1 of 2)

Linker Flag Description

-ltibems All programs must link using this library flag.

-lssl Programs that use SSL must link using these library
-lcrypto
flags.

TIBCO Enterprise Message Service User’s Guide

 Programmer Checklists 305
|

Table 43 Linker Flags for 32-Bit UNIX (Sheet 2 of 2)

Linker Flag Description

-lz Programs that use compression must link using this
library flag.

-ltibemslookup Programs that use EMS LDAP lookup must link using
-lldap
these library flags.
-lxml2
-llber

-ltibemsadmin Programs that use the C administration library must

link using this library flag.

64-Bit UNIX
In 64-bit UNIX environments, both shared and static libraries are available. We
recommend shared libraries to ease forward migration. In this release, 64-bit
libraries are available on HP-UX, Solaris, AIX and Linux (2.4 glibc 2.3) platforms.
To use 64-bit libraries, you must include TIBCO_HOME/ e m s / 6 . 0 / l i b / 6 4 in your
library path, and it must precede any other EMS directory in the library path.

Table 44 Linker Flags for 64-Bit UNIX

Linker Flag Description

-ltibems64 All programs must link using this library flag.

-lssl Programs that use SSL must link using these library
-lcrypto
flags.

-lz Programs that use compression must link using this

library flag.

-ltibemslookup64 Programs that use EMS LDAP lookup must link

-lldap
using these library flags.
-lxml2
-llber

-ltibemsadmin64 Programs that use the C administration library must

link using this library flag.

TIBCO Enterprise Message Service User’s Guide

306
| Chapter 11 Developing an EMS Client Application

Microsoft Windows
For a list of Windows platforms that Release 6.0 supports, see the file r e a d m e . t x t
in the installation directory. Both DLLs and static libraries are available. We
recommend DLLs to ease forward migration.

Table 45 Dynamic Library Files for Microsoft Windows

Library File Description

With dynamic libraries (DLLs), use the / M T compiler option.

tibems.lib All programs must link these libraries.

ws2_32.lib

tibemslookup.lib Programs that use EMS LDAP lookup must link

libxml2.lib
these libraries.

liboldap32.lib In addition, programs that use EMS lookup must

olber32.lib
link one of these pairs of libraries.
libldap32_d.lib
liblber32_d.lib

tibemsadmin.lib Programs that use the C administration library must

link using this library.

Table 46 Static Library Files for Microsoft Windows

Library File Description

With static libraries (DLLs), use the / M D compiler option.

libtibems.lib All programs must link these libraries.

ws2_32.lib
ssleay32mt.lib
libeay32mt.lib
zlib.lib

libtibemslookup.lib Programs that use EMS LDAP lookup must link this
libxml2.lib
library.

liboldap32.lib In addition, programs that use EMS lookup must

olber32.lib
link one of these pairs of libraries.
libldap32_d.lib
liblber32_d.lib

libtibemsadmin.lib Programs that use the C administration library must

link using this library.

TIBCO Enterprise Message Service User’s Guide

 Programmer Checklists 307
|

OpenVMS
In OpenVMS environments, both shared and static libraries are available. We
recommend shared libraries to ease forward migration.

When upgrading from EMS 4.3 to 4.4 or later versions, EMS client executables
that were linked with the EMS 4.3 dynamic libraries (shareable images) must be
relinked to the new libraries after EMS 4.4 has been installed with its associated
third party libraries. The third party libraries are part of the full installation of
EMS.

Table 47 Shareable Image Library Files for OpenVMS

Library File Description

LIBTIBEMSSHR.EXE All programs must link this library.

LIBCRYPTOSHR.EXE Programs that use SSL must link these libraries.

LIBSSLSHR.EXE

LIBZSHR.EXE Programs that use data compression must link

this library.

LIBTIBEMSADMINSHR.EXE Programs that use the C administration library

must link this library.

Table 48 Static Library Files for OpenVMS

Library File Description

LIBTIBEMS.OLB All programs must link this library.

LIBCRYPTO.OLB Programs that use SSL must link these libraries.

LIBSSL.OLB

LIBZ.OLB Programs that use data compression must link this

library.

LIBTIBEMSADMIN.OLB Programs that use the C administration library must

link this library.

TIBCO Enterprise Message Service User’s Guide

308
| Chapter 11 Developing an EMS Client Application

C# Programmer’s Checklist
Developers of EMS C# programs can use this checklist during the four phases of
the development cycle.

Install
• Install the EMS software release, which automatically includes the EMS
assembly DLLs in the EMS_HOME\b i n subdirectory.

Code
• Import the correct EMS assembly (see Table 49).

Table 49 EMS Assembly DLL

Version DLL
.NET API TIBCO.EMS.dll

.NET Administration API TIBCO.EMS.ADMIN.dll

.NET Unshared State API TIBCO.EMS.UFO.dll

.NET Compact Framework API TIBCO.EMS-CF.dll

Compile
• Compile with any .NET compiler.

Run
• The EMS assembly must be in the global assembly cache (this location is
preferred), or in the system path, or in the same directory as your program
executable.
• To automatically upgrade to the latest .NET assemblies, include the
appropriate policy file in the global cache. See Automatic Upgrades Between
Versions for more information.
• The application must be able to connect to a EMS daemon process (t i b e m s d ).

TIBCO Enterprise Message Service User’s Guide

 Programmer Checklists 309
|

Assembly Versioning
TIBCO Enterprise Message Service assembly DLLs are versioned using the format
1 . 0 . release. version, where release is the EMS release number version is an arbitrary
value. For example, the assembly version number for software release 6.0.0 is
similar to 1 . 0 . 6 0 0 . 8 .

Applications that use a release of EMS earlier than 6.0 do not use standard .NET
versioning. Prior to TIBCO Enterprise Message Service release 6.0.0, all EMS .NET
assemblies showed an assembly version number 1 . 0 . 0 . 0 , which allowed client
applications to upgrade to the latest version of EMS without rebuilding.
This functionality is now available through the p o l i c y DLL files.

Automatic Upgrades Between Versions

In order to allow for seamless upgrades between releases, the TIBCO Enterprise
Message Service installation includes policy and configuration files that redirect
existing applications from an older assembly to the newest assembly. There is a
policy and configuration file for each EMS library:
• A p o l i c y . 1 . 0 . assembly file. For example, p o l i c y . 1 . 0 . T I B C O . E M S . d l l . The
policy file must be included in the global cache to enable automatic upgrades.
• An assembly. c o n f i g file. For example, T I B C O . E M S . d l l . c o n f i g . The
configuration file must be present when the related policy file is added to the
global cache.
Table 50 shows the policy and configuration files for each EMS assembly.

Table 50 EMS Policy Files

Version Files
.NET API policy.1.0.TIBCO.EMS.dll

TIBCO.EMS.dll.config

.NET Administration API policy.1.0.TIBCO.EMS.ADMIN.dll

TIBCO.EMS.ADMIN.dll.config

.NET Unshared State API policy.1.0.TIBCO.EMS.UFO.dll

TIBCO.EMS.UFO.dll.config

The .NET Compact Framework API is not available for automatic upgrades.

Enabling Updates To enable automatic updates for a library, add the appropriate policy file to the
global cache. Note that the related configuration file must be located in the
directory with the policy file in order to add the policy file to the global cache.

TIBCO Enterprise Message Service User’s Guide

310
| Chapter 11 Developing an EMS Client Application

Disabling Automatic Upgrades

If you do not want your older applications to automatically move to the newer
version, do not include the p o l i c y DLL in the global cache. When the
p o l i c y . 1 . 0 . assembly file is absent, the client application is not upgraded.

Running Multiple Clients from Different EMS Releases

To deploy two or more applications that are built with different TIBCO Enterprise
Message Service releases:
1. Build clients using the different .NET client assemblies.
2. Include all desired versions of the .NET client assemblies in the global cache.
3. Do not include the p o l i c y DLL in the global cache.

Excluded Features and Restrictions

This section summarizes features that are not available in either the .NET library,
or the .NET Compact Framework library.
Note that compression, SSL, and the LDAP lookup of administered objects
features are available only with Microsoft .NET Framework 2.0.

Table 51 .NET Feature Support

.NET
Feature .NET Compact
Framework
XA protocols for external transaction managers — —

C o n n e c t i o n C o n s u m e r, S e r v e r S e s s i o n , S e r v e r S e s s i o n P o o l — —

Compression Yes —

SSL Yes —

Modify socket buffer sizes (see Yes —

Tibems.SetSocketReceiveBufferSize and
Tibems.SetSocketSendBufferSize in the HTML reference)

Daemon threads (see T i b e m s . S e t S e s s i o n D i s p a t c h e r D a e m o n in the Yes —

HTML reference)

TIBCO Enterprise Message Service User’s Guide

 Programmer Checklists 311
|

Character Encoding
.NET programs represent strings within messages as byte arrays. Before sending
an outbound message, EMS programs translate strings to their byte
representation using an encoding, which the program specifies. Conversely, when
EMS programs receive inbound messages, they reconstruct strings from byte
arrays using the same encoding.
When a program specifies an encoding, it applies to all strings in message bodies
(names and values), and properties (names and values). It does not apply to
header names nor values. The method B y t e s M e s s a g e . W r i t e U T F always uses
UTF-8 as its encoding.

Outbound Programs can determine the encoding of strings in outbound messages in three
Messages ways:
• Use the default global encoding, UTF-8.
• Set a non-default global encoding (for all outbound messages) using
Tibems.SetEncoding.

• Set the encoding for an individual message using

Tibems.SetMessageEncoding.

Inbound An inbound message from another EMS client explicitly announces its encoding.
Messages A receiving client decodes the message using the proper encoding.
For more information about character encoding, see Character Encoding in
Messages on page 35.

.NET Compact Framework (CF)

This section presents recommendations for using the EMS .NET Compact
Framework API to develop applications for handheld devices.

Threads .NET Compact Framework does not support background threads. To avoid
problems with threads, we recommend that programs release all EMS resources
before terminating. For example, close EMS connections when they are no longer
needed (see C o n n e c t i o n . C l o s e in the HTML reference).

Clock Resolution Clock resolution affects the granularity of all time-related calls and parameters—
for example M e s s a g e C o n s u m e r . R e c e i v e ( t i m e o u t ) , connect delays. On some
handheld devices, clock resolution is coarser than one might expect. Check the
resolution on your target device before selecting time values.

TIBCO Enterprise Message Service User’s Guide

312
| Chapter 11 Developing an EMS Client Application

Connection Factories

A client must connect to a running instance of the EMS server to perform any JMS
operations. A connection factory is an object that encapsulates the data used to
define a client connection to an EMS server. The minimum factory parameters are
the type of connection (e.g., ’generic’ for JMS 1.1 connections and ’topic’ or
’queue’ for JMS 1.0.2b connections) and the URL (host name, transport protocol
and port id) for the client connection to the EMS server.
A connection factory is either dynamically created by the application or obtained
from a data store by means of a naming service, such as a Java Naming and
Directory Interface (JNDI) server or a Lightweight Directory Access Protocol
(LDAP) server.

Looking up Connection Factories

EMS provides a JNDI implementation that can be used to store connection
factories. Java, C, and C# clients can use the EMS JNDI implementation to lookup
connection factories.
You can also store connection factories in any JNDI-compliant naming service or
in an LDAP server. Java clients can lookup connection factories in any
JNDI-compliant naming service. C and C# clients use LDAP servers.
Looking up Administered Objects Stored in EMS on page 338 describes how to
lookup a connection factory from an EMS server. Chapter 1, Using JNDI With
Third-Party Naming/Directory Services in the TIBCO Enterprise Message Service
Application Integration Guide describes how to look up connection factories from a
third-party JNDI or LDAP server.
How to create connection factories in a EMS server is described in Creating and
Modifying Administered Objects in EMS on page 336.

Dynamically Creating Connection Factories

Normally client applications use JNDI to look up a Connection Factory object.
However, some situations require clients to connect to the server directly. To
connect to the EMS server directly, the application must dynamically create a
connection factory.
The following examples show how to create a connection factory in each
supported language for JMS 1.1 connections. Each API also supports connection
factories for JMS 1.1 XA connections.

TIBCO Enterprise Message Service User’s Guide

 Connection Factories 313
|

In each example, the s e r v e r U r l parameter in these expressions is a string

defining the protocol and the address of the running instance of the EMS Server.
The s e r v e r U r l parameter has the form:
serverUrl = protocol: / / host: port
The supported protocols are t c p and s s l . For example:
serverUrl = tcp://server0:7222

For a fault-tolerant connection, you can specify two or more URLs. For example:
serverUrl = tcp://server0:7222,tcp://server1:7344

See Configuring Clients for Fault-Tolerant Connections on page 478 for more
information. For details on using SSL for creating secure connections to the server,
see Configuring SSL in EMS Clients on page 448 and Creating Connection
Factories for Secure Connections on page 336.

Java
To dynamically create a T i b j m s C o n n e c t i o n F a c t o r y object in a Java client:
ConnectionFactory factory = new
com.tibco.tibjms.TibjmsConnectionFactory(serverUrl);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
To dynamically create a t i b e m s C o n n e c t i o n F a c t o r y type in a C client:
factory = tibemsConnectionFactory_Create();
status = tibemsConnectionFactory_SetServerURL(
factory, serverUrl);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

C#
To dynamically create a C o n n e c t i o n F a c t o r y object in a C# client:
ConnectionFactory factory = new
TIBCO.EMS.ConnectionFactory(serverUrl);

See the c s M s g P r o d u c e r . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

314
| Chapter 11 Developing an EMS Client Application

Setting Connection Attempts, Timeout and Delay Parameters

By default, a client will attempt to connect to the server two times with a 500 ms
delay between each attempt. A client can modify this behavior by setting new
connection attempt count and delay values. There are also a number of factors
that may cause a client to hang while attempting to create a connection to the EMS
server, so you can set a connection timeout value to abort a connection attempt
after a specified period of time. For best results, timeouts should be at least 500
milliseconds. EMS also allows you to establish separate count, delay and timeout
settings for reconnections after a fault-tolerant switchover, as described in Setting
Reconnection Failure Parameters on page 479.
The following examples establish a connection count of 10, a delay of 1000 ms and
a timeout of 1000 ms.

Java
Use the T i b j m s C o n n e c t i o n F a c t o r y object’s s e t C o n n A t t e m p t C o u n t ( ) ,
setConnAttemptDelay(), and s e t C o n n A t t e m p t T i m e o u t ( ) methods to establish
new connection failure parameters:
factory.setConnAttemptCount(10);
factory.setConnAttemptDelay(1000);
factory.setConnAttemptTimeout(1000);

C
Use the t i b e m s C o n n e c t i o n F a c t o r y _ S e t C o n n e c t A t t e m p t C o u n t and
t i b e m s C o n n e c t i o n F a c t o r y _ S e t C o n n e c t A t t e m p t D e l a y functions to establish
new connection failure parameters:
status = tibemsConnectionFactory_SetConnectAttemptCount(
factory, 10);

status = tibemsConnectionFactory_SetConnectAttemptDelay(
factory, 1000);

status = tibemsConnectionFactory_SetConnectAttemptTimeout(
factory, 1000);

C#
Use the C o n n e c t i o n F a c t o r y . S e t C o n n A t t e m p t C o u n t ,
C o n n e c t i o n F a c t o r y . S e t C o n n A t t e m p t D e l a y, and
C o n n e c t i o n F a c t o r y . S e t C o n n A t t e m p t T i m e o u t methods to establish new
connection failure parameters:
factory.setConnAttemptCount(10);
factory.setConnAttemptDelay(1000);
factory.setConnAttemptTimeout(1000);

TIBCO Enterprise Message Service User’s Guide

 Connecting to the EMS Server 315
|

Connecting to the EMS Server

A connection with the EMS server is defined by the Connection object obtained
from a Connection Factory, as described in Connection Factories on page 312.
A connection is a fairly heavyweight object, so most clients will create a
connection once and keep it open until the client exits. Your application can create
multiple connections, if necessary.
The following examples show how to create a Connection object.

Java
Use the T i b j m s C o n n e c t i o n F a c t o r y object’s c r e a t e C o n n e c t i o n ( ) method to
create a C o n n e c t i o n object:
Connection connection =
factory.createConnection(userName,password);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
Use the t i b e m s C o n n e c t i o n F a c t o r y _ C r e a t e C o n n e c t i o n function to create a
connection of type t i b e m s C o n n e c t i o n :
tibemsConnection connection = NULL;

status = tibemsConnectionFactory_CreateConnection(factory,
&connection, userName, password);

If there is no connection factory, a C client can use the

t i b e m s C o n n e c t i o n _ C r e a t e function to dynamically create a t i b e m s C o n n e c t i o n
type:
status = tibemsConnection_Create(&connection,
serverUrl,NULL,userName,password);

The t i b e m s C o n n e c t i o n _ C r e a t e function exists for backward compatibility, but

the recommended procedure is that you create t i b e m s C o n n e c t i o n objects from
factories.
See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

316
| Chapter 11 Developing an EMS Client Application

C#
Use the C o n n e c t i o n F a c t o r y . C r e a t e C o n n e c t i o n method to create a C o n n e c t i o n
object:
Connection connection =
factory.CreateConnection(userName, password);

See the c s M s g P r o d u c e r . c s sample client for a working example.

Starting, Stopping and Closing a Connection

Before consuming messages, the Message Consumer client must "start" the
connection. See Creating a Message Consumer on page 325 for more details about
Message Consumers.
If you wish to temporarily suspend message delivery, you can "stop" the
connection.
When a client application exits, all open connections must be "closed." Unused
open connections are eventually closed, but they do consume resources that could
be used for other applications. Closing a connection also closes any sessions
created by the connection.
See the "start," "stop" and "close" methods for the Java C o n n e c t i o n object, the C
t i b e m s C o n n e c t i o n type, and the C# C o n n e c t i o n object.

TIBCO Enterprise Message Service User’s Guide

 Creating a Session 317
|

Creating a Session

A Session is a single-threaded context for producing or consuming messages. You

create Message Producers or Message Consumers using Session objects. A Session
can be transactional to enable a group of messages to be sent and received in a
single transaction. A non-transactional Session can define the acknowledge mode
of message objects received by the session. See Message Acknowledgement on
page 38 for details.

Java
Use the C o n n e c t i o n object’s c r e a t e S e s s i o n ( ) method to create a S e s s i o n
object.
For example, to create a non-transactional S e s s i o n that uses the
A U T O _ A C K N O W L E D G E delivery mode:

Session session = connection.createSession(

false, javax.jms.Session.AUTO_ACKNOWLEDGE);

The EMS extended acknowledgement modes, such as N O _ A C K N O W L E D G E , require

that you include the c o m . t i b c o . t i b j m s . T i b j m s constant when you specify the
EMS delivery mode. For example, to create a non-transactional S e s s i o n that uses
the N O _ A C K N O W L E D G E delivery mode:
Session session = Connection.createSession(
false, com.tibco.tibjms.Tibjms.NO_ACKNOWLEDGE);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
Use the t i b e m s C o n n e c t i o n _ C r e a t e S e s s i o n function to create a session of type
tibemsSession:

tibemsSession session = NULL;

status = tibemsConnection_CreateSession(connection,
&session, TIBEMS_FALSE, TIBEMS_AUTO_ACKNOWLEDGE);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

C#
Use the C o n n e c t i o n . C r e a t e S e s s i o n method to create a S e s s i o n object:
Session session = connection.CreateSession(false,
Session.AUTO_ACKNOWLEDGE);

See the c s M s g P r o d u c e r . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

318
| Chapter 11 Developing an EMS Client Application

Setting an Exception Listener

All the APIs support the ability to set an exception listener on the connection that
gets invoked when a connection breaks or experiences a fault-tolerant switchover.
When the event is a disconnect, the exception handler can call various EMS
methods without any problem. However, when the event is a fault-tolerant
switchover, the exception handler is not allowed to call any EMS method. To do so
risks a deadlock. You can call the s e t E x c e p t i o n O n F T S w i t c h method to receive an
exception that contains the new server URL after a fault-tolerant switchover has
occurred.
The following examples demonstrate how to establish an exception listener for a
connection.

Java
Implement an E x c e p t i o n L i s t e n e r . o n E x c e p t i o n method, use the C o n n e c t i o n
object’s s e t E x c e p t i o n L i s t e n e r method to register the exception listener, and
call T i b j m s . s e t E x c e p t i o n O n F T S w i t c h to call the exception handler after a
fault-tolerant switchover:
public class tibjmsMsgConsumer
implements ExceptionListener
{
.....
public void onException(JMSException e)
{
/* Handle exception */
}
.....
connection.setExceptionListener(this);

com.tibco.tibjms.Tibjms.setExceptionOnFTSwitch(true);
.....
}

See the t i b j m s M s g C o n s u m e r . j a v a sample client for a working example (without

the s e t E x c e p t i o n O n F T S w i t c h call).

TIBCO Enterprise Message Service User’s Guide

 Setting an Exception Listener 319
|

C
Define an o n E x c e p t i o n function to handle exceptions, use the
t i b e m s C o n n e c t i o n _ S e t E x c e p t i o n L i s t e n e r function to call o n E x c e p t i o n when
an error is encountered, and call t i b e m s _ s e t E x c e p t i o n O n F T S w i t c h to call the
exception handler after a fault-tolerant switchover:
void onException(
tibemsConnection conn,
tibems_status reason,
void* closure)
{
/* Handle exception */

}
.....

status = tibemsConnection_SetExceptionListener(
connection,
onException,
NULL);

tibems_setExceptionOnFTSwitch(TIBEMS_TRUE);

See the t i b e m s M s g C o n s u m e r . c sample client for a working example (without the

s e t E x c e p t i o n O n F T S w i t c h call).

C#
Implement an I E x c e p t i o n L i s t e n e r . O n E x c e p t i o n method, set the C o n n e c t i o n
object’s E x c e p t i o n L i s t e n e r property to register the exception listener, and call
T i b e m s . S e t E x c e p t i o n O n F T S w i t c h to call the exception handler after a
fault-tolerant switchover:
public class csMsgConsumer : IExceptionListener
{
.....
public void OnException(EMSException e)
{
/* Handle exception */
}
.....
connection.ExceptionListener = this;

TIBCO.EMS.Tibems.SetExceptionOnFTSwitch(true);
.....
}

See the c s M s g C o n s u m e r . c s sample client for a working example (without the

s e t E x c e p t i o n O n F T S w i t c h call).

TIBCO Enterprise Message Service User’s Guide

320
| Chapter 11 Developing an EMS Client Application

Dynamically Creating Topics and Queues

EMS provides a JNDI implementation that can be used to store topics and queues.
Java, C, and C# clients can use the EMS JNDI implementation to lookup topics
and queues.
You can also store topics and queues in any JNDI-compliant naming service or in
an LDAP server. Java clients can lookup topics and queues in any JNDI-compliant
naming service. C and C# clients use LDAP servers.
Looking up Administered Objects Stored in EMS on page 338 describes how to
lookup topics and queues from an EMS server. Chapter 1, Using JNDI With
Third-Party Naming/Directory Services in the TIBCO Enterprise Message Service
Application Integration Guide describes how to look up topics and queues from a
third-party JNDI or LDAP server.
Clients can also create destinations as needed. If a client requests the creation of a
destination that already exists, the existing destination is used. If the destination
does not exist, and the specification of the t o p i c s . c o n f , q u e u e s . c o n f , or
a c l . c o n f files allow the destination, the server dynamically creates the new
destination. The new destination inherits properties and permissions from its
ancestors as described in Wildcards and Dynamically Created Destinations on
page 76. The destination is managed by the server as long as clients that use the
destination are running.

Because dynamic destinations do not appear in the configuration files, a client

cannot use JNDI to lookup dynamically created queues and topics.

The following examples show how to create destinations dynamically:

Java
Use the S e s s i o n object’s c r e a t e T o p i c ( ) method to create a topic as a
D e s t i n a t i o n object:

Destination topic = session.createTopic(topicName);

Use the S e s s i o n object’s c r e a t e Q u e u e ( ) method to create a queue as a

D e s t i n a t i o n object:

Destination queue = session.createQueue(queueName);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

 Dynamically Creating Topics and Queues 321
|

C
Use the t i b e m s T o p i c _ C r e a t e function to create a topic of type
tibemsDestination:

tibemsDestination topic = NULL;

status = tibemsTopic_Create(&topic,topicName);

Use the t i b e m s Q u e u e _ C r e a t e function to create a queue of type

tibemsDestination:

tibemsDestination queue = NULL;

status = tibemsQueue_Create(&queue,queueName);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

C#
Use the S e s s i o n . C r e a t e T o p i c method to create a T o p i c object:
Destination topic = session.CreateTopic(topicName);

Use the S e s s i o n . C r e a t e Q u e u e method to create a Q u e u e object:

Destination queue = session.CreateQueue(queueName);

See the c s M s g P r o d u c e r . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

322
| Chapter 11 Developing an EMS Client Application

Creating a Message Producer

As described in JMS Message Models on page 3, a Message Producer is an EMS

client that either publishes messages to a topic or sends messages to a queue.
When working with topics, a Message Producer is commonly referred to as a
Publisher. Optionally, when creating a Message Producer, you can set the
destination to NULL and specify the destination when you send or publish a
message, as described in Sending Messages on page 332.
You must have s e n d permission on a queue to create a message producer that
sends messages to that queue. You must have d u r a b l e permission on the topic to
create a new durable subscriber for that topic, and have at least u s e _ d u r a b l e
permission on the topic to attach to an existing durable subscriber for the topic.
See User Permissions on page 265 for details.
The following examples create a message producer that sends messages to the
queue that was dynamically created in Dynamically Creating Topics and Queues
on page 320.

Java
Use the S e s s i o n object’s c r e a t e P r o d u c e r ( ) method to create a
MessageProducer object:
MessageProducer QueueSender = session.createProducer(queue);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
Use the t i b e m s S e s s i o n _ C r e a t e P r o d u c e r function to create a message producer
of type t i b e m s M s g P r o d u c e r :
tibemsMsgProducer QueueSender = NULL;
status = tibemsSession_CreateProducer(session,
&QueueSender,queue);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

C#
Use the S e s s i o n . C r e a t e P r o d u c e r method to create a M e s s a g e P r o d u c e r object:
MessageProducer QueueSender = session.CreateProducer(queue);

See the c s M s g P r o d u c e r . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

 Creating a Message Producer 323
|

Configuring a Message Producer

A message producer can be configured to generate messages with default headers
and properties that define how those messages are to be routed and delivered.
Specifically, you can:
• Set the producer's default delivery mode.
• Set whether message IDs are disabled.
• Set whether message timestamps are disabled.
• Set the producer's default priority.
• Set the default length of time that a produced message should be retained by
the message system.
For example, as described in the Message Delivery Modes on page 24, you can set
the message deliver mode to either P E R S I S T E N T, N O N _ P E R S I S T E N T , or
R E L I A B L E _ D E L I V E R Y.

Java
Use the M e s s a g e P r o d u c e r object’s s e t D e l i v e r y M o d e ( ) method to configure
your Message Producer with a default delivery mode of R E L I A B L E _ D E L I V E R Y:
QueueSender.setDeliveryMode(
com.tibco.tibjms.Tibjms.RELIABLE_DELIVERY);

To configure the Message Producer with a default delivery mode of

N O N _ P E R S I S T E N T:

QueueSender.setDeliveryMode(
javax.jms.DeliveryMode.NON_PERSISTENT);

See the t i b j m s M s g P r o d u c e r P e r f . j a v a sample client for a working example.

Delivery mode cannot be set by using the M e s s a g e . s e t J M S D e l i v e r y M o d e ( )

method. According to the JMS specification, the publisher ignores the value of the
J M S D e l i v e r y M o d e header field when a message is being published.

C
Use the t i b e m s M s g P r o d u c e r _ S e t D e l i v e r y M o d e function to configure your
Message Producer to set a default delivery mode for each message it produces to
R E L I A B L E _ D E L I V E R Y:

tibems_int deliveryMode = TIBEMS_RELIABLE;

status tibemsMsgProducer_SetDeliveryMode(QueueSender,
deliveryMode);

TIBCO Enterprise Message Service User’s Guide

324
| Chapter 11 Developing an EMS Client Application

C#
Set the D e l i v e r y M o d e on the M e s s a g e P r o d u c e r object to R E L I A B L E _ D E L I V E R Y:
QueueSender.DeliveryMode = DeliveryMode.RELIABLE_DELIVERY;

See the c s M s g P r o d u c e r P e r f . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

 Creating a Message Consumer 325
|

Creating a Message Consumer

Message consumers are clients that receive messages published to a topic or sent
to a queue. When working with topics, a Message Consumer is commonly
referred to as a Subscriber.
A Message Consumer can be created with a "message selector" that restricts the
consumption of message to those with specific properties. When creating a
Message Consumer for topics, you can set a n o L o c a l attribute that prohibits the
consumption of messages that are published over the same connection from
which they are consumed.
Carefully consider the message selectors that are used with queue consumers.
Because messages that do not match a queue consumer’s message selectors
remains in the queue until it is retrieved by another consumer, a non-matching
message can experience many failed selectors. This is especially so when queue
consumers connect, consume a message, and immediately disconnect.
As described in Durable Subscribers for Topics on page 5, messages published to
topics are only consumed by active subscribers to the topic; otherwise the
messages are not consumed and cannot be retrieved later. You can create a
durable subscriber that ensures messages published to a topic are received by the
subscriber, even if it is not currently running. For queues, messages remain on the
queue until they are either consumed by a Message Consumer, the message
expiration time has been reached, or the maximum size of the queue is reached.
The following examples create a Message Consumer that consumes messages
from the queue and a durable subscriber that consumes messages from a topic.
The queue and topic are those that were dynamically created in Dynamically
Creating Topics and Queues on page 320.

The createDurableSubscriber method either creates a new durable

subscriber for a topic or attaches the client to a previously created durable
subscriber. A user must have d u r a b l e permission on the topic to create a new
durable subscriber for that topic. A user must have at least u s e _ d u r a b l e
permission on the topic to attach to an existing durable subscriber for the topic.
See User Permissions on page 265 for details.

Java
Use the S e s s i o n object’s c r e a t e C o n s u m e r ( ) method to create a
M e s s a g e C o n s u m e r object:

MessageConsumer QueueReceiver = session.createConsumer(queue);

See the t i b j m s M s g C o n s u m e r . j a v a sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

326
| Chapter 11 Developing an EMS Client Application

The following S e s s i o n . c r e a t e D u r a b l e S u b s c r i b e r ( ) method creates a durable

subscriber, named "MyDurable":
TopicSubscriber subscriber =
session.createDurableSubscriber(topic,"myDurable");

See the t i b j m s D u r a b l e . j a v a sample client for a working example.

C
Use the t i b e m s S e s s i o n _ C r e a t e C o n s u m e r function to create a message consumer
of type t i b e m s M s g C o n s u m e r :
tibemsMsgConsumer QueueReceiver = NULL;
status = tibemsSession_CreateConsumer(session,
&QueueReceiver, queue, NULL, TIBEMS_FALSE);

See the t i b e m s M s g C o n s u m e r . c sample client for a working example.

The following t i b e m s S e s s i o n _ C r e a t e D u r a b l e S u b s c r i b e r function creates a
durable subscriber, named "myDurable," of type t i b e m s M s g C o n s u m e r :
tibemsMsgConsumer msgConsumer = NULL;
status = tibemsSession_CreateDurableSubscriber(session,
&msgConsumer, topic, "myDurable",
NULL, TIBEMS_FALSE);

See the t i b e m s D u r a b l e . c sample client for a working example.

C#
Use the S e s s i o n . C r e a t e C o n s u m e r method to create a M e s s a g e C o n s u m e r object:
MessageConsumer QueueReceiver = session.createConsumer(queue);

See the c s M s g C o n s u m e r . c s sample client for a working example.

The following S e s s i o n . C r e a t e D u r a b l e S u b s c r i b e r method creates a durable
subscriber, named "MyDurable":
TopicSubscriber subscriber =
session.CreateDurableSubscriber(topic, "myDurable");

See the c s D u r a b l e . c s sample client for a working example.

Creating a Message Listener for Asynchronous Message Consumption

EMS allows a Message Consumer to consume messages either synchronously or
asynchronously. For synchronous consumption, the Message Consumer explicitly
calls a receive method on the topic or queue. For asynchronous consumption, you
can implement a Message Listener that serves as an asynchronous event handler
for messages.

TIBCO Enterprise Message Service User’s Guide

 Creating a Message Consumer 327
|

A Message Listener implementation has one method, o n M e s s a g e , that is called by

the EMS server when a message arrives on a destination. You implement the
o n M e s s a g e method to perform the desired actions when a message arrives. Your
implementation should handle all exceptions, and it should not throw any
exceptions.
Once you create a Message Listener, you must register it with a specific Message
Consumer before calling the connection’s s t a r t method to begin receiving
messages.
A Message Listener is not specific to the type of the destination. The same listener
can obtain messages from a queue or a topic, depending upon the destination set
for the Message Consumer with which the listener is registered.

The J2EE 1.3 platform introduced message-driven beans (MDBs) that are a special
kind of Message Listener. See the J2EE documentation for more information about
MDBs.

Java
Create an implementation of the M e s s a g e L i s t e n e r interface, create a
M e s s a g e C o n s u m e r, and use the M e s s a g e C o n s u m e r object’s
s e t M e s s a g e L i s t e n e r ( ) method to register the Message Listener with the
Message Consumer:
public class tibjmsAsyncMsgConsumer implements MessageListener
{
/* Create a connection, session and consumer */
...

MessageConsumer QueueReceiver =
session.createConsumer(queue);

QueueReceiver.setMessageListener(this);

connection.start();
}

Do not use the S e s s i o n .s e t M e s s a g e L i s t e n e r ( ) method, which is used by

application servers, rather than by applications.

Implement the o n M e s s a g e ( ) method to perform the desired actions when a

message arrives:
public void onMessage(Message message)

{
/* Process message and handle exceptions */

See the t i b j m s A s y n c M s g C o n s u m e r . j a v a sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

328
| Chapter 11 Developing an EMS Client Application

C
Implement an o n M e s s a g e ( ) function to perform the desired actions when a
message arrives:
void onMessage(tibemsMsgConsumer QueueReceiver,
tibemsMsg message, void* closure)
{
/* Process message and handle exceptions */
}

In another function, that creates a t i b e m s M s g C o n s u m e r and uses the

t i b e m s M s g C o n s u m e r _ S e t M s g L i s t e n e r function to create a message listener for
the Message Consumer, specifying o n M e s s a g e ( ) as the callback function:
void run()
{
tibemsMsgConsumer QueueReceiver = NULL;

/* Create a connection, session and consumer */

...

status = tibemsSession_CreateConsumer(session,
&QueueReceiver, queue, NULL, TIBEMS_FALSE);

status = tibemsMsgConsumer_SetMsgListener(QueueReceiver,
onMessage, NULL);

status = tibemsConnection_Start(connection);
}

See the t i b e m s A s y n c M s g C o n s u m e r . c sample client for a working example.

C#
Create an implementation of the I M e s s a g e L i s t e n e r interface, use
Session.CreateConsumer to create a M e s s a g e C o n s u m e r, and set the
M e s s a g e L i s t e n e r property on the M e s s a g e C o n s u m e r object to register the
Message Listener with the Message Consumer:
public class csAsyncMsgConsumer : IMessageListener
{
/* Create a connection, session and consumer */
...

MessageConsumer QueueReceiver =
session.CreateConsumer(queue);

QueueReceiver.MessageListener = this;

connection.Start();
}

TIBCO Enterprise Message Service User’s Guide

 Creating a Message Consumer 329
|

Implement the I M e s s a g e L i s t e n e r . O n M e s s a g e method to perform the desired

actions when a message arrives:
public void OnMessage(Message message) {
try
{
/* Process message and handle exceptions */
}
}

See the c s A s y n c M s g C o n s u m e r . c s and c s A s y n c M s g C o n s u m e r U s i n g D e l e g a t e . c s

sample clients for working examples.

TIBCO Enterprise Message Service User’s Guide

330
| Chapter 11 Developing an EMS Client Application

Working with Messages

Messages are a self-contained units of information used by JMS applications to

exchange data or request operations.

Creating Messages
As described in JMS Message Bodies on page 21, EMS works with the following
types of messages:
• Messages with no body
• Text Messages
• Map Messages
• Bytes Messages
• Stream Messages
• Object Messages
There is a separate create method for each type of message.
The following examples show how to create a simple text message containing the
string "Hello."

Java
Use the S e s s i o n object’s c r e a t e T e x t M e s s a g e ( ) method to create a
TextMessage:

TextMessage message = session.createTextMessage("Hello");

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
Use the t i b e m s T e x t M s g _ C r e a t e function to create a text message of type
tibemsTextMsg:

tibemsTextMsg message = "Hello";

status = tibemsTextMsg_Create(&message);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

 Working with Messages 331
|

C#
Use the S e s s i o n . C r e a t e T e x t M e s s a g e method to create text message of type
TextMessage:

TextMessage message = session.CreateTextMessage("Hello");

See the c s M s g P r o d u c e r . c s sample client for a working example.

Setting and Getting Message Properties

Before a client sends a message, it can use a "set property" method to set the
message properties described in EMS Message Properties on page 19. The client
can check the message properties with a "get property" method.

Java
Use the M e s s a g e object’s s e t B o o l e a n P r o p e r t y ( ) method to set the
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property to t r u e :

message.setBooleanProperty("JMS_TIBCO_PRESERVE_UNDELIVERED",
true);

Use the g e t S t r i n g P r o p e r t y ( ) method to get the user ID of the

JMS_TIBCO_SENDER:

userID = message.getStringProperty("JMS_TIBCO_SENDER");

C
Use the t i b e m s M s g _ S e t B o o l e a n P r o p e r t y function to set the
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property to t r u e :

status = tibemsMsg_SetBooleanProperty(message,
"JMS_TIBCO_PRESERVE_UNDELIVERED", true);

Use the t i b e m s M s g _ G e t S t r i n g P r o p e r t y function to get the user ID of the

JMS_TIBCO_SENDER:

char* userID = NULL;

status = tibemsMsg_GetStringProperty(message,
"JMS_TIBCO_SENDER", &userID);

C#
Use the M e s s a g e .S e t B o o l e a n P r o p e r t y method to set the
J M S _ T I B C O _ P R E S E R V E _ U N D E L I V E R E D property to t r u e :

message.SetBooleanProperty("JMS_TIBCO_PRESERVE_UNDELIVERED",
true);

TIBCO Enterprise Message Service User’s Guide

332
| Chapter 11 Developing an EMS Client Application

Use the M e s s a g e .G e t S t r i n g P r o p e r t y method to get the user ID of the

JMS_TIBCO_SENDER:

string userID = message.GetStringProperty("JMS_TIBCO_SENDER");

Sending Messages
You can use the Message Producer client, described in Creating a Message
Producer on page 322, to send messages to a destination. You can either send a
message to the destination specified by the Message Producer or, if the Message
Producer specifies NULL as the destination, you can send a message to a specific
destination. In either case, you can optionally set the J M S D e l i v e r y M o d e ,
J M S E x p i r a t i o n , and J M S P r i o r i t y message header fields described in JMS
Message Header Fields on page 17 when sending each message.
The following examples show two ways to send a text message in each language.
The first example sends the message to the Message Producer, Q u e u e S e n d e r,
created in Creating a Message Producer on page 322. The second example uses a
Message Producer, N U L L s e n d e r, that specifies a destination of NULL and sends
the message to the topic created in Dynamically Creating Topics and Queues on
page 320.
See Chapter 2, Messages for more information about creating messages.

Java
Use the M e s s a g e P r o d u c e r object’s s e n d ( ) method to send a message to the
destination specified by the M e s s a g e P r o d u c e r object:
QueueSender.send(message);

Use the following form of the send() method to send a message to a specific
destination:
MessageProducer NULLsender = session.createProducer(null);
....
NULLsender.send(topic, message);

See the t i b j m s M s g P r o d u c e r . j a v a sample client for a working example.

C
Use the t i b e m s M s g P r o d u c e r _ S e n d function to send a message to the destination
specified by the t i b e m s M s g P r o d u c e r :
status = tibemsMsgProducer_Send(QueueSender, message);

TIBCO Enterprise Message Service User’s Guide

 Working with Messages 333
|

Use the t i b e m s M s g P r o d u c e r _ S e n d T o D e s t i n a t i o n function to send the message

to a specific destination:
status = tibemsMsgProducer_SendToDestination(NULLsender,
topic, message);

See the t i b e m s M s g P r o d u c e r . c sample client for a working example.

Unlike the Java and C# APIs, in the C API, you can use the
t i b e m s M s g P r o d u c e r _ S e n d T o D e s t i n a t i o n function to specify the destination
regardless of whether a destination is in the t i b e m s M s g P r o d u c e r .

C#
Use the M e s s a g e P r o d u c e r . S e n d method to send a message to the destination
specified by the M e s s a g e P r o d u c e r :
QueueSender.Send(message);

Use the following form of the M e s s a g e P r o d u c e r . S e n d method to send a message

to a specific destination:
MessageProducer NULLsender = session.CreateProducer(NULL);

NULLsender.Send(topic, message);

See the c s M s g P r o d u c e r . c s sample client for a working example.

Receiving Messages
The Message Consumer created in Creating a Message Consumer on page 325
receives messages from a destination and acknowledges the receipt of messages
using the acknowledge mode established for the session, as described in Creating
a Session on page 317.
Before receiving messages, the Message Consumer must start the connection to
the EMS server. Before exiting, the Message Consumer must close the connection.
The following examples start the connection created in Connecting to the EMS
Server on page 315; synchronously receive messages from the queue created in
Dynamically Creating Topics and Queues on page 320, and then close the
connection.

You can also implement a Message Listener for your Message Consumer to
asynchronously receive messages, as described in Creating a Message Listener for
Asynchronous Message Consumption on page 326.

TIBCO Enterprise Message Service User’s Guide

334
| Chapter 11 Developing an EMS Client Application

Java
Use the C o n n e c t i o n object’s s t a r t ( ) method to start the connection:
connection.start();

Use the M e s s a g e C o n s u m e r object’s r e c e i v e ( ) method to receive a message. This

is typically used in a loop for the duration the client wishes to receive messages:
Message message = QueueReceiver.receive();

When the client has finished receiving messages, it uses the C l o s e ( ) method to
close the connection:
connection.close();

See the t i b j m s M s g C o n s u m e r . j a v a sample client for a working example.

C
Use the t i b e m s C o n n e c t i o n _ S t a r t function to start the connection:
status = tibemsConnection_Start(connection);

Use the t i b e m s M s g C o n s u m e r _ R e c e i v e function to receive a message. This is

typically used in a loop for the duration the client wishes to receive messages:
tibemsMsg message = NULL;

status = tibemsMsgConsumer_Receive(QueueReceiver,&message);

When the client has finished receiving messages, use the

t i b e m s C o n n e c t i o n _ C l o s e function to close the connection:

status = tibemsConnection_Close(connection);

See the t i b e m s M s g C o n s u m e r . c sample client for a working example.

C#
Use the C o n n e c t i o n . S t a r t function to start the connection:
connection.Start();

Use the M e s s a g e C o n s u m e r . R e c e i v e function to receive a message. This is

typically used in a loop for the duration the client wishes to receive messages:
Message message = QueueReceiver.receive();

When the client has finished receiving messages, use the C o n n e c t i o n . C l o s e

function to close the connection:
connection.Close();

See the c s M s g C o n s u m e r . c s sample client for a working example.

TIBCO Enterprise Message Service User’s Guide

 | 335

Chapter 12 Using the EMS Implementation of JNDI

The EMS server provides a implementation of JNDI that enables you to lookup
connection factories, topics and queues, which are collectively referred to as
administered objects. Java clients can look up administered objects stored in EMS
using standard JNDI calls. The C and C# APIs provide similar calls to look up
object data in the EMS server.
How to create topics and queues is described in Creating and Modifying
Destinations on page 72.

Topics

• Creating and Modifying Administered Objects in EMS, page 336

• Looking up Administered Objects Stored in EMS, page 338

TIBCO Enterprise Message Service User’s Guide

336
| Chapter 12 Using the EMS Implementation of JNDI

Creating and Modifying Administered Objects in EMS

You can create administered objects for storage in EMS using either the
administration tool or the administration APIs, or directly in the configuration
files. This section describes how to create administered objects using the
administration tool.
To create a connection factory, use the c r e a t e f a c t o r y command in the EMS
Administration Tool. For example, to create a generic connection factory, named
myFactory, that establishes a TCP connection to port 7344 on server1, start the EMS
Administration Tool and enter:
create factory myFactory generic URL=tcp://server1:7344

The connection factory data stored on the EMS server is located in the
f a c t o r i e s . c o n f file. You can use the s h o w f a c t o r i e s command to list all of the
connection factories on your EMS server and the s h o w f a c t o r y command to
show the configuration details of a specific connection factory.
A connection factory may include optional properties for balancing server load
and establishing thresholds for attempted connections, as described in
Connection Factory Parameters on page 228. These properties can be specified
when creating the factory or modified for an existing factory using the a d d p r o p
f a c t o r y , s e t p r o p f a c t o r y , and r e m o v e p r o p f a c t o r y commands.

For example, to set the maximum number of connection attempts for the
connection factory, myFactory, from the default value of 2 to 5, start the EMS
Administration Tool and enter:
addprop factory myFactory connect_attempt_count=5

And to reset the value back to 2, enter:

setprop factory myFactory connect_attempt_count=2

Creating Connection Factories for Secure Connections

This section describes how to create a static connection factory for establishing an
SSL connection. Similar SSL parameters must be used when looking up the
connection factory, as described in Performing Secure Lookups.
Connections that are to be secured using SSL identify the transport protocol as
’ssl’ and may include any number of the SSL configuration parameters listed in
SSL Server Parameters on page 208.
For example, to create a generic connection factory, named mySecureFactory, that
establishes a SSL connection to port 7243 on server1, start the EMS Administration
Tool and enter:

TIBCO Enterprise Message Service User’s Guide

 Creating and Modifying Administered Objects in EMS 337
|
create factory mySecureFactory generic URL=ssl://server1:7243

To create a factory to set up a generic connection and check the server's certificate
to confirm the name of the server is m y S e r v e r, enter (all one line):
create factory MySSLFactory generic url=ssl://7243
ssl_verify_host=enabled ssl_expected_hostname=myServer
ssl_trusted=certs/server_root.cert.pem

To create a factory to set up a topic connection, check the server's certificate (but
not the name inside the certificate), and to set the s s l _ a u t h _ o n l y parameter so
that SSL is only used by the client when creating the connection, enter (all one
line):
create factory AnotherSSLFactory topic url=ssl://7243
ssl_verify_host=enabled ssl_verify_hostname=disabled
ssl_trusted=certs/server_root.cert.pem ssl_auth_only=enabled

These samples assume that the certificate s e r v e r _ r o o t . c e r t . p e m is located in

"certs" subdirectory of the directory where the server is running.

See Chapter 18, Using the SSL Protocol, on page 441 for details.

Creating Connection Factories for Fault-Tolerant Connections

When connecting a fault-tolerant client to EMS, you must specify two or more
EMS servers in your connection factory. When creating a connection factory for a
fault-tolerant client, specify multiple server URLs in the u r l argument of the
c r e a t e f a c t o r y command.

For example, to create a generic connection factory, named myFtFactory, that

establishes TCP connections to port 7545 on the primary server, server0, and port
7344 on the backup server, server1, start the EMS Administration Tool and enter
(on one line):
create factory myFtFactory generic url=tcp://server0:7545,
tcp://server1:7344

Should server0 become unavailable, the client will connect to server1. See
Chapter 19, Fault Tolerance, on page 461 for details.

TIBCO Enterprise Message Service User’s Guide

338
| Chapter 12 Using the EMS Implementation of JNDI

Looking up Administered Objects Stored in EMS

This section describes how to lookup objects from an EMS server by name.
All clients can lookup objects in the EMS naming service. Alternatively, Java
applications can lookup objects in a third-party JNDI server, and C and C# clients
can lookup objects in a third-party LDAP server. See Chapter 1, Using JNDI With
Third-Party Naming/Directory Services in the TIBCO Enterprise Message Service
Application Integration Guide for details on how to look up connection factories
from a third-party JNDI or LDAP server.
To lookup administered objects stored in EMS, you need to create the initial
context that identifies the URL of the naming service provider and any other
properties, such as the username and password to authenticate the client to the
service. The naming service provider URL has form:
t i b j m s n a m i n g : / / host: port

The following examples demonstrate how to access JMS administered objects

when using TIBCO Enterprise Message Service. Each of these examples assume
that a connection factory, named C o n F a c , exists in the f a c t o r i e s . c o n f file, a
t o p i c . s a m p l e topic exists in t o p i c s . c o n f , and a q u e u e . s a m p l e queue exists in
queues.conf.

Java
Create an I n i t i a l C o n t e x t object for the initial context, which consists of the
provider context factory and JNDI provider URL, as well as the username and
password to authenticate the client to the EMS server:
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.tibco.tibjms.naming.TibjmsInitialContextFactory");
env.put(Context.PROVIDER_URL,"tibjmsnaming://localhost:7222");
env.put(Context.SECURITY_PRINCIPAL, "userName");
env.put(Context.SECURITY_CREDENTIALS, "password");
InitialContext jndiContext = new InitialContext(env);

Look up a connection factory, named C o n F a c , and destinations, named

t o p i c . s a m p l e and q u e u e . s a m p l e , from the initial context:

ConnectionFactory factory =
(javax.jms.ConnectionFactory)
jndiContext.lookup("ConFac");

javax.jms.Topic sampleTopic =
(javax.jms.Topic)jndiContext.lookup("topic.sample");
javax.jms.Queue sampleQueue =
(javax.jms.Queue)jndiContext.lookup("queue.sample");

TIBCO Enterprise Message Service User’s Guide

 Looking up Administered Objects Stored in EMS 339
|

See the t i b j m s J N D I . j a v a sample client located in the

EMS_HOME/ s a m p l e s / j a v a / J N D I directory.

C
Create a t i b e m s L o o k u p C o n t e x t object for the initial context, which consists of the
JNDI provider URL and the username and password to authenticate the client to
the EMS server:
tibemsLookupContext* contextstatus = NULL;
status = tibemsLookupContext_Create(
&context,
"tibjmsnaming://localhost:7222",
"userName",
"password");

Use the t i b e m s L o o k u p C o n t e x t _ L o o k u p C o n n e c t i o n F a c t o r y function to look up

a connection factory, named C o n F a c , and use the
t i b e m s L o o k u p C o n t e x t _ L o o k u p D e s t i n a t i o n function to look up the
destinations, named t o p i c . s a m p l e and q u e u e . s a m p l e , from the initial context:
tibemsConnectionFactory factory = NULL;
tibemsDestination sampleTopic = NULL;
tibemsDestination sampleQueue = NULL;

status = tibemsLookupContext_Lookup(context,
"ConFac",
(void**)&factory);

status = tibemsLookupContext_Lookup(context,
"sample.queue",
(void**)&sampleQueue);

status = tibemsLookupContext_Lookup(context,
"topic.sample,
(void**)&sampleTopic);

C#
Create a I L o o k u p C o n t e x t object for the initial context, which consists of the JNDI
provider URL and the username and password to authenticate the client to the
EMS server:
Hashtable env = new Hashtable();
env.Add(LookupContext.PROVIDER_URL,
"tibjmsnaming://localhost:7222");
env.Add(LookupContext.SECURITY_PRINCIPAL", "myUserName");
env.Add(LookupContext.SECURITY_CREDENTIALS", "myPassword");

LookupContextFactory factory = new LookupContextFactory();

TIBCO Enterprise Message Service User’s Guide

340
| Chapter 12 Using the EMS Implementation of JNDI

ILookupContext searcher = factory.CreateContext(

LookupContextFactory.TIBJMS_NAMING_CONT
EXT,
env);

Use the I L o o k u p C o n t e x t . L o o k u p method to look up a connection factory, named

C o n F a c , and destinations, named t o p i c . s a m p l e and q u e u e . s a m p l e , from the
initial context:
ConnectionFactory factory =
(ConnectionFactory) searcher.Lookup("ConFac");

Topic sampleTopic =
(Topic)searcher.Lookup("topic.sample");

TIBCO.EMS.Queue sampleQueue =
(TIBCO.EMS.Queue)searcher.Lookup("queue.sample");

Looking Up Objects Using Full URL Names

Java clients can look up administered objects using full URL names. In this case,
the C o n t e x t . U R L _ P K G _ P R E F I X E S property is used in place of the
C o n t e x t . P R O V I D E R _ U R L property. For example:

Hashtable env = new Hashtable();

env.put(Context.URL_PKG_PREFIXES,"com.tibco.tibjms.naming");
env.put(Context.PROVIDER_URL,"tibjmsnaming://localhost:7222");
env.put(Context.SECURITY_PRINCIPAL,"userName");
env.put(Context.SECURITY_CREDENTIALS,"password");
jndiContext = new InitialContext(env);

When using full URL names, you can look up objects like the following example:
Topic sampleTopic = (javax.jms.Topic)jndiContext.lookup(
"tibjmsnaming://jmshost:7222/topic.sample");
Queue sampleQueue = (javax.jms.Queue)jndiContext.lookup(
"tibjmsnaming://jmshost:7222/queue.sample");

For further information on how to use full URL names, refer to the
t i b j m s J N D I R e a d . j a v a example located in the EMS_HOME/ s a m p l e s / j a v a / J N D I
directory.

TIBCO Enterprise Message Service User’s Guide

 Looking up Administered Objects Stored in EMS 341
|

Performing Secure Lookups

TIBCO Enterprise Message Service client programs can perform secure JNDI
lookups using the Secure Sockets Layer (SSL) protocol. To accomplish this, the
client program must set SSL properties in the environment when the
I n i t i a l C o n t e x t is created. The SSL properties are similar to the SSL properties
for the TIBCO Enterprise Message Service server. See Chapter 18, Using the SSL
Protocol for more information about using SSL in the TIBCO Enterprise Message
Service server.
The following examples illustrate how to create an I n i t i a l C o n t e x t that can be
used to perform JNDI lookups using the SSL protocol.

Java
In this example, the port number specified for the C o n t e x t . P R O V I D E R _ U R L is set
to the SSL listen port that was specified in the server configuration file
t i b j s m d . c o n f . The value for T i b j m s C o n t e x t . S E C U R I T Y _ P R O T O C O L is set to s s l .
Finally, the value of T i b j m s C o n t e x t . S S L _ E N A B L E _ V E R I F Y _ H O S T is set to "false" to
turn off server authentication. Because of this, no trusted certificates need to be
provided and the client will then not verify the server it is using for the JNDI
lookup against the server’s certificate.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.tibco.tibjms.naming.TibjmsInitialContextFactory");
env.put(Context.PROVIDER_URL, tibjmsnaming://jmshost:7223);
env.put(Context.URL_PKG_PREFIXES, "com.tibco.tibjms.naming")
env.put(TibjmsContext.SECURITY_PROTOCOL, "ssl");
env.put(TibjmsContext.SSL_ENABLE_VERIFY_HOST,
new Boolean("false"));
Context context = new InitialContext(env);

C
Create a t i b e m s S S L P a r a m s object and use the
t i b e m s S S L P a r a m s _ S e t I d e n t i t y F i l e function to establish the client identity by
means of a p k c s 1 2 file. Use the t i b e m s L o o k u p C o n t e x t _ C r e a t e S S L function to
create a t i b e m s L o o k u p C o n t e x t object that uses an SSL connection for the initial
context.
tibemsLookupContext* context = NULL;
tibemsConnection_Factory factory = NULL;
tibemsSSLParams sslParams = NULL;
tibems_status status = TIBEMS_OK;

sslParams = tibemsSSLParams_Create();

TIBCO Enterprise Message Service User’s Guide

342
| Chapter 12 Using the EMS Implementation of JNDI

status = tibemsSSLParams_SetIdentityFile(
ssl_params,
"client_identity.p12",
TIBEMS_SSL_ENCODING_AUTO);

status = tibemsLookupContext_CreateSSL(
&context,
"tibjmsnaming://localhost:7222",
"userName",
"password",
sslParams,
"pk_password");

C#
Create a I L o o k u p C o n t e x t object for the initial context over an SSL connection.
The SSL Store Info consists of a pkcs12 file that identifies the client and the client’s
password, which are stored in an E M S S S L F i l e S t o r e I n f o object.
string ssl_identity = client_identity.p12;
string ssl_target_hostname = "server";
string ssl_password = "password";

EMSSSLFileStoreInfo StoreInfo = new EMSSSLFileStoreInfo();

info.SetSSLClientIdentity(ssl_identity);
info.SetSSLPassword(ssl_password.ToCharArray());

Hashtable env = new Hashtable();

env.Add(LookupContext.PROVIDER_URL, "adc1.na.tibco.com:10636");
env.Add(LookupContext.SECURITY_PRINCIPAL", "myUserName");
env.Add(LookupContext.SECURITY_CREDENTIALS", "myPassword");
env.Add(LookupContext.SECURITY_PROTOCOL, "ssl");
env.Add(LookupContext.SSL_TARGET_HOST_NAME,
ssl_target_hostname);
env.Add(LookupContext.SSL_STORE_TYPE,
EMSSSLStoreType.EMSSSL_STORE_TYPE_FILE);
env.Add(LookupContext.SSL_STORE_INFO, StoreInfo);

Performing Fault-Tolerant Lookups

TIBCO Enterprise Message Service can perform fault-tolerant JNDI lookups. If the
primary server fails and the backup server becomes the primary, the JNDI
provider automatically uses the new primary server for JNDI lookups. You
accomplish this by providing multiple URLs in the C o n t e x t . P R O V I D E R _ U R L
property when creating the I n i t i a l C o n t e x t . Specify more than one URL
separated by commas (,) in the property.

TIBCO Enterprise Message Service User’s Guide

 Looking up Administered Objects Stored in EMS 343
|

Example
The following illustrates setting up the C o n t e x t . P R O V I D E R _ U R L property with
the URLs of a primary EMS server on the machine named e m s h o s t and a backup
EMS server on the machine named b a c k u p h o s t .
env.put(Context.PROVIDER_URL, "tibjmsnaming://jmshost:7222,
tibjmsnaming://backuphost:7222");

If at any time the first EMS server fails, the JNDI provider will automatically
switch to the EMS server on the host b a c k u p h o s t for JNDI lookups. If e m s h o s t is
repaired and restarted, it then becomes the backup EMS server.

Limitations of Fault-Tolerant JNDI Lookups

Fault-tolerant JNDI lookups do not occur in the following scenarios:
• When using full URL names in argument to the lookup method.
• When looking up an object that has been bound into a foreign
naming/directory service such as LDAP.

TIBCO Enterprise Message Service User’s Guide

344
| Chapter 12 Using the EMS Implementation of JNDI

TIBCO Enterprise Message Service User’s Guide

 | 345

Chapter 13 Using Multicast

Multicast is a messaging model that allows the EMS server to send messages to
multiple consumers simultaneously by broadcasting them over an existing
network. This chapter describes how to use and configure multicast in TIBCO
Enterprise Message Service.

Topics

• Overview of Multicast, page 346

• Configuring Multicast, page 350
• Running Multicast, page 355
• Monitoring and Statistics, page 356

TIBCO Enterprise Message Service User’s Guide

346
| Chapter 13 Using Multicast

Overview of Multicast

Multicast is a messaging model that broadcasts messages to many consumers at

once, as opposed to sending copies of a message to each subscribing consumer
individually. TIBCO Enterprise Message Service uses Pragmatic General
Multicast (PGM) to broadcast messages published to multicast-enabled topics
over an existing network. Messages sent to topics that are not multicast-enabled
are delivered to the message consumer using TCP.
The server sends multicast messages over a multicast channel. Each
multicast-enabled topic is associated with a channel. The channel determines the
multicast port and multicast group address to which the server sends messages.
The multicast message is received by a multicast daemon running on the same
computer with the message consumer. When an EMS client subscribes to a
multicast-enabled topic, it automatically connects to the multicast daemon. The
multicast daemon begins listening on the channel associated with that topic,
receives any broadcast messages, and delivers them to subscribed clients.
Figure 20 shows the communication flow between a multicast message consumer,
EMS server, and multicast daemon.

Figure 20 Multicast message consumer creation

1
EMS Client TIBCO EMS
Server
Message 2
Consumer

3 Multicast
Daemon

tibemsmcd
4

Legend

TCP Connection
Multicast Broadcast

Multicast Messages

TIBCO Enterprise Message Service User’s Guide

 Overview of Multicast 347
|

The following describes the multicast message consumer creation process:

1. The EMS client connects to the EMS server and subscribes to one or more
multicast-enabled topics.
2. The EMS server sends a reply to the client, including instructions and
configuration information for the multicast daemon.
3. The client connects to the multicast daemon and passes the configuration
information from the server. The multicast daemon then begins listening for
multicast messages from the server.
4. The server begins broadcasting messages, which the multicast daemon
receives.
5. The multicast daemon delivers the messages to the client.
The client will continue to receive non-multicast messages directly from the
server.

When to Use Multicast

Because multicast reduces the number of operations performed by the server, and
reduces the amount of bandwidth used in the publish and subscribe model,
multicast is highly scalable.
Figure 21 on page 348 shows how using multicast can reduce the amount of
bandwidth used to send a message. Where publish and subscribe messaging
creates a copy of a published message for each message consumer, multicast
broadcasts the message only once. Multiple multicast daemons listening on the
channel receive the same broadcast.

TIBCO Enterprise Message Service User’s Guide

348
| Chapter 13 Using Multicast

Figure 21 The benefits of multicast

Point-to-Point Messaging Multicast Messaging

Message Producer Message Producer

EMS Server EMS Server

Client A tibemsmcd
Client C
Clients A, B, C
Client B

Network Resources Network Resources

All Clients
Client A Client B Client C 70% unused
A, B, C
30% 30% 30% 30%

10% unused

Although multicast can reduce the network resources used by the server, it is not
the best messaging model for every system. Multicast offers last-hop delivery
only; it cannot be used to send messages between servers. However, messages
sent to multicast-enabled topics are still delivered to other subscribed servers
using the standard TCP connection.

Multicast does not guarantee message delivery. Messages requiring a high degree
of reliability should not use multicast.

TIBCO Enterprise Message Service User’s Guide

 Overview of Multicast 349
|

The multicast daemon and message consumer always reside on the same
machine, and PGM is used to deliver the broadcast message from EMS server to
the daemon. Because there is no security on PGM, multicast should not be used in
applications where security is a priority.

Requirements
In order to use multicast in your EMS messaging application, the following
requirements must be met:
• The EMS server must be configured for multicast:
— The server must be enabled for multicast.
— Multicast channels must be configured.
— The desired topics must be multicast-enabled by associating them with a
multicast channel. Multicast is not compatible with queues.
See Configuring Multicast on page 350 for more information about
configuring multicast.
• The multicast-enabled message consumer must be created using the
N O _ A C K N O W L E D G E mode. See Message Acknowledgement on page 38 for more
information.
• The multicast daemon must be running on the same computer as the
subscriber. See Starting the Multicast Daemon on page 355 for more
information.

Backwards Compatibility
Multicast is backwards compatible, and can be used in applications where not all
EMS clients are using the same version of TIBCO Enterprise Message Service. The
EMS sever and any clients that wish to receive messages over multicast must be
Software Release 5.0 or later.
Multicast is configured primarily in the EMS server, and is largely invisible to
EMS clients. Message producers do not need to be enabled for multicast in order
to send multicast messages, because topics are multicast-enabled in the server.
However, clients are multicast-enabled by default.
Clients that are not multicast-enabled, either because multicast has been disabled
or because the client uses a release of EMS earlier than 5.0, will receive messages
from the server over the TCP connection, even if the message topic is
multicast-enabled.

TIBCO Enterprise Message Service User’s Guide

350
| Chapter 13 Using Multicast

Configuring Multicast

Multicast is configured in the EMS server configuration files. Configuration is a

simple three-step process:
1. Enable multicast in the EMS server.
Enable the m u l t i c a s t parameter in the t i b e m s d . c o n f file. Optional multicast
parameters allow you to control other settings, such as the default multicast
daemon port and the maximum amount of multicast traffic allowed. See
Multicast Parameters on page 201 for more information.
2. Create multicast channels.
Create named channels in the c h a n n e l s . c o n f file. See c h a n n e l s . c o n f on
page 224 for more information about the channels configuration file.
3. Associate topics with channels.
In the t o p i c s . c o n f configuration file, add the c h a n n e l property to the
definitions of those topics you wish to be multicast. See c h a n n e l on page 56
for more information about the channel property. Note that a topic can be
associated with only one multicast channel.

Configuring Multicast Dynamically

For the most part, multicast is configured statically. Only limited changes can be
made to multicast settings during runtime. Once the EMS server has been started,
the only multicast configuration change you can make is to the c h a n n e l property
of a topic. With the administration tool, you can assign to or remove an assigned
multicast channel from a topic. You cannot change the channel configuration or
the c h a n n e l s . c o n f file. To do that, you must stop the server.
These commands can be used to change a topic’s c h a n n e l property:
• a d d p r o p t o p i c adds the c h a n n e l property to a topic. For example, this sets
the c h a n n e l property for the topic f o o . b a r to m y c h a n n e l :
addprop topic foo.bar channel=mychannel

However, although this enables the topic f o o . b a r for multicast, current

subscribers to the topic will continue to receive messages over TCP. An
existing message consumer will not receive messages sent to f o o . b a r over
multicast until the consumer has been stopped and restarted.
• setprop topic offers the same functionality as a d d p r o p t o p i c , with one
important difference: when s e t p r o p t o p i c s is used, it resets all other
properties to their default values.

TIBCO Enterprise Message Service User’s Guide

 Configuring Multicast 351
|

This command also enables the topic for multicast, but does not cause existing
topic subscribers to receive messages over multicast. Only messages
consumers that are created after the c h a n n e l property is set will receive
multicast messages.
• r e m o v e p r o p t o p i c removes the c h a n n e l property from the topic. Current
multicast subscribers will begin to receive messages sent to the topic over
TCP.
If a backlog of messages exists in the server or multicast daemon, the EMS
client may receive some messages out of order, and some message loss is
possible. The multicast daemon will continue to deliver queued messages
until the backlog is gone, while the EMS server will deliver later messages
immediately.

A current topic subscriber will stop receiving messages if the multicast channel is
changed from one channel to a different channel. This can happen when:
• The channel is changed explicitly using a d d p r o p topic or s e t p r o p topic.

• The channel is removed using r e m o v e p r o p topic, and the topic inherits a

different channel from a parent.
If the channel assigned to a topic changes, current subscribers to the topic will not
receive messages until they have resubscribed to the topic. The server will not
send messages to the client over TCP if there is another channel assigned to the
topic.
In general, we recommend changing channels only when subscribers are stopped.

Configuring the Multicast Daemon

The multicast daemon, or t i b e m s m c d , is the process that receives multicast
messages from EMS servers and delivers them to individual clients. The multicast
daemon runs on the local host computer with the client. One daemon can receive
messages from multiple servers, and can deliver messages to multiple clients.
Configuration for the multicast daemon is set in the EMS server, and passed to the
daemon when the EMS client creates a multicast message consumer and connects
to the multicast daemon. In some cases, you may wish to make configuration
changes to the daemon directly. You can do this using command line options.
For example, if your configuration requires more than one network interface on a
single computer, you can run multiple multicast daemons on the local host. Use
the - i f c command line option to change the interface for a daemon. See
Command Line Options below for more information.

TIBCO Enterprise Message Service User’s Guide

352
| Chapter 13 Using Multicast

Command Line Options

The multicast daemon accepts a few command-line options. When starting
t i b e m s m c d , you can specify the following options:

Table 52 tibemsmcd Options

Option Description
-ifc interface Select the IP address that identifies the network interface
used by the multicast daemon to receive multicast data.
If this option is not included, the multicast daemon uses
the default interface, determined by the IP address
I N A D D R _ A N Y.

If your configuration requires multiple interfaces, you

will need one multicast daemon instance for each
interface. It may be helpful to use the commands
i p c o n f i g on Windows or i f c o n f i g on UNIX systems to
determine what interfaces are available and support
multicast.

-help or - h Print the help screen.

-logfile file Specify a logfile where trace messages will be written.

-logfile-max-size size[ K B | M B | G B ] Specify the maximum size that the trace message log file
may reach before rotation. By default, log files have no
size limit and so do not rotate.
Zero is a special value, which specifies no maximum size.
Otherwise, the value you specify must be greater than or
equal to 6 4 K B .

TIBCO Enterprise Message Service User’s Guide

 Configuring Multicast 353
|

Table 52 tibemsmcd Options

Option Description
- l i s t e n [ ip-address: ] tcp-port Change the IP address and TCP port on which the
daemon listens for connections from EMS clients, where:
• ip-address is an optional parameter that, when
provided, restricts the interface on which the multicast
daemon will accept client connections to a specific IP
address. If an ip-address is not provided, the multicast
daemon listens for EMS clients on all interfaces.
• tcp-port is the TCP port on which the daemon listens
for connections from EMS clients. The default port is
7444.
For example:
-listen 127.0.0.1:7444.

Note that if the default TCP port that the daemon listens
on is changed, then the client must be directed to attempt
a connection to the daemon on the same TCP port. To
change the port that the client uses, set the
m u l t i c a s t _ d a e m o n _ d e f a u l t parameter in the
t i b e m s d . c o n f file.

-trace Enable tracing in the multicast daemon. If this option is

included, trace information for events such as client
connections to the daemon and channel creation is written
to file.

-max-msg-memory size[ M B | K B ] Specify the maximum amount of memory allowed for all
messages waiting to be sent to consumers. Once the
specified memory limit is reached, new messages are
discarded. Specify the size in units of M B or G B . The
minimum permitted size is 8 M B .

-max-loss-rate percentage Specify the maximum percentage (between 1 and 1 0 0 ) of

acceptable loss rate. When the rate rises above the given
percentage, the multicast daemon stops sending NAKs.
By default, the maximum loss rate is 10%.

-no-console-trace Prevent the multicast daemon from sending tracing

messages to the console.

TIBCO Enterprise Message Service User’s Guide

354
| Chapter 13 Using Multicast

Controlling Access to Multicast-Enabled Topics

Publish and subscribe permissions for multicast-enabled topics are controlled the
same way that they are controlled for topics that are not multicast-enabled. See
Destination Control on page 258 for more information about controlling access to
destinations.

TIBCO Enterprise Message Service User’s Guide

 Running Multicast 355
|

Running Multicast

For an example of multicast messaging, see Multicast Messaging Example on

page 98

Starting the Multicast Daemon

The multicast daemon is located in your installation_path / b i n directory and is a
stand-alone executable named t i b e m s m c d on UNIX and t i b e m s m c d . e x e o n
Windows platforms.

Windows On a computer running Windows, you can also start the administration tool from
the Start menu, following the path Programs > TIBCO > TIBCO EMS 6.0 > Start
EMS Multicast Daemon.

UNIX On a computer running a UNIX system, the multicast daemon must have root
privileges. This can be done either by running the daemon from a root user
account, or the daemon can be setuid (set user ID) root, allowing any user to run
t i b e m s m c d with the required root privileges. Root privileges are required because
multicast uses raw sockets.
Once multicast initialization is complete, the EMS server and multicast daemon
release root privileges.
For more information, see Multicast and Root Access on page 11 of the TIBCO
Enterprise Message Service Installation.

Creating a Multicast Consumer

The EMS client is enabled for multicast by default, and no special configuration is
required. To receive multicast data, the client need only create a multicast
consumer by subscribing to a multicast-enabled topic using the N O _ A C K N O W L E D G E
mode, as described in Message Acknowledgement on page 38.
You can also disable multicast in a client, using API calls. For more information,
see the API documentation for your language.

TIBCO Enterprise Message Service User’s Guide

356
| Chapter 13 Using Multicast

Monitoring and Statistics

There are a number of aspects of a multicast deployment that can be analyzed to

determine the deployment’s health and status and to aid in troubleshooting.

Monitoring
The server publishes messages to two monitoring topics specifically related to
multicast. These topics are $ s y s . m o n i t o r . m u l t i c a s t . s t a t u s and
$sys.monitor.multicast.stats.

The server publishes monitoring messages to the topic

$sys.monitor.multicast.status. These messages contain information about
the status of a multicast consumer and the multicast daemon to which it is
connected. This information includes when a consumer has successfully joined a
multicast group and when a consumer experiences an error, such as
unrecoverable loss in its multicast daemon. By monitoring multicast errors you
can detect which consumers are experiencing problems, allowing you to take
corrective action.
Low-level multicast statistics are published in a monitoring message to the topic
$ s y s . m o n i t o r . m u l t i c a s t . s t a t s . The statistics include information such as the
number of bytes sent to a multicast group and the number of NAKs sent by a
multicast daemon. These multicast statistics can aid in troubleshooting a
multicast deployment when provided to TIBCO technical support. Generally
these statistics won’t have much meaning to a typical user. Multicast statistics are
only published when the server’s m u l t i c a s t _ s t a t i s t i c s _ i n t e r v a l is set to a
non-zero value. By default the m u l t i c a s t _ s t a t i s t i c s _ i n t e r v a l is set to zero.
See Chapter 17, Monitoring Server Activity for more information on monitoring.

Statistics
The server’s multicast channel statistics can be viewed using the administration
API or the administration command line tool. Multicast channel statistics include:
• The average number of messages sent per second.
• The average number of bytes sent per second.
• The total number of messages sent.
• The total number of bytes sent.
• Detailed statistics for each topic using the channel.
See Working with Server Statistics on page 436 for more information on statistics.

TIBCO Enterprise Message Service User’s Guide

 | 357

Chapter 14 Multicast Deployment and Troubleshooting

This chapter reviews important multicast deployment considerations, and

provides hints and suggestions for countering some common problems
associated with multicast deployments.

Topics

• Deployment Considerations, page 358

• Walking Through a Multicast Deployment, page 364
• Troubleshooting EMS Multicast, page 373

TIBCO Enterprise Message Service User’s Guide

358
| Chapter 14 Multicast Deployment and Troubleshooting

Deployment Considerations

Ensuring a proper multicast deployment takes some forethought, more than a

traditional unicast deployment. This section discusses some subjects to consider
before deploying TIBCO Enterprise Message Service with multicast.
Issues in multicast deployment can be separated into three areas: ensuring
multicast connectivity, restricting multicast traffic, and managing bandwidth.
These can be represented with three basic questions:
1. Can multicast traffic go to all hosts where it is wanted? See Connectivity on
page 358.
2. Will multicast traffic go to any hosts where it is unwanted? See Restricting
Multicast Traffic on page 360.
3. How will unicast and multicast traffic share the available network
bandwidth? See Managing Bandwidth on page 360.

Connectivity
Like unicast applications, multicast applications require that the network layer
provide a path for multicast data to flow from senders to receivers. However,
routers and switches may require additional configuration for multicast use and
tuning. The first step in ensuring and limiting connectivity is defining channels,
and assigning multicast group addresses these channels.

Multicast Addresses
Each multicast channel, defined in the c h a n n e l s . c o n f configuration file, is
assigned a multicast address. TIBCO Enterprise Message Service allows you to
assign any valid multicast address, in the class D address range, 224.0.0.0 through
239.255.255.255. However, in order to avoid a conflict, please refer to the Internet
Assigned Numbers Authority (IANA) list of reserved addresses to avoid a
conflict:
http://www.iana.org/assignments/multicast-addresses
When assigning addresses to your channels, keep these additional considerations
in mind:
• Multicast addresses 224.0.1.78 and 224.0.1.79 are reserved by TIBCO EMS for
internal use. These addresses should not be used, as TIBCO multicast traffic
may be encountered there.
• Ideally, you should select multicast addresses from 239.0.0.0 to
239.255.255.255. These have been set aside as an administratively scoped

TIBCO Enterprise Message Service User’s Guide

 Deployment Considerations 359
|

block, and IANA will never reserve these. They can be freely used within your
enterprise without worry of any external conflict.
• There is not a one-to-one mapping of MAC addresses to IP addresses; because
of this you should not pick x.0.0.x addresses, as they may map to reserved
addresses and so may not work. The class D IP address range assigned to
multicasting is 28 bits wide, but the range of MAC addresses assigned to
multicast is only 23 bits wide. Since only the 23 lower order bits of the IP
address are assigned to make the MAC address, an overlap results. For
example, if one chooses a multicast address 239.0.0.1, it may incorrectly
overlap to the reserved 224.0.0.1.

Defining Channels
TIBCO Enterprise Message Service does not restrict the number of channels that
you can configure and use in the EMS server or the multicast daemon. However,
the number of IP multicast group addresses that can be joined by any one host at
one time may be constrained by outside factors. Often, the number is limited by
the NIC, and typically this limitation is not specified in the NIC documentation.
Experimentation is often the only way to determine what the limit is for a specific
NIC and OS. With some NICs, joining too many groups will set the card to
"promiscuous mode" which will adversely affect performance.
It is also important to note that, because a channel represents both an IP multicast
group address and a destination port, there is not necessarily a one-to-one
correlation between a channel and multicast group.
A group is joined when a multicast daemon listens to an IP multicast group
address. Because a channel represents both an IP multicast group address and a
destination port, there is not necessarily a one-to-one correlation between a
channel and multicast group. For example, if you have 10 multicast channels all
using the same multicast group address but different ports, then a multicast
daemon will join at most one group. However, if the 10 multicast channels are all
using different multicast group addresses, then a multicast daemon may join up
to 10 groups.
The multicast IP address and port combinations that you choose should only be
used with TIBCO EMS. While the TIBCO Multicast Daemon can filter out corrupt
network data, receiving data packets that are not specific to EMS can yield
unpredictable results, which could destabilize your network.

TIBCO Enterprise Message Service User’s Guide

360
| Chapter 14 Multicast Deployment and Troubleshooting

Ensuring Multicast connectivity

As stated earlier, multicast applications require that the network layer provide a
path for multicast data to flow from senders to receivers. By default, most routers
and switches have multicast routing disabled and require additional
configuration to enable it. If you experience connectivity problems, this is the first
place to check.
For example, with CISCO routers you must use the i p m u l t i c a s t - r o u t i n g
command to enable multicast routing. Multicast hardware configuration falls
outside the scope of this document; please consult your network administrator or
the TIBCO Professional Services Group for configuration specific to your network
and enterprise.

Restricting Multicast Traffic

Multicast deployment often also involves making sure that multicast streams do
not go where they are unwanted, especially when high-bandwidth streams are
present on a network that also includes some low-bandwidth links, or where
access must be controlled at the network layer for security reasons.
Within a LAN, Ethernet switches can direct unicast traffic only to ports where it is
wanted. Typically, because routers and switches do not enable multicast packet
forwarding by default, restricting multicast traffic is not an issue. However, one
must be cognizant of this issue when planning a multicast deployment.

Managing Bandwidth
This section discusses bandwidth considerations that are specific to multicast
deployments. There are three main aspects to bandwidth:
• Determining Available Bandwidth, page 361 — determine your available
bandwidth, and setting bandwidth limitations to maximize performance.
• Dividing Bandwidth Among Channels, page 362 — create channels to make
the best use of available bandwidth.
• Handling Slow Applications, page 363 — managing small numbers of slow
applications so that they do not slow the entire multicast network.

TIBCO Enterprise Message Service User’s Guide

 Deployment Considerations 361
|

Determining Available Bandwidth

Reliable unicast transports, such as TCP, automatically share available network
bandwidth among all sessions contending for it. Administrators play no role in
this process; the available bandwidth is dynamically determined by the protocol
stacks as they measure the round-trip time and packet loss rates. This process is
called congestion control. It assumes that all streams have equal priority and it
automatically divides bandwidth accordingly.
In contrast, multicast relies on the administrator to ensure that the amount of
bandwidth the network delivers is reserved or available. In TIBCO Enterprise
Message Service, the administrator allocates network bandwidth for each
multicast channel using the m a x r a t e configuration parameter (see
c h a n n e l s . c o n f on page 224). Correctly allocating bandwidth prevents the
application from experiencing congestion.
Congestion can cause packet loss, which can in turn cause erratic behavior or
even application failure. This is another significant difference between multicast
and unicast; with unicast, congestion causes applications to run more slowly, but
will not cause them to fail.
You must carefully consider and limit how fast you send, because TIBCO
Enterprise Message Service does not impose bandwidth limitations. If you try to
send faster than the network can actually deliver the data, you will see
substantially lower throughput than had you asked for slightly less bandwidth
than the network can actually deliver.
It is somewhat paradoxical, but if you ask the EMS server to deliver 900 Mbps
over a network layer that can deliver 1 Gbps, it will. If you ask it to deliver more
than 1 Gbps over a 1 Gbps network layer, you could get as little as 400 Mbps.
What will most likely occur is chaotic behavior based on loss rates and other
factors.
This leads to an unusual rule: if throughput is too low, try asking for less—there is a
chance you may get more. It is important to perform this test even if your
throughput is still well below "wire speed." That is because loss due to congestion
can come from many sources other than the wire speed limit, such as TCP data on
the same network. It is a simple test and if the results show that actual throughput
goes up as the amount of bandwidth requested goes down, it is a very strong sign
that there is loss due to congestion somewhere in your network, between the
sender and receivers.

Restrict multicast traffic to a rate a little below the maximum capacity of your
network. If your throughput rate is slower than expected, restrict the rate further.
You may find that throughput actually increases.
To set the rate for multicast traffic on a channel, see the m a x r a t e parameter, in
c h a n n e l s . c o n f on page 224.

TIBCO Enterprise Message Service User’s Guide

362
| Chapter 14 Multicast Deployment and Troubleshooting

You can think of the bandwidth rate specified for a channel as a delivery promise
that the network layer makes to EMS. If the network layer breaks that promise,
EMS multicast throughput falls to a rate substantially below what the network
can actually deliver.

Dividing Bandwidth Among Channels

Ideally, a deployment within a set of routed subnets, or VLAN, should have hosts
with heterogeneous interfaces of homogeneous speed. Deployments that do not
adhere to this are not recommended, because loss can be introduced if the
receiving interfaces are slower than the link and sending interface. This happens
because the slower interfaces cannot handle bursts of data on a faster network.
Also, we do not recommend that you use EMS multicast over WAN links.

Following these recommendations will help minimize data loss due to bandwidth
inconsistencies:
• Multicast publishers and subscribers should have network interfaces of the
same speed.
• The ideal multicast deployment is over a LAN or VLAN.

For example, if you have a number of clients with 100Mb NIC cards and others
with 1Gb NIC cards, the recommended architecture is to send from a 100Mb NIC
to the slower receivers and a 1Gb NIC to the faster receivers. You can accomplish
this by configuring two multicast channels, one for the faster-speed senders and
receivers, and one for the slower senders and receivers.
Alternatively, you can configure one channel and limit the bandwidth to the
slowest receiver, or 100Mb. However, the best solution is to use a multi-homed
machine, separate the applications by defining different channels for two
interfaces, then allowing each channel to operate at its optimum speed.
For example, these two channel configurations are optimized for 100Mb NIC card
and a 1Gb NIC card:
--- channels.conf ----
[channel_100mb]
address = 239.1.1.1:10
maxrate = 7MB
interface=10.99.99.99

[channel_1Gb]
Address = 239.1.1.2:10
maxrate = 95MB
interface=10.99.99.100

TIBCO Enterprise Message Service User’s Guide

 Deployment Considerations 363
|

Applications running on 100Mb machines would use topics with c h a n n e l _ 1 0 0 M b

assigned to them, and applications on machines with 1 Gb NIC cards would use
topics with c h a n n e l _ 1 G b assigned. Also note that some bandwidth has been left
for other TCP data, as suggested in Determining Available Bandwidth on
page 361.

Handling Slow Applications

If you have a small number of applications or hosts that are known to be "slow" or
are on a WAN, but need to subscribe to the data on a multicast enabled topic, we
recommend disabling EMS multicast at the application. You can disable multicast
in a client through API calls; see the API documentation for your language.
The slow application will receive messages from the server over TCP, effectively
removing them from the multicast stream and avoiding congesting and slowing
down other multicast receivers. It is very important to account for the TCP
bandwidth used by application(s) that do this in your multicast bandwidth
calculations.

If an EMS client with multicast disabled subscribes to a topic that is

multicast-enabled, messages will be delivered to the client over TCP. Take this
TCP traffic into consideration when setting your bandwidth limitations, as
described in Determining Available Bandwidth on page 361.

TIBCO Enterprise Message Service User’s Guide

364
| Chapter 14 Multicast Deployment and Troubleshooting

Walking Through a Multicast Deployment

This section describes the steps needed to set up a simple example TIBCO
Enterprise Message Service multicast deployment:
• Step 1: Design the Multicast Network Architecture, page 364
• Step 2: Install and Set Up EMS, page 366
• Step 3: Determine Network and Application Capabilities, page 369
This example assumes that multicast connectivity exists and available bandwidth
on the network is known. While not every aspect of a multicast deployment is
covered in this example, it does illustrate the general thought process applied to
multicast deployment.

Step 1: Design the Multicast Network Architecture

The location of the EMS server and clients are very important to a multicast
deployment. You must ensure that multicast packets can get to all network nodes
intended to receive multicast data, and you must account for all bandwidth across
the network and network segments that the multicast data traverses. While
TIBCO Enterprise Message Service detects and reports general connectivity
problems, it is generally much easier to determine if there is connectivity before
testing an EMS deployment. Your network administrator should be able to help
with this.
For this example, let us assume that we are multicasting two streams of data: a
fast data feed to some high performance processes on a 1 Gb network, and on a
separate 100 Mb network a slower stream to a number of desktop applications.
This leads us to the architecture shown in Figure 22:

TIBCO Enterprise Message Service User’s Guide

 Walking Through a Multicast Deployment 365
|

Figure 22 Sample Multicast Deployment Architecture

High Speed Low Speed

Publisher Publisher

TIBCO EMS Server

High Speed Channel Low Speed Channel

[mcast-1Gb] [mcast-100Mb]
address=234.5.6.7:10 address=234.5.6.8:10
interface=10.99.99.100 interface=10.99.100.100
maxrate=95MB maxrate=7MB

PGM 1Gb PGM 100Mb

High Speed Clients Low Speed Clients

(1 GB nic) (100 MB nic)

Note that two separate channels using different interfaces are to be configured at
the server, allowing the server to simultaneously multicast on a high speed
Gigabit network and a slower 100Mb network.

TIBCO Enterprise Message Service User’s Guide

366
| Chapter 14 Multicast Deployment and Troubleshooting

Step 2: Install and Set Up EMS

Installation is straightforward, as described in the TIBCO Enterprise Message
Service Installation. The only requirements above a regular EMS installation are:
• The multicast daemon must be running on any machine that receives
multicast data.
On Windows systems, you can register the multicast daemon as a service
using the e m s n t s r g utility. See e m s n t s r g on page 105 for more information.
• On UNIX systems, the EMS server and multicast daemon must have root
access. On Windows, they must have Administrator access.

Setup the EMS Server

Before sending multicast data, first the EMS server needs to be configured.
Configuring the EMS server requires you to change some global settings in the
t i b e m s d . c o n f file, and to configure multicast channels in the c h a n n e l s . c o n f
file. After channels are configured, you enable topics for multicast by setting their
c h a n n e l properties in the t o p i c s . c o n f file.

Enable the Server for Multicast

To begin, some general settings must be configured in the EMS server's main
configuration file, t i b e m s d . c o n f :
• Enable multicast in the server by setting m u l t i c a s t = e n a b l e d .
• Enable multicast in the console trace by setting c o n s o l e _ t r a c e = + M U L T I C A S T.
While enabling this trace is not required, it is very useful during the initial
deployment, providing multicast-related warnings and errors.
• Enable flow control by setting f l o w _ c o n t r o l = e n a b l e d .
Under heavy load, it is possible for publishers to feed data into the server
faster than the server can multicast the data out. Enabling flow control causes
the server to push back on the publishers, slowing them down if the server
falls behind. This is not required, but highly suggested because it gives the
server some room to minimize loss if this happens.
You should have added the following lines to the t i b e m s d . c o n f :
multicast=enabled
console_trace= DEFAULT,+MULTICAST
flow_control=enabled

You may also want to add M U L T I C A S T to the server's s t a r t u p _ a b o r t _ l i s t , if

multicast is required in your architecture.

TIBCO Enterprise Message Service User’s Guide

 Walking Through a Multicast Deployment 367
|

Configure Multicast Channels

The next step configures the multicast channels. In this example there are two
multicast channels, m c a s t - 1 G b and m c a s t - 1 0 0 M b . The section Sample
channels.conf Settings below shows specific settings for these steps:
1. Create the c h a n n e l s . c o n f file.
This file is described in c h a n n e l s . c o n f on page 224.
2. Create two channels in the c h a n n e l s . c o n f file, [ m c a s t - 1 G b ] and
[mcast-100Mb].

3. Set the address and destination port for each channel, using the a d d r e s s
parameter.
4. Set the interface for each channel, using the i n t e r f a c e parameter.
For this example, the server is on a multi-homed machine so we must
explicitly specify interfaces for each channel. If an interface is not specified,
the EMS server uses the default interface. Note that this is also true for the
multicast daemon. Use the - i f c command line parameter when running
multicast daemons on multi-homed machines, described in Command Line
Options on page 352.
5. Set a m a x r a t e for each channel.
The m a x r a t e parameter restricts the rate at which the server sends messages
over the channel. See Estimating the Maxrate below for a discussion of how
the maxrate was determined.

Sample When you have completed your channel configuration, the c h a n n e l s . c o n f file
channels.conf should contain the following lines:
Settings [mcast-1Gb]
address=239.1.1.1:10
interface=10.99.99.99
maxrate=112MB

[mcast-100Mb]
address=239.1.1.2:10
interface=10.99.99.100
maxrate=8MB

TIBCO Enterprise Message Service User’s Guide

368
| Chapter 14 Multicast Deployment and Troubleshooting

Estimating the In this example, we have set the m a x r a t e properties using arbitrary network
Maxrate usage numbers to arrive at an estimate of network capacity. The process used to
estimate the m a x r a t e can be described as follows:
First find your average network usage, not including expected multicast data.
This assumes metric data rate measurement.
• For the 1Gb network, let us assume about 10% usage, so 900Mb is available.
• On the 100Mb network, let us assume 30% usage, so 70Mb is available.
From here, calculate the available bytes per second for your network:
• 900 Mb * 1byte/8bits ~= 112 MB (rounded down)
• 70Mb * 1byte/8bits ~= 8MB (rounded down)
These initial rates are for testing purposes, and these will be modified later to
maximize performance. Remember the cardinal rule with multicast performance
is that sometimes you have to slow down to speed up. A rate that is too high will
induce loss, which in turn causes messages to be resent, slowing the actual rate to
something far below what your network is capable of.

This example uses only one channel per network. If your architecture has
multiple multicast groups (channels with different address properties), remember
to include all channels on the network in your maximum bandwidth calculations.
This may require some balancing of data rates across channels.

Configure Multicast Topics

After the channels are defined, you must set the c h a n n e l properties for topics so
the server will send messages using multicast to multicast-enabled consumers
subscribed to the topics. The channel property is set in the t o p i c s . c o n f
configuration file.
In this example, we use two topics, f e e d - 1 G b and f e e d - 1 0 0 M b . These topic names
are arbitrary; the key is assigning the correct channels to the topics.

Sample feed-1Gb channel=mcast-1Gb

topics.conf feed-100Mb channel=mcast-100Mb

TIBCO Enterprise Message Service User’s Guide

 Walking Through a Multicast Deployment 369
|

EMS Client Setup

There are two main requirements for EMS clients to receive multicast data:
• The client must use an acknowledgement mode of N O _ A C K N O W L E D G E when
subscribing to the multicast topic. See Creating a Multicast Consumer on
page 355 for more information.
• A multicast daemon must be running on the same computer as the client. See
Starting the Multicast Daemon on page 355.
TIBCO Software also highly suggests that applications take advantage of the
multicast exception listener to be notified of multicast related events, errors, and
warnings. This is accomplished in two simple steps, illustrated in java code
below:
1. First, create a class that implements T i b j m s M u l t i c a s t E x c e p t i o n L i s t e n e r.
class MulticastExceptionHandler implements
com.tibco.tibjms.TibjmsMulticastExceptionListener
{
public void onMulticastException(Connection connection,
Session session,
MessageConsumer consumer,
JMSException e)
{
System.out.println(e.getMessage());
}
}

2. Next, set the multicast exception listener. Ideally, this will be done before you
create a consumer of a multicast enabled topic.
com.tibco.tibjms.Tibjms.setMulticastExceptionListener(new
MulticastExceptionHandler());

To set up a multicast exception listener using the C API, see the TIBCO Enterprise
Message Service C & COBOL API Reference.
To set up a multicast exception listener using the .NET API, see the TIBCO
Enterprise Message Service .NET API Reference, available through the HTML
documentation interface.

Step 3: Determine Network and Application Capabilities

It is valuable to know what EMS data rates the network can accommodate. If your
application can handle data at least as fast as your network can, you will
encounter the unusual situation where the network is your throughput
bottleneck, which is ideal—as long as those data rates meet your requirements.

TIBCO Enterprise Message Service User’s Guide

370
| Chapter 14 Multicast Deployment and Troubleshooting

Determine Network Capabilities

Now that the server is enabled, you can test and fine tune the m a x r a t e specified
for the channels. This section describes one method for testing your settings.
This example assumes that the messages multicast on the network are small, on
average 100 bytes per message.
These steps describe how to test the network bandwidth settings:
1. Start the EMS server using the - t r a c e FLOW option, as described in Starting
the EMS Server on page 102.
2. From the command line, start the multicast daemon, using the t i b e m s m c d
- t r a c e command.

Using the - t r a c e option is not required, but may assist in detecting any
problems. See Starting the Multicast Daemon on page 355 for more
information.
3. On each node receiving multicast data, open a command line window and
navigate to the TIBCO_HOME/ e m s / 6 . 0 / s a m p l e s / j a v a folder:
4. Launch the t i b j m s P e r f S l a v e sample program included with EMS:
> java tibjmsPerfSlave -server serverURL

It is very important to run the j m s P e r f S l a v e application on every node that

will receive multicast data. EMS Multicast must be tuned to perform at the
level of the slowest receiver, or congestion and loss can occur.
5. On each node publishing multicast data, launch:
> java tibjmsPerfMaster -topic feed-1Gb -channel mcast-1Gb
-ackmode NO -time 30 -size 100

or
> java tibjmsPerfMaster -topic feed-100Mb -channel mcast-100Mb
-ackmode NO -time 30 -size 100

These performance applications should be run on each node the publisher

will run.
6. Review the server and multicast daemon output for any warnings or errors. If
you see any trace messages indicating loss, or if drastic rate fluctuations occur,
this usually means you may be exceeding the maximum rate selected.
For example, a multicast error might look like:
channel='mcast-1Gb', Loss Detected, status=IO failed

On the server it is typical to see the following:

2008-11-13 17:11:57.300 Multicast channel 'mcast-100Mb' has
exceeded its allotted bandwidth

TIBCO Enterprise Message Service User’s Guide

 Walking Through a Multicast Deployment 371
|

If flow control is and FLOW tracing are enabled, you should see the following
as well:
2008-11-13 17:11:57.781 Flow control engaged on topic
'feed-100Mb'
....

When flow control is enabled, this simply means that the server is pushing
back on the publisher to slow down to the rate defined by the multicast
channel.
When the trace messages indicate that multicast channels have exceeded their
bandwidth, this indicates that the channel maxrate is too low—your publisher is
publishing faster than the channel’s m a x r a t e allows. On the other hand, when the
m a x r a t e is too high, you will see errors indicating that loss is detected.

Depending on what the trace messages show, try adjusting the maximum rate of
the channel (the m a x r a t e property) up or down, and repeat this test.

Evaluate Multicast Receiver Applications

One key to a successful multicast deployment is ensuring that the EMS server
does not overrun your applications with data. This frequently this means setting
the delivery rates (the channel's m a x r a t e property) to a rate below what your
network and EMS alone can handle.

The channel’s maximum delivery rate, or m a x r a t e , should not exceed the rate at
which the slowest message consumer can consume incoming messages.

Determining the maximum message rate that your slowest application can handle
reduces the time spent during trial and error testing. If your applications can
process data faster than the network can deliver it, you will have already
determined the maximum rate from determining your network capabilities.
Largely, determining the maximum speed at which the slowest application can
process incoming data is a trial and error process. It is often useful to
programmatically determine an application's maximum rate of consumption. The
multicast daemon buffers messages for slower applications, but this increases the
latency of data and memory usage of the multicast daemon, and is not considered
a sustainable condition.
If a multicast-enabled consumer is expected to fall behind at times and can sustain
loss, you can account for this using the m a x b y t e s and m a x m s g s properties for
topics. See Destination Properties on page 55 for details about these properties.

TIBCO Enterprise Message Service User’s Guide

372
| Chapter 14 Multicast Deployment and Troubleshooting

Tune Channel Parameters

Once you have determined network capabilities and multicast receiver rates, you
can experiment with increasing (or sometimes decreasing) channel m a x r a t e
properties to achieve maximum throughput. Finding the maximum multicast rate
your environment can handle often requires more experimentation than anything
else. Always remember that once the network has been saturated, throughput
will drastically drop.

Tuning the Operating System

Unfortunately, operating systems are not normally tuned for high performance
with raw sockets. There are a number of performance changes you can make;
typically, these changes involve socket buffering and can yield significant
increases in throughput.
For example, on Linux one can modify window sizes in the / e t c / s y s c t l . c o n f
file:
net.core.wmem_max=1073741824
net.core.rmem_max=1073741824
net.core.wmem_default=1073741824
net.core.rmem_default=1073741824

However, operating system tuning for multicast falls outside of the scope of this
document. The TIBCO Professional Services Group can provide assistance with
advanced tuning specific for TIBCO Enterprise Message Service, and there are
many resources on the internet for general tuning of operating systems
concerning network performance.

Development and Production Environments

Configuring multicast is specific to a particular network, and your configuration
must account for traffic patterns and characteristics of nodes that are unique to
your network. Consequently, the tuning parameters applied to a development
environment may not be optimum in a production environment, and the reverse
is also true. When migrating from one environment to another, it is important to
remember that although the application and EMS architecture pattern may be
identical, the network and application capabilities will need to be reevaluated
through the repetition of the steps described in this section. Topic and channel
definition names should remain the same, but rate, interface, and timeout
parameters for multicast must be reevaluated.
The channel properties that should be reevaluated upon deployment include:
• maxrate on page 225
• ttl on page 225
• interface on page 226

TIBCO Enterprise Message Service User’s Guide

 Troubleshooting EMS Multicast 373
|

Troubleshooting EMS Multicast

Multicast deployment issues are often more difficult to resolve than similar
unicast issues. Reasons for the additional difficulty include:
• Older networking equipment that was not designed with multicast
deployment in mind. For example, switches that can only flood multicast or
routers that do not have modern multicast routing protocols.
• Different equipment may solve the same problem in different ways. For
example, some switches use IGMP snooping while others use CGMP.
• Multicast diagnostic tools are not readily available.
• Network administrators may not be as experienced in multicast deployment
issues as they are with unicast deployment.
• Bandwidth is automatically shared equitably among competing unicast
streams, but administrator intervention may be required to achieve desired
multicast bandwidth sharing.

Troubleshooting Tips
This section give some troubleshooting tips to help you respond to difficulties
you may experience with your multicast deployment.

General Tips
If you are experiencing problems with your deployment, begin with these
practices:
• The "bottom-up" approach generally seems best. That is, get the lowest layers
of the network stack working first.
• Begin with the EMS server and trace your way through each switch and
router to all receivers. Try moving your receiving application to the same hub
as the server (not a switch or a router), and confirm that you have multicast
connectivity. Once that works, move on to more complicated multicast
networks.

TIBCO Enterprise Message Service User’s Guide

374
| Chapter 14 Multicast Deployment and Troubleshooting

Connectivity
EMS will detect multicast connectivity issues; it may take up to 64 seconds to
detect a connectivity problem. These suggestions can help resolve issues with
connectivity:
• Verify that the network has good unicast connectivity between the sender and
all receivers before tackling multicast connectivity problems.
• Verify that IP Multicast is supported and enabled on your routers or switches
and all networks interfaces that are being used.
• Verify that address scoping at the router is not preventing multicast packets
from being forwarded.
• Test your multicast application without enabling multicast in the EMS server
to determine if a more general topic or application configuration issue is
preventing message reception. For example, a consumer that is consuming on
the wrong topic.
• Enable multicast and topic tracing in the server to ensure proper
configuration, and to verify that messages are being multicast by the server.
• Enable multicast daemon trace messages to check for any configuration
issues, warnings, or errors.
• Ensure that you are using the proper interface(s) in the server and the
multicast daemon. On a multi-homed host, it is possible that the default
interface cannot receive multicast data from the server.
• Ensure that the channel's t t l is large enough for data to cross all of your
switches and routers.

Data Loss
These suggestions can help if you are experiencing data loss:
• Enable and check statistics to see if data is being delivered and whether
excessive loss is encountered. If loss is detected, decreasing the multicast
channel's m a x r a t e property may alleviate the situation.
• Make sure that multicast streams are being generated with a time to live that
is long enough for messages to reach their destination using the
longest-possible path through the network.
• If you see increased loss as multicast rates go up, look for routers or switches
that might be configured to limit the broadcast rate. These generally limit the
multicast rate too. For example, Cisco Catalyst 5000 series switches can be
configured to limit the packet per second or percentage of
broadcast/multicast traffic with the set port broadcast command.

TIBCO Enterprise Message Service User’s Guide

 Troubleshooting EMS Multicast 375
|

Application and Multicast Daemon Errors and Warnings

You may find these tips useful if you are experiencing errors in the multicast
daemon or client application:
• Register a multicast exception listener in the receiving application. This
provides the application with a way to detect, log, and handle multicast
warnings and errors.
Note that multicast events are also logged at the client if client trace is enabled
on the server, but that comes at a performance price and can cause other
problems. For this reason, we do not recommend using client trace outside of
debugging basic connectivity issues or as directed by TIBCO support.
• Typically, when consumer creation fails for a consumer on a multicast-enabled
topic, a message is written to the multicast daemon's log (or console) as well
as to the server log. An appropriate exception or return code is generated from
the call on the client as well. After eliminating the other non-multicast related
reasons (security, general configuration) you may want to check:
— Is the multicast daemon running?
— Is the multicast daemon running on the correct port?
— Did channel creation in the multicast daemon fail? (This indicates a
protocol level multicast problem.)
• When the multicast daemon detects excessive loss, the multicast connection
exception I O F a i l e d is generated in the application. Usually, this means that
the server is sending too fast, and m a x r a t e for the channel needs to be
decreased. The multicast daemon will report an error, similar to the following:
2007-10-02 16:45:09.551 Multicast error: channel='mcast', Loss
Detected, status=IO failed

You will also notice in the multicast statistics that the particular channel's
r c v _ l o s s e s are growing.

• If a consumer receives a multicast exception of T I B E M S _ T I M E O U T with a

message similar to T i m e o u t r e a c h e d w h i c h m a y i n d i c a t e a
c o n f i g u r a t i o n o r h a r d w a r e p r o b l e m , this indicates a lack of multicast
connectivity. While unicast connectivity exists between the client and server
and the multicast channel was set up, multicast data cannot get from the
server to the local multicast daemon. Note that this may take more than a
minute to detect.
• Start a subscriber listening to $ s y s . m o n i t o r . m u l t i c a s t . s t a t s monitoring
messages to receive multicast-related statistics.

TIBCO Enterprise Message Service User’s Guide

376
| Chapter 14 Multicast Deployment and Troubleshooting

Server Errors
In General, server errors are self-descriptive. It is important to note that client
errors may be returned to the server to be logged, providing a centralized place to
look for multicast errors. However, these errors do not include minor loss on a
particular client, or loss of messages from a client failover.

TIBCO Enterprise Message Service User’s Guide

 | 377

Chapter 15 Working With TIBCO Rendezvous

This chapter describes the interoperation of EMS and TIBCO Rendezvous.

Topics

• Overview, page 378

• Configuring Transports for Rendezvous, page 380
• Topics, page 386
• Queues, page 388
• Import Issues, page 390
• Export Issues, page 392
• Message Translation, page 393
• Pure Java Rendezvous Programs, page 399

TIBCO Enterprise Message Service User’s Guide

378
| Chapter 15 Working With TIBCO Rendezvous

Overview

TIBCO Enterprise Message Service (release 4 and later) can exchange messages
with TIBCO Rendezvous (release 6.9 and later).

Scope • EMS can import and export messages to an external system through an EMS
topic.
• EMS can import messages from an external system to an EMS queue (but
queues cannot export).

Figure 23 Rendezvous Transports in the EMS Server

EMS Server

Export

TIBCO Rendezvous
Translation tibrv
EMS Topic
Transport

Import
EMS Destination Translation tibrv
(Topic or Queue) Transport

Message Translation
EMS and Rendezvous use different formats for messages and their data. When
t i b e m s d imports or exports a messages, it translates the message and its data to
the appropriate format; for details, see Message Translation on page 414.

Configuration
tibemsd uses definitions and parameters in four configuration files to guide the
exchange of messages with Rendezvous.

Enabling The parameter t i b r v _ t r a n s p o r t s (in the configuration file t i b e m s d . c o n f )

globally enables or disables message exchange with Rendezvous. The default
value is d i s a b l e d . To use these transports, you must explicitly set this parameter
to e n a b l e d .

TIBCO Enterprise Message Service User’s Guide

 Overview 379
|
Transports Transport definitions (in the configuration file t r a n s p o r t s . c o n f ) specify the
communication protocol between EMS and the external system; for details, see
Configuring Transports for Rendezvous on page 380.

Destinations Destination definitions (in the configuration files t o p i c s . c o n f and

q u e u e s . c o n f ) can set the i m p o r t and e x p o r t properties to specify one or more
transports:
• i m p o r t instructs t i b e m s d to import messages that arrive on those transports
from Rendezvous, and deliver them to the EMS destination.
• export instructs t i b e m s d to take messages that arrive on the EMS destination,
and export them to Rendezvous via those transports.
For details, see Topics on page 409, and Queues on page 410.

RVCM Listeners When exporting messages on a transport configured for certified message
delivery, you can pre-register RVCM listeners in the file t i b r v c m . c o n f .
For details, see t i b r v c m . c o n f on page 241, and Certified Messages on page 392

TIBCO Enterprise Message Service User’s Guide

380
| Chapter 15 Working With TIBCO Rendezvous

Configuring Transports for Rendezvous

Transports mediate the flow of messages between EMS and TIBCO Rendezvous.
timemsd connects to Rendezvous daemons in the same way as any other
Rendezvous client would. Transport definitions (in the file t r a n s p o r t s . c o n f )
configure the behavior of these connections. You must properly configure these
transports.

How Rendezvous The EMS server connects to the Rendezvous daemon as any other Rendezvous
Messages are client would. Messages received from the Rendezvous daemon are stored in
Imported Rendezvous queues, then are dispatched to callbacks. The EMS server creates JMS
message copies of the Rendezvous messages, and begins processing them as EMS
messages. Transports determine how messages are imported.
Rendezvous messages that are imported through a transport are held in queues
specific to that transport. Each transports is associated with a different
Rendezvous queue, which holds as many Rendezvous messages as necessary. The
number of pending messages in the queue will grow if the rate of incoming
Rendezvous messages is greater than the rate at which the EMS server is able to
process the corresponding EMS messages.
Depending on the import delivery mode defined for the transport, the EMS
messages will be persisted on disk, which increases the likelihood of backlog in
the Rendezvous queues, and which in turn results in a EMS process memory
growth. This memory growth is not accounted for in any of the EMS server
statistics.

Queue Limit In order to limit the number of pending messages in Rendezvous queues, a
Policies transport property allows you to set a queue limit policy, as you would for TIBCO
Rendezvous client applications. When the queue limit for the transport is
reached, the Rendezvous library discards a set number of messages. The default
policy is T I B R V Q U E U E _ D I S C A R D _ N O N E , which means that no message is ever
discarded. Setting T I B R V Q U E U E _ D I S C A R D _ F I R S T or T I B R V Q U E U E _ D I S C A R D _ L A S T
allows you to specify the maximum number of Rendezvous messages that can be
pending in the queue before the discard policy that you have selected is applied.
When the limit is reached, the number of messages discarded is based on the
discard amount value.
When the limit is reached, Rendezvous messages are discarded, and so are not
imported as EMS messages, regardless of the EMS import delivery mode. As
stated above, a Rendezvous message becomes a EMS message only after it has
been dispatched from the Rendezvous queue. If a queue limit is exceeded, reliable
Rendezvous messages are lost.

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for Rendezvous 381
|

Rendezvous certified messages are not lost, but the message flow is interrupted.
The redelivery of the missed messages is handled automatically by the
Rendezvous libraries, and can not be controlled by the EMS server.
Reaching a queue limit also generates a Rendezvous advisory that is logged (see
RVADV log and console trace in the TIBCO Rendezvous documentation),
indicating which transport reached its queue limit. This advisory goes into an
independent, non limited, Rendezvous queue. If lots of advisories are generated,
this internal queue may also grow, signalling that the limit policy is not
appropriate for your environment.
Take care when setting a queue limit policy. In a controlled environment where
the risk of Rendezvous producers overwhelming the EMS server is low, there is
no need to set a queue limit policy.

Transport Definitions
transports.conf contains zero or more transport definitions. Each definition
begins with the name of a transport, surrounded by square brackets. Subsequent
lines set the parameters of the transport.

Table 53 Rendezvous: Transport Parameters (Sheet 1 of 4)

Parameter Description
type Required. For Rendezvous transports, the value must be either
t i b r v or t i b r v c m .

Rendezvous Parameters
Use these properties for either t i b r v or t i b r v c m transports.
The syntax and semantics of these parameters are identical to the corresponding parameters in
Rendezvous clients. For full details, see the Rendezvous documentation set.

service When absent, the default value is 7500.

network When absent, the default value is the host computer’s primary
network.

TIBCO Enterprise Message Service User’s Guide

382
| Chapter 15 Working With TIBCO Rendezvous

Table 53 Rendezvous: Transport Parameters (Sheet 2 of 4)

Parameter Description
daemon When absent, the default value is an r v d process on the local
host computer. When transporting messages between EMS and
Rendezvous, the r v d process must be configured to run on the
same host as the EMS daemon (t i b e m s d ).
To connect to a non-default daemon, supply
hostname: protocol: port. You may omit any of the three parts. The
default hostname is the local host computer. The default
protocol is t c p . The default port is 7 5 0 0 .

Rendezvous Certified Messaging (RVCM) Parameters

Use these properties only for t i b r v c m transports.
The syntax and semantics of these parameters are identical to the corresponding parameters in
Rendezvous CM clients. For full details, see the Rendezvous documentation set.

cm_name The name of the correspondent RVCM listener transport.

rv_tport Required. Each RVCM transport depends in turn upon an

ordinary Rendezvous transport. Set this parameter to the name
of a Rendezvous transport (type t i b r v ) defined in the EMS
configuration file t r a n s p o r t s . c o n f .

ledger_file Name for file-based ledger.

sync_ledger t r u e or f a l s e . If t r u e , operations that update the ledger do

not return until changes are written to the storage medium.

request_old t r u e or f a l s e . If t r u e , this transport server requests

unacknowledged messages sent from other RVCM senders
while this transport was unavailable.

default_ttl This parameter sets default CM time limit (in seconds) for all
CM messages exported on this transport.

explicit_config_only t r u e or f a l s e . If t r u e , t i b e m s d allows RVCM listeners to

register for certified delivery only if they are configured in
advance with the EMS server (either in t i b r v c m . c o n f or using
the c r e a t e r v c m l i s t e n e r command). That is, t i b e m s d
ignores registration requests from non-configured listeners.
If f a l s e (the default), t i b e m s d allows any RVCM listener to
register.

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for Rendezvous 383
|

Table 53 Rendezvous: Transport Parameters (Sheet 3 of 4)

Parameter Description
EMS Parameters
Use these properties for either t i b r v or t i b r v c m transports.

topic_import_dm EMS sending clients can set the J M S D e l i v e r y M o d e header field

queue_import_dm for each message. However, Rendezvous clients cannot set this
header. Instead, these two parameters determine the delivery
modes for all topic messages and queue messages that
t i b e m s d imports on this transport.
TIBEMS_PERSISTENT | TIBEMS_NON_PERSISTENT |
TIBEMS_RELIABLE

When absent, the default is T I B E M S _ N O N _ P E R S I S T E N T.

export_headers When t r u e , t i b e m s d includes JMS header fields in exported

messages.
When f a l s e , t i b e m s d suppresses JMS header fields in
exported messages.
When absent, the default value is t r u e .

export_properties When t r u e , t i b e m s d includes JMS properties in exported

messages.
When f a l s e , t i b e m s d suppresses JMS properties in exported
messages.
When absent, the default value is t r u e .

TIBCO Enterprise Message Service User’s Guide

384
| Chapter 15 Working With TIBCO Rendezvous

Table 53 Rendezvous: Transport Parameters (Sheet 4 of 4)

Parameter Description
rv_queue_policy Set the queue limit policy for the Rendezvous queue used by
the transport to hold incoming Rendezvous messages. This
parameter has three parts:
policy:max_msgs:qty_discard

where policy is one of the queue limit policies described below,

max_msgs is the maximum number of messages permitted in the
queue before discard, and qty_discard is the number of messages
that the EMS server discards when max_msgs is reached.
The queue limit policies are:
• TIBRVQUEUE_DISCARD_NONE — do not discard messages.
Use this policy when the queue has no limit on the number
of messages it can contain.
• TIBRVQUEUE_DISCARD_FIRST — discard the first message
in the queue. The first message in the queue is the oldest
message, which if not discarded would be the next message
dispatched from the queue.
• TIBRVQUEUE_DISCARD_LAST — discard the last message in
the queue. The last message is the most recent message
received into the queue.
For example, the following would cause the Rendezvous
library to discard the 100 oldest messages in the queue when
the total number of messages in the queue reached 10,000:
rv_queue_policy=TIBRVQUEUE_DISCARD_FIRST:10000:100

If the r v _ q u e u e _ p o l i c y is not present, the default queue limit

policy is T I B R V Q U E U E _ D I S C A R D _ N O N E .

temp_destination_timeout Specifies the amount of time the server is to keep the

temporary destination (created for the RV inbox) after its last
use of the destination. This is useful for a multi-server
configuration. For example, in a configuration in which
rv-requester -> serverA -> serverB -> rv-responder, setting
t e m p _ d e s t i n a t i o n _ t i m e o u t = 6 0 on serverB specifies that
serverB is to hold the temporary destination for 60 seconds.

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for Rendezvous 385
|

Example
These examples from t r a n s p o r t s . c o n f illustrate the syntax of transport
definitions.
[RV01]
type = tibrv
topic_import_dm = TIBEMS_RELIABLE
queue_import_dm = TIBEMS_PERSISTENT
service = 7780
network = lan0
daemon = tcp:host5:7885

[RV02]
type = tibrv
service = 7890
network = lan0
daemon = tcp:host5:7995
temp_destination_timeout = 60

[RVCM01]
type = tibrvcm
export_headers = true
export_properties = true
rv_tport = RV02
cm_name = RVCMTrans1
ledger_file = ledgerFile.store
sync_ledger = true
request_old = true
default_ttl = 600

In the following two examples, R V C M 0 3 is an RVCM transport which does not

define a queue limit policy, but references the RV transport R V 0 3 , which does have
a queue limit policy. If Rendezvous messages are published to a subject that in
EMS has the destination property i m p o r t = R V C M 0 3 , no Rendezvous message will
ever be discarded because each transport uses its own queue. Only messages that
are imported directly through the R V 0 3 transport will potentially be discarded,
should the queue limit of 10000 messages be reached.
[RV03]
type = tibrv
service = 7890
network = lan0
daemon = tcp:host5:7995
rv_queue_policy = TIBRVQUEUE_DISCARD_LAST:10000:100

[RVCM03]
type = tibrvcm
rv_tport = RV03
cm_name = RVCMTrans2
ledger_file = ledgerFile2.store
sync_ledger = true
request_old = true
default_ttl = 600

TIBCO Enterprise Message Service User’s Guide

386
| Chapter 15 Working With TIBCO Rendezvous

Topics

Topics can both export and import messages. Accordingly, you can configure
topic definitions (in the configuration file t o p i c s . c o n f ) with i m p o r t and e x p o r t
properties that specify one or more external transports:

import • i m p o r t instructs t i b e m s d to import messages that arrive on those transports

from Rendezvous, and deliver them to the EMS destination.

export • export instructs t i b e m s d to take messages that arrive on the EMS destination,
and export them to Rendezvous via those transports.

The EMS server never re-exports an imported message on the same topic.

(For general information about t o p i c s . c o n f syntax and semantics, see

topics.conf on page 241. You can also configure topics using the administration
tool command a d d p r o p t o p i c .)

Example For example, the following t i b e m s a d m i n commands configure the topic

m y T o p i c s . n e w s to i m p o r t messages on the transports R V 0 1 and R V 0 2 , and to
e x p o r t messages on the transport R V 0 2 .

addprop topic myTopics.news import="RV01,RV02"

addprop topic myTopics.news export="RV02"

Rendezvous messages with subject m y T o p i c s . n e w s arrive at t i b e m s d over the

transports R V 0 1 and R V 0 2 . EMS clients can receive those messages by subscribing
to m y T o p i c s . n e w s .
EMS messages sent to m y T o p i c s . n e w s are exported to Rendezvous over transport
R V 0 2 . Rendezvous clients of the corresponding daemons can receive those
messages by subscribing to m y T o p i c s . n e w s .

Import Only when Subscribers Exist

When a topic specifies i m p o r t on a connected transport, t i b e m s d imports
messages only when the topic has registered subscribers.

Wildcards
Wildcards in the i m p o r t and e x p o r t properties obey EMS syntax and semantics
(which is identical to Rendezvous syntax and semantics); see Destination Name—
Syntax and Semantics on page 408.

TIBCO Enterprise Message Service User’s Guide

 Topics 387
|

Certified Messages
You can i m p o r t and e x p o r t TIBCO Rendezvous certified messages (t i b r v c m
transport) to EMS topics. Rendezvous certified transports guarantee message
delivery.

RVCM Ledger t i b r v c m transports can store information about subjects in a ledger file. You can
review the ledger file using an administration tool command; see s h o w
r v c m t r a n s p o r t l e d g e r on page 159).

For more information about ledger files, see TIBCO Rendezvous documentation.

Subject Collisions Subscribers to destinations that import from RVCM transports are subject to the
same restrictions that direct RVCM listeners. These restrictions are described in
the TIBCO Rendezvous documentation, and include subject collisions.
When importing messages from RV, the EMS server creates RVCM listeners using
a single name for each transport. This can result in subject collisions if the
corresponding EMS subscribers have overlapping topics.

TIBCO Enterprise Message Service User’s Guide

388
| Chapter 15 Working With TIBCO Rendezvous

Queues

Queues can i m p o r t messages, but cannot e x p o r t them.

Configuration
You can configure queue definitions (in the configuration file q u e u e s . c o n f ) with
the i m p o r t property that specify one or more external transports.
• i m p o r t instructs t i b e m s d to import messages that arrive on those transports
from Rendezvous, and deliver them to the EMS destination.
(For general information about q u e u e s . c o n f syntax and semantics, see
q u e u e s . c o n f on page 234. You can also configure queues using the
administration tool command a d d p r o p q u e u e .)

Example For example, the following t i b e m s a d m i n command configures the queue

m y Q u e u e . i n to i m p o r t messages on the transports R V 0 1 and R V 0 2 .

addprop queue myQueue.in import="RV01,RV02"

Rendezvous messages with subject m y Q u e u e . i n arrive at t i b e m s d over the

transports R V 0 1 and R V 0 2 . EMS clients can receive those messages by subscribing
to m y Q u e u e . i n .

Import—Start and Stop

When a queue specifies i m p o r t on a connected transport, t i b e m s d immediately
begins importing messages to the queue, even when no receivers exist for the
queue.
For static queues (configured by an administrator) t i b e m s d continues importing
until you explicitly delete the queue.

Wildcards
Wildcards in the i m p o r t property obey EMS syntax and semantics (not
Rendezvous syntax and semantics); see Destination Name—Syntax and
Semantics on page 408.
EMS clients cannot subscribe to wildcard queues—however, you can define
wildcards queues in the EMS server for the purpose of property inheritance. That
is, you can configure a static queue named f o o . * and set properties on it, so that
child queues named f o o . b a r and f o o . b a z will both inherit those properties.

TIBCO Enterprise Message Service User’s Guide

 Queues 389
|

If you define a queue that imports f o o . * , t i b e m s d begins importing all matching

messages from Rendezvous. As messages arrive, t i b e m s d creates dynamic child
queues (for example, f o o . b a r and f o o . b a z ) and delivers the messages to them.
Notices that t i b e m s d delivers messages to these dynamic child queues even
when no consumers exist to drain them.

TIBCO Enterprise Message Service User’s Guide

390
| Chapter 15 Working With TIBCO Rendezvous

Import Issues

This section presents issues associated with importing messages to EMS from
Rendezvous—whether on a topic or a queue.

Field Identifiers
When importing and translating Rendezvous messages, t i b e m s d is only able to
process standard message field types that are identified by name in the
Rendezvous program application. Custom fields and fields identified using a
field identifier cannot be imported to EMS.

JMSDestination
When t i b e m s d imports and translates a Rendezvous message, it sets the
J M S D e s t i n a t i o n field of the EMS message to the value of the Rendezvous
subject. Therefore, imported destination names must be unique. When a topic and
a queue share the same name, at most one of them may set the i m p o r t property.
For example, if a topic f o o . b a r and a queue f o o . b a r are both defined, only one
may specify the i m p o r t property.

JMSReplyTo
When t i b e m s d imports and translates a Rendezvous message, it sets the
J M S R e p l y T o field of the EMS message to the value of the Rendezvous reply
subject, so that EMS clients can reply to the message.
Usually this value represents a Rendezvous subject. You must explicitly configure
t i b e m s d to create a topic with a corresponding name, which exports messages to
Rendezvous.

JMSExpiration
When t i b e m s d imports and translates a Rendezvous certified message, it sets the
J M S E x p i r a t i o n field of the EMS message to the time limit of the certified
message.
If the message time limited is exceeded, the sender program no longer certifies
delivery.
Note that if the e x p i r a t i o n property is set for a destination, it will override the
J M S E x p i r a t i o n value set by the message producer.

TIBCO Enterprise Message Service User’s Guide

 Import Issues 391
|

JMSTimestamp
When t i b e m s d imports and translates a Rendezvous message, it uses the
J M S T i m e s t a m p header field to determine when the message was created. If the
J M S T i m e s t a m p field is not set, the t i b e m s d ignores the expiration field, because
expiration is based on an unknown creation time.
The Rendezvous sender must create a field called J M S T i m e s t a m p in order to
enable message expiration.

Guaranteed Delivery

For full end-to-end certified delivery from Rendezvous to EMS, all three of these
conditions must be true:
• Rendezvous senders must send labeled messages on RVCM transports. See
the TIBCO Rendezvous Concepts manual for more information.
• The transport definition must set t o p i c _ i m p o r t _ d m or q u e u e _ i m p o r t _ d m (as
appropriate) to T I B E M S _ P E R S I S T E N T.
• Either a durable queue or a subscriber for the EMS topic must exist.

TIBCO Enterprise Message Service User’s Guide

392
| Chapter 15 Working With TIBCO Rendezvous

Export Issues

This section presents issues associated with exporting messages from EMS to
Rendezvous.

JMSReplyTo
Topics Consider an EMS message in which the field J M S R e p l y T o contains a topic. When
exporting such a message to Rendezvous, you must explicitly configure t i b e m s d
to import replies from Rendezvous to that reply topic.

Temporary Topics Consider an EMS message in which the field J M S R e p l y T o contains a temporary
topic. When t i b e m s d exports such a message to Rendezvous, it automatically
arranges to import replies to that temporary topic from Rendezvous; you do not
need to configure it explicitly.

Certified Messages
RVCM When an RVCM listener receives its first labeled message, it registers to receive
Registration subsequent messages as certified messages. Until the registration is complete, it
receives labeled messages as reliable messages. When exporting messages on a
t i b r v c m transport, we recommend either of two actions to ensure certified
delivery for all exported messages:
• Create the RVCM listener before sending any messages from EMS clients.
• Pre-register an RVCM listener, either with the administration tool (see c r e a t e
rvcmlistener on page 125), or in the configuration file t i b r v c m . c o n f (see
t i b r v c m . c o n f on page 241).

Guaranteed Delivery

For full end-to-end certified delivery to Rendezvous from EMS, the following
condition must be true:
• EMS senders must send persistent messages.

TIBCO Enterprise Message Service User’s Guide

 Message Translation 393
|

Message Translation

JMS Header Fields

EMS supports the ten predefined JMS header fields; see JMS Message Header
Fields on page 17.

Special Cases These header fields are special cases:

• JMS header J M S D e s t i n a t i o n corresponds to Rendezvous subject.
• JMS header J M S R e p l y T o corresponds to Rendezvous reply subject.
• JMS header J M S E x p i r a t i o n corresponds to the time limit of the Rendezvous
certified message.

Import When importing a Rendezvous message to an EMS message, t i b e m s d does not

set any JMS header fields, except for the special cases noted above.

Export When exporting an EMS message to a Rendezvous message, t i b e m s d groups all

the JMS header fields (except for the special cases noted above) into a single
submessage within the Rendezvous message. The field J M S H e a d e r s contains that
submessage. Fields of the submessage map the names of JMS header fields to
their values.
t i b e m s d ignores any JMS header fields that are null or absent—it omits them
from the exported message.
You can instruct t i b e m s d to suppress the entire header submessage in all
exported messages by setting the transport property e x p o r t _ h e a d e r s = false.

Table 54 presents the mapping of JMS header fields to Rendezvous data types
(that is, the type of the corresponding field in the exported message).

Table 54 Rendezvous: Mapping JMS Header Fields to RV Datatypes (Sheet 1 of 2)

JMS Header Name Rendezvous Type

JMSDeliveryMode TIBRVMSG_U8

JMSPriority TIBRVMSG_U8

JMSTimestamp TIBRVMSG_U64

JMSExpiration TIBRVMSG_U64

JMSType TIBRVMSG_STRING

JMSMessageID TIBRVMSG_STRING

TIBCO Enterprise Message Service User’s Guide

394
| Chapter 15 Working With TIBCO Rendezvous

Table 54 Rendezvous: Mapping JMS Header Fields to RV Datatypes (Sheet 2 of 2)

JMS Header Name Rendezvous Type

JMSCorrelationID TIBRVMSG_STRING

JMSRedelivered TIBRVMSG_BOOL

JMSDestination send subject in TIBCO Rendezvous

JMSReplyTo reply subject in TIBCO Rendezvous

JMS Property Fields

Import When importing a Rendezvous message to an EMS message, t i b e m s d sets these
JMS properties:
• J M S _ T I B C O _ I M P O R T E D gets the value t r u e , to indicate that the message did
not originate from an EMS client.
• J M S _ T I B C O _ M S G _ E X T gets the value t r u e , to indicate that the message might
contain submessage fields or array fields.

Import RVCM In addition to the two fields described above, when t i b e m s d imports a certified
message on a t i b r v c m transport, it can also set these properties (if the
corresponding information is set in the Rendezvous message):

Table 55 Rendezvous Mapping Message Properties

Property Description
JMS_TIBCO_CM_PUBLISHER A string value indicating the correspondent
name of the TIBCO Rendezvous CM transport
that sent the message (that is, the sender
name).

JMS_TIBCO_CM_SEQUENCE A long value indicating the CM sequence

number of an RVCM message imported from
TIBCO Rendezvous.

Export When exporting an EMS message to a Rendezvous message, t i b e m s d groups all

the JMS property fields into a single submessage within the Rendezvous message.
The field J M S P r o p e r t i e s contains that submessage. Fields of the submessage
map the names of JMS property fields to their values.
The t i b e m s d daemon ignores any JMS property fields that are not set, or are set to
null—it omits them from the exported message.

TIBCO Enterprise Message Service User’s Guide

 Message Translation 395
|

You can instruct t i b e m s d to suppress the entire properties submessage in the

exported message by setting the transport property
export_properties = false.

Message Body
tibemsd can export messages with any JMS message body type to TIBCO
Rendezvous. Conversely, t i b e m s d can import messages with any message type
from TIBCO Rendezvous.
For information about JMS body types, see JMS Message Bodies on page 21.
For information about the structure of messages, see JMS Message Structure on
page 17.

Import When importing a Rendezvous message, t i b e m s d translates it to an EMS message

body type based on the presence of the field in Table 56.

Table 56 Rendezvous: Mapping Message Types (Import)

Rendezvous Field EMS Body Type

JMSBytes JMSBytesMessage

JMSObject JMSObjectMessage

JMSStream JMSStreamMessage

JMSText JMSTextMessage

None of these fields are present. JMSMapMessage

The field names D A T A and _ d a t a _ are reserved. We strongly discourage you from
using these field names in either EMS and Rendezvous applications, and
especially when these two message transport mechanisms interoperate.
Only standard Rendezvous fields identified by name can be imported into EMS.
Custom fields and fields identified in the Rendezvous application by field
identifiers cannot be imported.

Export When exporting an EMS message, t i b e m s d translates it to a Rendezvous message

with the following structure:
• The field J M S H e a d e r s contains a submessage; see JMS Header Fields on
page 393. When the transport parameter e x p o r t _ h e a d e r s is f a l s e , this field
is omitted.

TIBCO Enterprise Message Service User’s Guide

396
| Chapter 15 Working With TIBCO Rendezvous

• The field J M S P r o p e r t i e s contains a submessage; see JMS Property Fields on

page 394. When the transport parameter e x p o r t _ p r o p e r t i e s is f a l s e , this
field is omitted.
• When translating the data fields of an EMS message, the results depend on the
JMS body type. Table 57 specifies the mapping.

Table 57 Rendezvous: Mapping Message Types (Export)

JMS Body Type Export Translation

BytesMessage The message data translates to a byte array that contains
the bytes of the original EMS message.
The field J M S B y t e s receives this data. It has type
TIBRVMSG_OPAQUE.

ObjectMessage The message data translates to a byte array containing

the serialized Java object.
The field J M S O b j e c t receives this data. It has type
TIBRVMSG_OPAQUE.

StreamMessage The message data translates to a byte array that encodes

the objects in the original EMS message.
The field J M S S t r e a m receives this data. It has type
TIBRVMSG_OPAQUE.

TextMessage The message data translates to a UTF-8 string

corresponding to the text of the original EMS message.
The field J M S T e x t receives this data. It has type
TIBRVMSG_STRING.

MapMessage The message data fields map directly to top-level fields in

the Rendezvous message. The fields retain the same
names as in the original EMS message.
See also, EMS Extensions to JMS Messages on page 16.

TIBCO Enterprise Message Service User’s Guide

 Message Translation 397
|

Data Types
Table 58 presents the mapping between EMS datatypes and Rendezvous
datatypes. The mapping is bidirectional, except for the Rendezvous types that
have no corresponding EMS type (for these types the mapping is marked as
unidirectional in the middle column of Table 58).

Table 58 Rendezvous: Mapping Data Types (Sheet 1 of 2)

EMS Map Rendezvous

Boolean TIBRVMSG_BOOL

Byte TIBRVMSG_I8

Short <— TIBRVMSG_U8

Short TIBRVMSG_I16

Integer <— TIBRVMSG_U16

Integer TIBRVMSG_I32

Long <— TIBRVMSG_U32

Long TIBRVMSG_I64

Long <— TIBRVMSG_U64

Float TIBRVMSG_F32

Double TIBRVMSG_F64

Short <— TIBRVMSG_IPPORT16

Integer <— TIBRVMSG_IPADDR32

MapMessage TIBRVMSG_MSG

Long <— TIBRVMSG_DATETIME

byte[] TIBRVMSG_OPAQUE

java.lang.String TIBRVMSG_STRING

byte[] <— TIBRVMSG_XML

byte[] <— TIBRVMSG_I8ARRAY

TIBCO Enterprise Message Service User’s Guide

398
| Chapter 15 Working With TIBCO Rendezvous

Table 58 Rendezvous: Mapping Data Types (Sheet 2 of 2)

EMS Map Rendezvous

short[] <— TIBRVMSG_U8ARRAY

short[] TIBRVMSG_I16ARRAY

int[] <— TIBRVMSG_U16ARRAY

int[] TIBRVMSG_I32ARRAY

long[] <— TIBRVMSG_U32ARRAY

long[] TIBRVMSG_I64ARRAY

long[] <— TIBRVMSG_U64ARRAY

float[] TIBRVMSG_F32ARRAY

double[] TIBRVMSG_F64ARRAY

TIBCO Enterprise Message Service User’s Guide

 Pure Java Rendezvous Programs 399
|

Pure Java Rendezvous Programs

TIBCO Enterprise Message Service is shipped with the t i b r v j m s . j a r file that

you can include in your TIBCO Rendezvous applications. This JAR file includes
the implementation of the c o m . t i b c o . t i b r v . T i b r v J M S T r a n s p o r t class. This
class extends the c o m . t i b c o . t i b r v . T i b r v N e t T r a n s p o r t class and allows your
pure Java Rendezvous programs to communicate directly with the EMS server
instead of through r v a .
the application must include tibrvjms.jar and EITHER tibrvjweb.jar OR tibrvj.jar,
but CANNOT include tibrvnative.jar
To use the T i b r v J M S T r a n s p o r t class, your application must include
t i b r v j m s . j a r (included with EMS) and either t i b r v j w e b . j a r or t i b r v . j a r
(included with TIBCO Rendezvous). Your application cannot include
t i b r v n a t i v e . j a r.

You can use T i b r v J M S T r a n s p o r t only in Rendezvous applications. This class is

not intended for use in your EMS Java clients.
Both TIBCO Rendezvous and EMS must be purchased, installed, and configured
before creating pure Java Rendezvous applications that use the
T i b r v J M S T r a n s p o r t class.

The T i b r v J M S T r a n s p o r t class provides Rendezvous reliable communication

only. Other types of communication, such as certified messaging, are not
supported by this transport.
Applications using this transport can send messages to a topic on an EMS server
that has the same topic name as the subject of the message. EMS topics receiving
Rendezvous messages sent by way of the T i b r v J M S T r a n s p o r t do not need to
specify the i m p o r t property. This transport cannot be used to send messages to
JMS queues.
For more information about T i b r v N e t T r a n s p o r t and how to create use
transports in TIBCO Rendezvous Java programs, see TIBCO Rendezvous
documentation. For more information about the additional methods of
T i b r v J M S T r a n s p o r t , see the TIBCO Enterprise Message Service Java API Reference.

TIBCO Enterprise Message Service User’s Guide

400
| Chapter 15 Working With TIBCO Rendezvous

TIBCO Enterprise Message Service User’s Guide

 | 401

Chapter 16 Working With TIBCO SmartSockets

This chapter describes the interoperation of TIBCO Enterprise Message Service

and TIBCO SmartSockets.

Topics

• Overview, page 402

• Configuring Transports for SmartSockets, page 403
• Topics, page 409
• Queues, page 410
• Import Issues, page 412
• Export Issues, page 413
• Message Translation, page 414

TIBCO Enterprise Message Service User’s Guide

402
| Chapter 16 Working With TIBCO SmartSockets

Overview

TIBCO Enterprise Message Service can exchange messages with TIBCO

SmartSockets.

Scope • EMS can import and export messages to an external system through an EMS
topic.
• EMS can import messages from an external system to an EMS queue (but
queues cannot export).

Figure 24 SmartSockets Transports in the EMS Server

EMS Server

Export

TIBCO SmartSockets
Translation tibss
EMS Topic
Transport

Import
EMS Destination Translation tibss
(Topic or Queue) Transport

Message Translation
EMS and SmartSockets use different formats for messages and their data. When
t i b e m s d imports or exports a messages, it translates the message and its data to
the appropriate format; for details, see Message Translation on page 414.

Configuration
tibemsd uses definitions and parameters in three configuration files to guide the
exchange of messages with SmartSockets.

Enabling The parameter t i b s s _ t r a n s p o r t s (in the configuration file t i b e m s d . c o n f )

globally enables or disables message exchange with SmartSockets. The default
value is d i s a b l e d . To use these transports, you must explicitly set this parameter
to e n a b l e d .

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for SmartSockets 403
|

The parameter t i b s s _ c o n f i g _ d i r (in the configuration file t i b e m s d . c o n f )

specifies the location of SmartSockets files needed by the SmartSockets client
within t i b e m s d .

Transports Transport definitions (in the configuration file t r a n s p o r t s . c o n f ) specify the

communication protocol between EMS and the external system; for details, see
Configuring Transports for SmartSockets on page 403.

Destinations Destination definitions (in the configuration files t o p i c s . c o n f and

q u e u e s . c o n f ) can set the i m p o r t and e x p o r t properties to specify one or more
transports:
• i m p o r t instructs t i b e m s d to import messages that arrive on those transports
from SmartSockets, and deliver them to the EMS destination.
• export instructs t i b e m s d to take messages that arrive on the EMS destination,
and export them to SmartSockets via those transports.
For details, see Topics on page 409, and Queues on page 410.

Starting the Servers

We recommend starting the SmartSockets RTserver before starting t i b e m s d .

Configuring Transports for SmartSockets

Transports mediate the flow of messages between TIBCO Enterprise Message

Service and TIBCO SmartSockets.
timemsd connects to SmartSockets RTservers in the same way as any other
SmartSockets client. Transport definitions (in the file t r a n s p o r t s . c o n f )
configure the behavior of these connections. You must properly configure these
transports.

TIBCO Enterprise Message Service User’s Guide

404
| Chapter 16 Working With TIBCO SmartSockets

Transport Definitions
transports.conf contains zero or more transport definitions. Each definition
begins with the name of a transport, surrounded by square brackets. Subsequent
lines set the parameters of the transport.

Table 59 SmartSockets: Transport Parameters (Sheet 1 of 4)

Parameter Description
type Required. For SmartSockets transports, the value must be t i b s s .

SmartSockets Parameters
The syntax and semantics of these parameters are identical to the corresponding parameters in
SmartSockets clients. For full details, see the SmartSockets documentation set.

server_names The value is a comma-separated list specifying connections to one or more

SmartSockets RTservers.
Each item in the list has the form protocol: hostname: port. You may omit any of
the three parts. The default hostname is the local host computer. The default
protocols and ports vary with hardware and operating system platforms;
on Windows platforms, the default protocol is t c p and the default port is
5101.

A list of several servers specifies fault tolerance—t i m e m s d attempts to

connect to them in the order listed.
When this parameter is absent, the default instructs the EMS server to
attempt to connect to an RTserver on the local host computer (the same
computer as the EMS server), using default protocols and ports.

username timemsd uses these two parameters to authenticate itself to the

password SmartSockets servers.

project SmartSockets uses projects to maintain orthogonal subject name-spaces.

When absent, the default project is r t w o r k s .

delivery_mode This parameter determines the quality of service with which delivers
messages to the SmartSockets server over this transport:
best_effort | gmd_all | gmd_some | ordered

When absent, the default is b e s t _ e f f o r t .

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for SmartSockets 405
|

Table 59 SmartSockets: Transport Parameters (Sheet 2 of 4)

Parameter Description
lb_mode SmartSockets servers balance the message load by distributing messages
among several clients. This parameter determines the load balancing
regimen for messages that this transport exports to the SmartSockets server.
none | round_robin | weighted | sorted

When absent, the default is n o n e .

override_lb_mode e n a b l e instructs the RTserver to deliver all messages on this client

connection—even if other clients participate in load balancing. For
example, even though many order-processing clients might share the load
of order messages, a message logging facility would require all order
messages, rather than a subset.
disable informs the RTserver that this client (that is, the EMS server)
participates in load balancing (for example, sharing the load with other
EMS servers).
When absent, the default is e n a b l e .

gmd_file_delete SmartSockets clients keep data for guaranteed message delivery (GMD) in a
store file.
disable instructs t i b e m s d to open the existing GMD store file.
enable instructs t i b e m s d to delete the GMD store file and create a new one
when creating this transport.
When absent, the default is d i s a b l e .

import_ss_headers This parameter governs the import of SmartSockets message headers to

EMS properties.
The value can be n o n e , t y p e _ n u m , or a l l . For complete details, see
SmartSockets Message Properties on page 415.
When absent, the default value is n o n e .

TIBCO Enterprise Message Service User’s Guide

406
| Chapter 16 Working With TIBCO SmartSockets

Table 59 SmartSockets: Transport Parameters (Sheet 3 of 4)

Parameter Description
preserve_gmd This parameter determines the behavior of the EMS server when it has
exported a GMD message to SmartSockets, and SmartSockets cannot
deliver that message. When SmartSockets returns the undelivered message,
EMS can either preserve it in the EMS undelivered message queue, or
discard it.
• a l w a y s instructs EMS to preserve all undelivered GMD messages in the
EMS undelivered message queue.
• r e c e i v e r s instructs EMS to preserve only those undelivered GMD
messages that SmartSockets could not deliver despite the existence of
one or more GMD receivers. That is, if SmartSockets cannot deliver a
message because no GMD receivers exist, then EMS does not preserve
the undelivered message.
• n e v e r instructs EMS to discard all undelivered SmartSockets GMD
messages.
When absent, the default value is n e v e r.
This parameter applies only when the transport’s d e l i v e r y _ m o d e
parameter is either g m d _ a l l or g m d _ s o m e .
When the EMS server preserves a GMD message, it follows these rules to
convert the returned SmartSockets message to an EMS message:
• Follow all general rules for importing messages; see Message
Translation on page 414.
• Disregard the value of the i m p o r t _ s s _ h e a d e r s parameter, and instead
import all SmartSockets headers (as if the value of i m p o r t _ s s _ h e a d e r s
were a l l ). For a list of headers, see SmartSockets Message Properties on
page 415.
• Set the value of J M S _ T I B C O _ S S _ E X P I R A T I O N to the current time—that is,
the time at which the SmartSockets server returned the undelivered
message to EMS. (Notice that the this header would otherwise remain
unused, since GMD messages do not expire.)

TIBCO Enterprise Message Service User’s Guide

 Configuring Transports for SmartSockets 407
|

Table 59 SmartSockets: Transport Parameters (Sheet 4 of 4)

Parameter Description
EMS Parameters

topic_import_dm EMS sending clients can set the J M S D e l i v e r y M o d e header field for each
queue_import_dm message. However, SmartSockets clients cannot set this header. Instead,
these two parameters determine the delivery modes for all topic messages
and queue messages that t i b e m s d imports on this transport.
TIBEMS_PERSISTENT | TIBEMS_NON_PERSISTENT | TIBEMS_RELIABLE

When absent, the default is T I B E M S _ N O N _ P E R S I S T E N T.

export_headers When t r u e , t i b e m s d includes JMS header fields in exported messages.

When f a l s e , t i b e m s d suppresses JMS header fields in exported messages.
When absent, the default value is t r u e .

export_properties When t r u e , t i b e m s d includes JMS properties in exported messages.

When f a l s e , t i b e m s d suppresses JMS properties in exported messages.
When absent, the default value is t r u e .

Example
These examples from t r a n s p o r t s . c o n f illustrate the syntax of transport
definitions.
[SS01]
type = tibss
server_names = rtHost1
username = emsServer6
password = myPasswd
project = sales_order_entry

[SS02]
type = tibss
server_names = tcp:rtHost2A:5555, ssl:rtHost2B:5571
username = emsServer6
password = myPasswd
project = mfg_process_control
override_lb_mode = enable
delivery_mode = gmd_some

TIBCO Enterprise Message Service User’s Guide

408
| Chapter 16 Working With TIBCO SmartSockets

Destination Name—Syntax and Semantics

Slash & Dot This aspect of the mapping between EMS destination names and SmartSockets
Separators subjects is straightforward, one-to-one, and bidirectional.
EMS destination names consist of tokens separated by the dot (. ) character.
SmartSockets subjects consists of tokens preceded by the slash (/ ) character (like
UNIX directory pathnames).
For example, the EMS name f o o . b a r . b a z corresponds to the SmartSockets name
/ f o o / b a r / b a z . (Remember that SmartSockets names must begin with a leading
slash, but EMS names need not begin with a leading dot. A leading dot indicates
an empty element preceding it.)
The slash and dot characters have complementary roles in EMS and
SmartSockets. In EMS slash is an ordinary character, while dot is a separator. In
SmartSockets slash is a separator, while dot is an ordinary character. To translate
names between EMS and SmartSockets, substitute these characters one for
another. For example, the EMS name f o o / b a r . b a z corresponds to the
SmartSockets name / f o o . b a r / b a z . However, to avoid confusion, we discourage
using either slash or dot as ordinary characters.

Wildcard Star Although both EMS and SmartSockets both interpret the star (* ) character as a
wildcard, they differ in its semantics. In this aspect, the mapping is not
one-to-one.
In EMS, star can match any whole token of a name, but not part of a token. In
SmartSockets, star can match part of an token—for example, / f o o / b * / b a z
matches / f o o / b a r / b a z and / f o o / b o x / b a z .
If you are familiar with SmartSockets wildcards but not EMS wildcards, see
Wildcards on page 74.

Trailing Wildcard In EMS the greater-than (> ) character is a wildcard that matches any number of
trailing tokens. In SmartSockets a string of three dots (. . . ) signifies identical
semantics.

TIBCO Enterprise Message Service User’s Guide

 Topics 409
|

Topics

Topics can both export and import messages. Accordingly, you can configure
topic definitions (in the configuration file t o p i c s . c o n f ) with i m p o r t and e x p o r t
properties that specify one or more external transports:

import • i m p o r t instructs t i b e m s d to import messages that arrive on those transports

from SmartSockets, and deliver them to the EMS destination.

export • export instructs t i b e m s d to take messages that arrive on the EMS destination,
and export them to SmartSockets via those transports.

The EMS server never re-exports an imported message on the same topic.

(For general information about t o p i c s . c o n f syntax and semantics, see

topics.conf on page 241. You can also configure topics using the administration
tool command a d d p r o p t o p i c .)

Example
For example, the following t i b e m s a d m i n commands configure the topic
m y T o p i c s . n e w s to import and export messages on three transports.

addprop topic myTopics.news import="SS01,SS02"

addprop topic myTopics.news export="SS01,SS02,SS03"

SmartSockets messages with subject / m y T o p i c s / n e w s arrive at t i b e m s d over the

transports S S 0 1 and S S 0 2 . EMS clients can receive those messages by subscribing
to m y T o p i c s . n e w s .
EMS messages sent to m y T o p i c s . n e w s are exported to SmartSockets over all three
transports—S S 0 1 , S S 0 2 and S S 0 3 . SmartSockets clients of the corresponding
RTservers can receive those messages by subscribing to / m y T o p i c s / n e w s .

Import Only when Subscribers Exist

When a topic specifies import on a connected transport, t i b e m s d imports
messages only when the topic has registered subscribers.

TIBCO Enterprise Message Service User’s Guide

410
| Chapter 16 Working With TIBCO SmartSockets

Wildcards
Wildcards in the i m p o r t and e x p o r t properties obey EMS syntax and semantics
(not SmartSockets syntax and semantics); see Destination Name—Syntax and
Semantics on page 408.

Queues

Queues can import messages, but cannot export them.

Configuration
You can configure queue definitions (in the configuration file q u e u e s . c o n f ) with
the i m p o r t property that specify one or more external transports.
• i m p o r t instructs t i b e m s d to import messages that arrive on those transports
from SmartSockets, and deliver them to the EMS destination.
(For general information about q u e u e s . c o n f syntax and semantics, see
q u e u e s . c o n f on page 234. You can also configure queues using the
administration tool command a d d p r o p q u e u e .)

Example For example, the following t i b e m s a d m i n command configures the queue

m y T o p i c s . n e w s to import messages on the transports S S 0 1 and S S 0 2 .

addprop queue myQueue.in import="SS01,SS02"

SmartSockets messages with subject / m y Q u e u e / i n arrive at t i b e m s d over the

transports S S 0 1 and S S 0 2 . EMS clients can receive those messages by subscribing
to m y Q u e u e . i n .

Import—Start and Stop

When a queue specifies import on a connected transport, t i b e m s d immediately
begins importing messages to the queue, even when no receivers exist for the
queue.
For static queues (configured by an administrator) t i b e m s d continues importing
until you explicitly delete the queue.

TIBCO Enterprise Message Service User’s Guide

 Queues 411
|

Wildcards
Wildcards in the i m p o r t property obey EMS syntax and semantics (not
SmartSockets syntax and semantics); see Destination Name—Syntax and
Semantics on page 408.
EMS clients cannot subscribe to wildcard queues—however, you can define
wildcards queues in the EMS server for the purpose of property inheritance. That
is, you can configure a static queue named f o o . * and set properties on it, so that
child queues named f o o . b a r and f o o . b a z will both inherit those properties.
If you define a queue that imports f o o . * , t i b e m s d begins importing all matching
messages from SmartSockets. As messages arrive, t i b e m s d creates dynamic child
queues (for example, f o o . b a r and f o o . b a z ) and delivers the messages to them.
Notices that t i b e m s d delivers messages to these dynamic child queues even
when no subscribers exist to drain them.

TIBCO Enterprise Message Service User’s Guide

412
| Chapter 16 Working With TIBCO SmartSockets

Import Issues

This section presents issues associated with importing messages to EMS from
SmartSockets—whether on a topic or a queue.

Import Destination Names Must be Unique

When a topic and a queue share the same name, at most one of them may set the
i m p o r t property. For example, if a topic f o o . b a r and a queue f o o . b a r are both
defined, only one may specify the i m p o r t property.

JMSReplyTo
When t i b e m s d imports and translates a SmartSockets message, it sets the
J M S R e p l y T o field of the EMS message to the value of the SmartSockets r e p l y _ t o
header, so that EMS clients can reply to the message.
Usually this value represents a SmartSockets subject. You must explicitly
configure t i b e m s d to create a topic with a corresponding name, which exports
messages to SmartSockets.

Guaranteed Delivery

For full end-to-end guaranteed delivery from SmartSockets to EMS, all three of
these conditions must be true:
• SmartSockets senders must send messages with guaranteed message delivery
(GMD).
• The transport definition must set t o p i c _ i m p o r t _ d m or q u e u e _ i m p o r t _ d m (as
appropriate) to T I B E M S _ P E R S I S T E N T.
• A durable subscription for the EMS topic or queue must exist.

For export guarantees, see Guaranteed Delivery on page 413.

TIBCO Enterprise Message Service User’s Guide

 Export Issues 413
|

Export Issues

This section presents issues associated with exporting messages from EMS to
SmartSockets.

JMSReplyTo
Topics Consider an EMS message in which the field J M S R e p l y T o contains a topic. When
exporting such a message to SmartSockets, you must explicitly configure t i b e m s d
to import replies from SmartSockets to that reply topic.

Temporary Topics Consider an EMS message in which the field J M S R e p l y T o contains a temporary
topic. When t i b e m s d exports such a message to SmartSockets, it automatically
arranges to import replies to that temporary topic from SmartSockets; you do not
need to configure it explicitly.

Wildcard Subscriptions
Star Wildcard Both EMS and SmartSockets interpret the star character (* ) as a wildcard—but
with different semantics. EMS accepts star only as a whole element, which
matches a whole element. In contrast, SmartSockets accepts star as part of an
element, matching a substring within the element.
When a SmartSockets client subscribes to f o o . b a r * , then configure t i b e m s d to
export the superset f o o . * ; RTserver narrows the set by delivering only messages
that match subscribers. For a full discussion of the differences between EMS and
SmartSockets wildcards, see Destination Name—Syntax and Semantics on
page 408.

Guaranteed Delivery

For full end-to-end guaranteed delivery to SmartSockets from EMS, both of these
conditions must be true:
• EMS senders must send persistent messages.
• The transport definition must set d e l i v e r y _ m o d e to g m d _ s o m e or g m d _ a l l (as
appropriate).

To preserve undelivered GMD messages in the EMS undelivered queue, see

p r e s e r v e _ g m d on page 406. For import guarantees, see Guaranteed Delivery on
page 412.

TIBCO Enterprise Message Service User’s Guide

414
| Chapter 16 Working With TIBCO SmartSockets

Message Translation

JMS Header Fields

EMS supports the ten predefined JMS header fields; see JMS Message Header
Fields on page 17.

Two Special These two header fields are special cases:

Cases
• JMS header J M S D e s t i n a t i o n corresponds to SmartSockets d e s t .
• JMS header J M S R e p l y T o corresponds to SmartSockets r e p l y _ t o .

Import When importing a SmartSockets message to an EMS message, t i b e m s d does not

set any JMS header fields, except for the special cases noted above.

Export When exporting an EMS message to a SmartSockets message, t i b e m s d groups all

the JMS header fields (except for the special cases noted above) into a single
submessage within the SmartSockets message. The field J M S H e a d e r s contains
that submessage. Fields of the submessage map the names of JMS header fields to
their values.
t i b e m s d ignores any JMS header fields that are null or absent—it omits them
from the exported message.
You can instruct t i b e m s d to suppress the entire header submessage in all
exported messages by setting the transport property e x p o r t _ h e a d e r s = false.

JMS Property Fields

Import When importing a SmartSockets message to an EMS message, t i b e m s d sets these
JMS properties:
• J M S _ T I B C O _ I M P O R T E D gets the value t r u e , indicating that the message did
not originate from an EMS client.
• J M S _ T I B C O _ M S G _ E X T gets the value t r u e , indicating that the message might
contain submessage fields or array fields.
• J M S _ T I B C O _ S S _ S E N D E R gets the value of the SmartSockets s e n d e r header
field (in SmartSockets syntax).
In addition, t i b e m s d maps SmartSockets message properties to EMS properties;
for details see SmartSockets Message Properties on page 415.

TIBCO Enterprise Message Service User’s Guide

 Message Translation 415
|
Export When exporting an EMS message to a SmartSockets message, t i b e m s d groups all
the JMS property fields into a single submessage within the SmartSockets
message. The field J M S P r o p e r t i e s contains that submessage. Fields of the
submessage map the names of JMS property fields to their values.
tibemsd ignores any JMS property fields that are not set, or are set to null—it
omits them from the exported message.
You can instruct t i b e m s d to suppress the entire properties submessage in the
exported message by setting the transport property
export_properties = false.

SmartSockets Message Properties

In release 4.1.0 (and later), t i b e m s d maps SmartSockets message headers to EMS
message properties on import. Table 60 summarizes the mapping. The first
column indicates the EMS property, and the second column indicates the
SmartSockets method that gets the corresponding header.

Import The transport parameter i m p o r t _ s s _ h e a d e r s governs the import behavior. The

third column of Table 60 lists the values of that parameter for which t i b e m s d
imports the message property in that row. See i m p o r t _ s s _ h e a d e r s on page 405.

Export EMS client programs may modify the values of these properties within imported
messages for re-export to SmartSockets. (However, exporting a native EMS
message does not carry these properties to SmartSockets.)
Export of these properties depends on the value of the transport parameter
e x p o r t _ p r o p e r t i e s on page 407.

When exporting an EMS message to SmartSockets, t i b e m s d maps these

properties in reverse. In most cases, the mapping is symmetric—export maps
them back to the same SmartSockets header. However, three exceptions
(J M S _ T I B C O _ S S _ S E N D E R , J M S _ T I B C O _ S S _ M E S S A G E _ I D and
J M S _ T I B C O _ S S _ S E Q _ N U M ) are asymmetric—export maps them to subfields of the
field J M S P r o p e r t i e s within the S m a r t S o c k e t s message. The fourth column of
Table 60 indicates this asymmetry.

Table 60 SmartSockets Mapping Message Properties (Import & Export) (Sheet 1 of 2)

EMS Property SmartSockets Method Import Export

Asymmetr.
JMS_TIBCO_SS_SENDER TipcMsgGetSender none Asymmetr.
type_num
all

TIBCO Enterprise Message Service User’s Guide

416
| Chapter 16 Working With TIBCO SmartSockets

Table 60 SmartSockets Mapping Message Properties (Import & Export) (Sheet 2 of 2)

Export
EMS Property SmartSockets Method Import Asymmetr.
JMS_TIBCO_SS_TYPE_NUM TipcMsgGetType type_num
all

JMS_TIBCO_SS_DELIVERY_MODE TipcMsgGetDeliveryMode all

JMS_TIBCO_SS_LB_MODE TipcMsgGetLbMode all

JMS_TIBCO_SS_EXPIRATION TipcMsgGetExpiration all

JMS_TIBCO_SS_PRIORITY TipcMsgGetPriority all

JMS_TIBCO_SS_SENDER_TIMESTAMP TipcMsgGetSenderTimestamp all

JMS_TIBCO_SS_CORRELATION_ID TipcMsgGetCorrelationId all

JMS_TIBCO_SS_USER_PROP TipcMsgGetUserProp all

JMS_TIBCO_SS_MESSAGE_ID TipcMsgGetMessageId all Asymmetr.

JMS_TIBCO_SS_SEQ_NUM TipcMsgGetSeqNum all Asymmetr.

Message Body
tibemsd can export messages with any JMS message body type to TIBCO
SmartSockets. Conversely, t i b e m s d can import messages with any message type
from TIBCO SmartSockets.
For information about JMS body types, see JMS Message Bodies on page 21.
For information about the structure of messages, see JMS Message Structure on
page 17.

Import When importing a SmartSockets message, t i b e m s d translates it to one of two

EMS message body types:
• If the SmartSockets message contains only unnamed fields, then it translates
into a J M S S t r e a m M e s s a g e . The stream contains the values of the unnamed
fields in the same order as they appear in the SmartSockets message.
• If the SmartSockets message contains one or more named fields, then it
translates into a J M S M a p M e s s a g e . The map message contains the named fields;
the order of the fields is indeterminate.

TIBCO Enterprise Message Service User’s Guide

 Message Translation 417
|
Export When exporting an EMS message, t i b e m s d translates it to one of six SmartSockets
message types (see Table 61) with the following structure:
• The named field J M S H e a d e r s is the first field (omitted when the transport
parameter e x p o r t _ h e a d e r s is f a l s e ). It contains a submessage; see JMS
Header Fields on page 414.
• The named field J M S P r o p e r t i e s is the next field (omitted when the transport
parameter e x p o r t _ p r o p e r t i e s is f a l s e ). It contains a submessage; see JMS
Property Fields on page 414.
• The data fields follow the JMS headers and properties (when present). For
details about field names and types, see the third column of Table 61.

Table 61 SmartSockets: Mapping Message Types (Export)

SmartSockets
JMS Message Type Message Type Data Fields

JMSBytesMessage T_MT_JMS_BYTES One unnamed field of type

T_MSG_FT_BINARY

JMSMapMessage T_MT_JMS_MAP Named fields; indeterminate

order

JMSObjectMessage T_MT_JMS_OBJECT One unnamed field of type

T_MSG_FT_BINARY

JMSStreamMessage T_MT_JMS_STREAM Unnamed fields in order

JMSTextMessage T_MT_JMS_TEXT One unnamed field of type

T_MSG_FT_STR

All other JMS T_MT_INFO No data fields

message types

TIBCO Enterprise Message Service User’s Guide

418
| Chapter 16 Working With TIBCO SmartSockets

Data Types
Table 62 presents the mapping between EMS datatypes and SmartSockets
datatypes. The mapping is bidirectional, except for a few SmartSockets types that
have no corresponding EMS type (for these types the mapping is marked as
unidirectional in the middle column of Table 62).

Table 62 SmartSockets: Mapping Data Types (Sheet 1 of 2)

EMS Map SmartSockets

Boolean T_MSG_FT_BOOL

Byte T_MSG_FT_CHAR

Character T_MSG_FT_INT2

Short T_MSG_FT_INT2

Integer T_MSG_FT_INT4

Long T_MSG_FT_INT8

Float T_MSG_FT_REAL4

Double T_MSG_FT_REAL8

Double <— T_MSG_FT_TIMESTAMP

String T_MSG_FT_STR

String <— T_MSG_FT_XML

String <— T_MSG_FT_UTF8

Byte Array T_MSG_FT_BINARY

Short Array <— T_MSG_FT_BOOL_ARRAY

Short Array T_MSG_FT_INT2_ARRAY

Integer Array T_MSG_FT_INT4_ARRAY

Long Array T_MSG_FT_INT8_ARRAY

Float Array T_MSG_FT_REAL4_ARRAY

Double Array T_MSG_FT_REAL8_ARRAY

TIBCO Enterprise Message Service User’s Guide

 Message Translation 419
|

Table 62 SmartSockets: Mapping Data Types (Sheet 2 of 2)

EMS Map SmartSockets

Double Array <— T_MSG_FT_TIMESTAMP_ARRAY

Stream Message T_MSG_FT_MSG

Map Message
(See Import on page 416.)

Destination Names
tibemsd automatically translates destination names when importing or exporting
a message; see Slash & Dot Separators on page 408.
When importing, it translates names in the SmartSockets s u b j e c t and r e p l y _ t o
fields. When exporting, it translates names in the EMS J M S D e s t i n a t i o n and
J M S R e p l y T o fields.

TIBCO Enterprise Message Service User’s Guide

420
| Chapter 16 Working With TIBCO SmartSockets

TIBCO Enterprise Message Service User’s Guide

 | 421

Chapter 17 Monitoring Server Activity

System administrators must monitor and manage the TIBCO Enterprise Message
Service server. The logging, monitoring, and statistics facilities provided by the
server allow system administrators to effectively view system activity and track
system performance.

Topics

• Log Files and Tracing, page 422

• Message Tracing, page 428
• Monitoring Server Events, page 430
• Working with Server Statistics, page 436

TIBCO Enterprise Message Service User’s Guide

422
| Chapter 17 Monitoring Server Activity

Log Files and Tracing

You can configure the TIBCO Enterprise Message Service server to write a variety
of information to the log. Several parameters and commands control where the
log is located as well as what information is written to the log. The log can be
written to a file, to the system console, or to both.

Configuring the Log File

The l o g f i l e configuration parameter in t i b e m s d . c o n f controls the location and
the name of the log file.
You can specify that the log file should be backed up and emptied after it reaches
a maximum size. This allows you to rotate the log file and ensure that the log file
does not grow boundlessly. The l o g f i l e _ m a x _ s i z e configuration parameter
allows you to specify the maximum size of the current log file. Set the parameter
to 0 to specify no limit. Use KB, MB, or GB units.
Once the log file reaches its maximum size, it is copied to a file with the same
name as the current log file except a sequence number is appended to the name of
the backup file. The server queries the directory and determines the first available
sequence number. For example, if the current log file is named t i b e m s . l o g , the
first copy is named t i b e m s . l o g . 1 , the second is named t i b e m s . l o g . 2 , and so
on. You can move the files out of the log directory, if desired, and the next log file
is determined based on the first available numbered backup in the log file
directory.

When you remove or move log files, it is recommended that you remove or move
all log files in the log file directory. The server can then restart its log file sequence
with 1.

You can also dynamically force the log file to be backed up and truncated using
the r o t a t e l o g command in t i b e m s a d m i n . See Command Listing on page 120 for
more information about the r o t a t e l o g command.
For other configuration parameters that affect the log file, see Tracing and Log File
Parameters on page 204.

TIBCO Enterprise Message Service User’s Guide

 Log Files and Tracing 423
|

Tracing on the Server

The TIBCO Enterprise Message Service server can be configured to produce
tracing messages. These messages can describe actions performed for various
areas of functionality (for example, Access Control, Administration, or Routing).
These messages can also provide information about activities performed on or by
the server, or the messages can provide warnings in the event of failures or illegal
actions.
Trace messages can be sent to a log file, the console, or both. You configure tracing
in the following ways:
• By configuring the l o g _ t r a c e and/or c o n s o l e _ t r a c e parameters in the
tibemsd.conf file; see Table 16 on page 135.
• By specifying the - t r a c e option when starting the server
• By using the s e t server command when the server is running.
l o g _ t r a c e and c o n s o l e _ t r a c e can be used to configure what types of messages
are to go to the log file and to the console.

When you want trace messages to be sent to a log file, you must also configure the
l o g f i l e configuration parameter. If you specify l o g _ t r a c e , and the l o g f i l e
configuration parameter is not set to a valid file, the tracing options are stored,
but they are not used until the server is started with a valid log file.

When configuring log or console tracing, you have a variety of options for the
types of trace messages that can be generated. Table 63 on page 424 describes the
available tracing options.

TIBCO Enterprise Message Service User’s Guide

424
| Chapter 17 Monitoring Server Activity

Table 63 Server Tracing Options

Trace Option Description

DEFAULT Sets the trace options to the default set. This includes:
• INFO

• WARNING

• ACL

• LIMITS

• ROUTE

• ADMIN

• RVADV

• CONNECT_ERROR

• CONFIG

• MSG

ACL Prints a message when a user attempts to perform an

unauthorized action. For example, if the user attempts to
publish a message to a secure topic for which the user has
not been granted the publish permission.

ADMIN Prints a message whenever an administration function is

performed.

AUTH Prints a message when the server authenticates a user

using an external LDAP system.

CONFIG Prints information about configuration files and their

contents as the EMS server is starting up.

CONNECT Prints a message when a user attempts to connect to the

server.

CONNECT_ERROR Prints a message when an error occurs on a connection.

DBSTORE Prints a message when a database store is created, along

with general database store information and errors.

DEST Prints a message when a dynamic destination is created.

TIBCO Enterprise Message Service User’s Guide

 Log Files and Tracing 425
|

Table 63 Server Tracing Options

Trace Option Description

FLOW Prints a message when the server enforces flow control or
stops enforcing flow control on a destination.

INFO Prints messages as the server performs various internal

housekeeping functions, such as creating a configuration
file, opening the persistent database files, and purging
messages. Also prints a message when tracking by
message ID is enabled or disabled.

JAAS Prints messages related to any extensible security

modules.
Messages are printed when a username and password are
passed to the LoginModule for authentication, and when
a user and action are passed to the Permissions Modules
for authorization.

JVM Prints startup information about the JVM configuration,

as well as any output from custom modules running in
the JVM that uses S y s t e m . o u t .

JVMERR Prints output from custom modules running in the JVM

that uses S y s t e m . e r r.

LDAP_DEBUG Prints messages when LDAP is used for authentication or

to obtain group information.

LIMITS Prints a message when a limit is exceeded, such as the

maximum size for a destination.

MEMORY Prints a server trace information when reserve memory is

triggered because of low server memory conditions.

MSG Specifies that message trace messages should be printed.

Message tracing is enabled/disabled on a destination or
on an individual message. If message tracing is not
enabled for any messages or destinations, no trace
messages are printed when this option is specified for log
or console tracing. See Message Tracing on page 428 for
more information about message tracing.

TIBCO Enterprise Message Service User’s Guide

426
| Chapter 17 Monitoring Server Activity

Table 63 Server Tracing Options

Trace Option Description

MULTICAST Prints a message when a message consumer subscribes or
attempts to subscribe to a multicast-enabled topic, along
with general multicast information and errors.

PRODCONS Prints a message when a client creates or closes a

producer or consumer.

ROUTE Prints a message when routes are created or when a route

connection is established.

ROUTE_DEBUG Prints status and error messages related to the route.

RVADV Prints TIBCO Rendezvous advisory messages whenever

they are received.

SSL Prints detailed messages of the SSL process, including

certificate content.

SSL_DEBUG Prints messages that trace the establishment of SSL

connections.

TX Prints a message when a client performs a transaction.

WARNING Prints a message when a failure of some sort occurs,

usually because the user attempts to do something illegal.
For example, a message is printed when a user attempts
to publish to a wildcard destination name.

Specify tracing with a comma-separated list of trace options. You may specify
trace options in three forms:
• plain A trace option without a prefix character replaces any existing trace
options.
• + A trace option preceded by + adds the option to the current set of trace
options.
• - A trace option preceded by - removes the option from the current set of
trace options.

TIBCO Enterprise Message Service User’s Guide

 Log Files and Tracing 427
|

Examples
The following example sets the trace log to only show messages about access
control violations.
log_trace=ACL

The next example sets the trace log to show all default trace messages, in addition
to SSL messages, but ADMIN messages are not shown.
log_trace=DEFAULT,-ADMIN,+SSL

The next example sends a trace message to the console when a TIBCO
Rendezvous advisory message arrives.
console_trace=RVADV

TIBCO Enterprise Message Service User’s Guide

428
| Chapter 17 Monitoring Server Activity

Message Tracing

In addition to other server activity, you can trace messages as they are processed.
Trace entries for messages are only generated for destinations or messages that
specify tracing should be performed. For destinations, you specify the t r a c e
property to enable the generation of trace messages. For individual messages, the
J M S _ T I B C O _ M S G _ T R A C E property specifies that tracing should be performed for
this message, regardless of the destination settings. The sections below describe
the tracing properties for destinations and messages.
Message trace entries can be output to either the console or the log. The M S G trace
option specifies that message trace entries should be displayed, and the D E F A U L T
trace option includes the M S G option. See Tracing on the Server on page 423 for
more information about specifying trace options.
You must set the tracing property on either destinations or messages and also set
the M S G or D E F A U L T trace option on the console or the log before you can view
trace entries for messages.

EMS tracing features do not filter unprintable characters from trace output. If
your application uses unprintable characters within messages (whether in data or
headers), the results of message tracing are unpredictable.

Enabling Message Tracing for a Destination

The t r a c e property on a destination specifies that trace entries are generated for
that destination.
The t r a c e property can optionally be specified as t r a c e = b o d y. Setting
trace=body includes the message body in trace messages when the message size
is less than 1 MB, including the header. When a message is larger than 1 MB, the
body is not included in trace messages.
Setting t r a c e without the b o d y option specifies that only the message sequence
and message ID are included in the trace message.
When message tracing is enabled for a destination, a trace entry is output for each
of the following events that occur in message processing:
• messages are received into a destination
• messages are sent to consumers
• messages are imported or exported to/from an external system
• messages are acknowledged
• messages are sent across a destination bridge

TIBCO Enterprise Message Service User’s Guide

 Message Tracing 429
|

• messages are routed

Replies to request messages are traced only when the reply destination has the
t r a c e property. Similarly, replies to exported messages are only traced when the
t r a c e property is set.

Enabling Message Tracing on a Message

You can enable tracing on individual messages by setting the
J M S _ T I B C O _ M S G _ T R A C E property on the message. The value of the property can be
either n u l l (Java/.NET null or NULL in C) or the string "b o d y " . Setting the
property to n u l l specifies only the message ID and message sequence will be
included in the trace entries for the message. Setting the property to "b o d y "
specifies the message body will be included in the trace entries for the message.
When the J M S _ T I B C O _ M S G _ T R A C E property is set for a message, trace entries are
generated for the message as it is processed, regardless of whether the t r a c e
property is set for any destinations the message passes through. Trace messages
are generated for the message when it is sent by the producer and when it is
received by the consumer.

TIBCO Enterprise Message Service User’s Guide

430
| Chapter 17 Monitoring Server Activity

Monitoring Server Events

The TIBCO Enterprise Message Service server can publish topic messages for
internal system events. For example, the server can publish a message when users
connect or disconnect. System event messages contain detail about the event
stored in properties of the message. This section gives an overview of the
monitoring facilities provided by the server. For a list of monitor topics and a
description of the message properties for each topic, see Appendix B, Monitor
Messages, on page 519.

System Monitor Topics

The TIBCO Enterprise Message Service server can publish messages to various
topics when certain events occur. There are several types of event classes, each
class groups a set of related events. For example, some event classes are
connection, admin, and route. Each event class is further subdivided into the
events for each class. For example, the connection class has two events: connect
and disconnect. These event classes are used to group the system events into
meaningful categories.
All system event topic names begin with $ s y s . m o n i t o r . The remainder of the
name is the event class followed by the event. For example, the server publishes a
message to the topic $ s y s . m o n i t o r . c o n n e c t i o n . d i s c o n n e c t whenever a client
disconnects from the server. The naming scheme for system event topics allows
you to create wildcard subscriptions for all events of a certain class. For example,
to receive messages whenever clients connect or disconnect, you would create a
topic subscriber for the topic $ s y s . m o n i t o r . c o n n e c t i o n . * .
Monitor topics are created and maintained by the server. Monitor topics are not
listed in the t o p i c s . c o n f file. Users can subscribe to monitor topics but cannot
create them.

Monitoring Messages
You can monitor messages processed by a destination as they are sent, received,
or acknowledged. You can also monitor messages that have prematurely exited
due to expiration, being discarded, or a m a x R e d e l i v e r y failure.
The $ s y s . m o n i t o r topic for monitoring messages has the following format:
$ s y s . m o n i t o r . D. E. destinationName

TIBCO Enterprise Message Service User’s Guide

 Monitoring Server Events 431
|

Where D is the type of destination, E is the event you wish to monitor, and
destinationName is the name of the destination whose messages you wish to
monitor. Table 64 describes the possible values of D and E in message monitoring
topics.

Table 64 Message monitoring qualifiers (Sheet 1 of 2)

Qualifier Value Description

D T Destination to monitor is a topic. Include the message
body in the monitor message as a byte array. Use the
c r e a t e F r o m B y t e s ( ) method when viewing the monitor
message to recreate the message body, if desired.

t Destination to monitor is a topic. Do not include the

message body in the monitor message.

Q Destination to monitor is a queue. Include the message

body in the monitor message as a byte array. Use the
c r e a t e F r o m B y t e s ( ) method when viewing the monitor
message to recreate the message body, if desired.

q Destination to monitor is a queue. Do not include the

message body in the monitor message.

TIBCO Enterprise Message Service User’s Guide

432
| Chapter 17 Monitoring Server Activity

Table 64 Message monitoring qualifiers (Sheet 2 of 2)

Qualifier Value Description

E s Monitor message is generated when a message is sent by
the server to:
• a consumer
• a route
• an external system by way of a transport

r Monitor message is generated when a message is

received by the specified destination. This occurs when
the message is:
• Sent by a producer
• Sent by a route
• Forwarded from another destination by way of a
bridge
• Imported from transport to an external system

a Monitor message is generated when a message is

acknowledged.

p Monitor message is generated when a message

prematurely exits due to expiration, being discarded, or a
m a x R e d e l i v e r y failure.

* Monitor message is generated when a message is sent,

received, or acknowledged for the specified destination.

For example, $ s y s . m o n i t o r . T . r . c o r p . N e w s is the topic for monitoring any

received messages to the topic named c o r p . N e w s . The message body of any
received message is included in monitor messages on this topic. The topic
$ s y s . m o n i t o r . q . * . c o r p . * monitors all message events (send, receive,
acknowledge) for all queues matching the name c o r p . * . The message body is not
included in this topic’s messages.
The messages sent to this type of monitor topic include a description of the event,
information about where the message came from (a producer, route, external
system, and so on), and optionally the message body, depending upon the value
of D. See Appendix B, Monitor Messages, on page 519 for a complete description
of the properties available in monitoring messages.

TIBCO Enterprise Message Service User’s Guide

 Monitoring Server Events 433
|

You must explicitly subscribe to a message monitoring topic. That is, subscribing
to $ s y s . m o n i t o r . > will subscribe to all topics beginning with $ s y s . m o n i t o r, but
it does not subscribe you to any specific message monitoring topic such as
$ s y s . m o n i t o r . T . * . f o o . b a r. However, if another subscriber generates interest
in the message monitor topics, this subscriber will also receive those messages.
You can specify wildcards in the destinationName portion of the message monitoring
topic to subscribe to the message monitoring topic for all matching destinations.
For example, you can subscribe to $ s y s . m o n i t o r . T . r . > to monitor all messages
received by all topics. For performance reasons, you may want to avoid
subscribing to too many message monitoring topics. See Performance
Implications of Monitor Topics on page 434 for more information.

Viewing Monitor Topics

Monitor topics are similar to other topics. To view these topics, create a client
application that subscribes to the desired topics.
Because monitor topics contain potentially sensitive system information,
authentication and permissions are always checked when clients access a monitor
topic. That is, even if authentication for the server is disabled, clients are not able
to access monitor topics unless they have logged in with a valid username and
password and the user has permission to view the desired topic.
The a d m i n user and members of the $ a d m i n group have permission to perform
any server action, including subscribing to monitor topics. All other users must be
explicitly granted permission to view monitor topics before the user can
successfully create subscribers for monitor topics. For example, if user BOB is not
a member of the $ a d m i n group, and you wish to allow user B O B to monitor all
connection events, you can grant B O B the required permission with the following
command using the administration tool:
grant topic $sys.monitor.connection.* BOB subscribe

Bob’s application can then create a topic subscriber for $ s y s . m o n i t o r . c o n n e c t . *

and view any connect or disconnect events.

Topics starting with $ s y s . m o n i t o r do not participate in any permission

inheritance from parent topics other than those starting with $ s y s . m o n i t o r (that
is, * . * or * . > is not a parent of $ s y s . m o n i t o r ).
Therefore, granting permission to a user to subscribe to > does not allow that user
to subscribe to $ s y s . m o n i t o r topics. You must explicitly grant users permission
to $ s y s . m o n i t o r topics (or parent topics, such as $ s y s . m o n i t o r . a d m i n . * ) for a
user to be able to subscribe to that topic.

TIBCO Enterprise Message Service User’s Guide

434
| Chapter 17 Monitoring Server Activity

Monitor topics publish messages of type M a p M e s s a g e . Information about the

event is stored within properties in the message. Each system event has different
properties. Appendix B, Monitor Messages, on page 519 describes each of the
monitor topics and the message properties for the messages published on that
topic. Your application can receive and display all or part of a monitor message,
just as it would handle any message sent to a topic. However, there are some ways
in which monitor messages are handled differently from standard messages:
• Monitor messages cannot be routed to other servers.
• Monitor messages are not stored persistently on disk.
• Monitor messages are not swapped from process memory to disk.
You can have any number of applications that subscribe to monitor messages. You
can create different applications that subscribe to different monitor topics, or you
can create one application that subscribes to all desired monitor topics. Your topic
subscribers can also use message selectors to filter the monitor messages so your
application receives only the messages it is interested in.

Performance Implications of Monitor Topics

The TIBCO Enterprise Message Service server only generates messages for
monitor topics that currently have subscribers. So, if no applications subscribe to
monitor topics, no monitor messages are generated. Generating a monitor
message does consume system resources, and therefore you should consider what
kinds of monitoring your environment requires. System performance is affected
by the number of subscribers for monitor topics as well as the frequency of
messages for those topics.
For development and testing systems, monitoring all system events is probably
desirable. Usually, development and testing systems do not have large message
volumes, and monitoring can give you information about system problems.
For production systems, monitoring all events may have an adverse effect on
system performance. Therefore, you should not create topic subscribers for
$ s y s . m o n i t o r . > in your production system. Also, monitor events are likely to be
added in future releases, so the number of monitor topics may grow.
Subscriptions to monitor topics in production systems should always be limited
to specific monitor topics or wildcard subscriptions to specific classes of monitor
topics that are required.
Also, consider the frequency of messages to each monitor topic. System
administration events, such as creating topics, routes, and changing permissions,
do not occur frequently, so creating subscriptions for these types of events will
most likely not have a significant effect on performance.

TIBCO Enterprise Message Service User’s Guide

 Monitoring Server Events 435
|

Also, using message selectors to limit monitor messages can improve

performance slightly. The server does not send any messages that do not match a
subscriber’s message selector. Even though the message is not sent, the message is
still generated. Therefore there is still system overhead for subscribers to a
monitor topic, even if all messages for that topic do not match any subscriber’s
message selector filter.

TIBCO Enterprise Message Service User’s Guide

436
| Chapter 17 Monitoring Server Activity

Working with Server Statistics

The TIBCO Enterprise Message Service server allows you to track incoming and
outgoing message volume, message size, and message statistics for the server
overall as well as for each producer, consumer, or route. You can configure the
type of statistics collected, the interval for computing averages, and amount of
detail for each type.
Statistic tracking can be set in the server’s configuration file, or you can change
the configuration dynamically using commands in the administration tool or by
creating your own application with the administration APIs.
Statistics can be viewed using the administration tool, or you can create your own
application that performs more advanced analysis of statistics using the
administration APIs.
This section details how to configure and view statistics using the configuration
files and administration tool commands. For more information about the
administration APIs, see the description of c o m . t i b c o . t i b j m s . a d m i n in the
online documentation.

The TIBCO Enterprise Message Service server tracks the number of incoming or
outgoing messages, but only messages sent or received by a producer, consumer,
or route are tracked. The server also sends system messages, but these are not
included in the number of messages.
However, the server can add a small amount of data to a message for internal use
by the server. This overhead is counted in the total message size, and you may
notice that some messages have a greater message size than expected.

Overall Server Statistics

The server always collects certain overall server statistics. This includes the rate of
inbound and outbound messages (expressed as number of messages per second),
message memory usage, disk storage usage, and the number of destinations,
connections, and durable subscriptions. Gathering this information consumes
virtually no system resources, therefore these statistics are always available. You
can view overall server statistics by executing the s h o w s e r v e r command.
The default interval for collecting overall server statistics is 1 second. You may
wish to view average system usage statistics over a larger interval. The
s e r v e r _ r a t e _ i n t e r v a l configuration parameter controls the collection interval
for server statistics. The parameter can be set in the configuration file or
dynamically using the s e t s e r v e r command. This parameter can only be set to
positive integers greater than zero.

TIBCO Enterprise Message Service User’s Guide

 Working with Server Statistics 437
|

Enabling Statistic Gathering

Each producer, consumer, destination, and route can gather overall statistics and
statistics for each of its destinations. To enable statistic gathering, you must set the
s t a t i s t i c s parameter to enabled. This parameter can be specified in the
configuration file, and it can be changed dynamically using the s e t s e r v e r
command.
The s t a t i s t i c s parameter allows you to globally enable and disable statistic
gathering. Statistics are kept in server memory for the life of each object. If you
wish to reset the total statistics for all objects to zero, disable statistic gathering,
then re-enable it. Server statistics are also reset when the server shuts down and
restarts, or in the event of a fault-tolerant failover.
For each producer, consumer, destination, and route the total number of
sent/received messages and total size of messages is maintained. Also, producers
and consumers keep these statistics for each destination that they use to send or
receive messages.
The rate of incoming/outgoing messages and message size is calculated over an
interval. By default, the average is calculated every 3 seconds. You can increase or
decrease this value by altering the r a t e _ i n t e r v a l parameter. This parameter can
be set in the configuration file or dynamically using the s e t s e r v e r command.
Setting this parameter to 0 disables the tracking of statistics over an interval—
only the total statistics for the destination, route, producer, or consumer are kept.
Gathering total statistics for producers, consumers, destinations, and routes
consumes few system resources. Under most circumstances, enabling statistic
gathering and average calculations should not affect system performance.

Detailed Statistics
In some situations, the default statistic gathering may not be sufficient. For
example, if a topic subscriber subscribes to wildcard topics, the total statistics for
all topics that match the wildcard are kept. You may wish to get further detail in
this case and track the statistics for each actual topic the subscriber receives.
The following situations may require detailed statistic gathering:
• Topic subscribers that subscribe to wildcard topics
• Message producers that do not specify a destination when they are created.
These message producers can produce messages for any destination, and the
destination name is specified when a message is sent.
• Routes can have incoming and outgoing messages on many different topics.
• Channels can also have outgoing messages on many different topics.

TIBCO Enterprise Message Service User’s Guide

438
| Chapter 17 Monitoring Server Activity

To enable detailed statistics, set the d e t a i l e d _ s t a t i s t i c s parameter to the type

of statistics you wish to receive. The parameter can have the following values:
• NONE — disables detailed statistic gathering.
• C O N S U M E R S — enables detailed statistics for topic subscribers with wildcard
topic names.
• P R O D U C E R S — enables detailed statistics for producers that do not specify a
destination when they are created.
• ROUTES — enables detailed statistics for routes.
• CHANNELS — enables detailed statistics for channels.
You can set the d e t a i l e d _ s t a t i s t i c s parameter to N O N E or any combination of
CONSUMERS, PRODUCERS, ROUTES, or C H A N N E L S . To specify more than one type of
detailed statistic gathering, provide a comma-separated list of values. You can set
the d e t a i l e d _ s t a t i s t i c s parameter in the configuration file or dynamically by
using the s e t s e r v e r command. For example, the following s e t s e r v e r
command enables detailed statistic tracking for producers and routes.
set server detailed_statistics = PRODUCERS,ROUTES

Collecting detailed statistics does consume memory, and can adversely affect
performance when gathering a high volume of statistics. There are two
parameters that allow you to control resource consumption when collecting
detailed statistics. First, you can control the amount of time statistics are kept, and
second you can set a maximum amount of memory for detailed statistic
gathering. When application programs create many dynamic destinations, we
recommend against gathering detailed statistics.
The s t a t i s t i c s _ c l e a n u p _ i n t e r v a l parameter controls how long detailed
statistics are kept. This parameter can be set either in the configuration file or
dynamically with the s e t s e r v e r command. By default, statistics are kept for 15
seconds. For example, if there is a topic subscriber for the topic f o o . * , and the
subscriber receives a message on topic f o o . b a r, if no new messages arrive for
topic f o o . b a r within 15 seconds, statistics for topic f o o . b a r are deleted for that
consumer. You can set this parameter to 0 to signify that all detailed statistics are
to be kept indefinitely. Of course, statistics for an object only exist as long as the
object itself exists. That is, if a message consumer terminates, all detailed statistics
for that consumer are deleted from memory.
The m a x _ s t a t _ m e m o r y parameter controls the amount of memory used by
detailed statistics. This parameter can be set either in the configuration file or
dynamically with the s e t s e r v e r command. By default, this parameter is set to 0
which signifies that detailed statistics have no memory limit. If no units are
specified, the value of this parameter is in bytes. Optionally, you can specify units

TIBCO Enterprise Message Service User’s Guide

 Working with Server Statistics 439
|

as KB, MB, or GB. When the specified limit is reached, the server stops collecting
new statistics. The server will only resume collecting statistics if the amount of
memory used decreases (for example, if the s t a t i s t i c s _ c l e a n u p _ i n t e r v a l is
set and old statistics are removed).

Displaying Statistics
When statistic collecting is enabled, you can view statistics for producers,
consumers, routes, and destinations using the s h o w s t a t command in the
administration tool.
The s h o w s t a t command allows you to filter the statistics based on destination
name, user name, connection ID, or any combination of criteria. You can
optionally specify the t o t a l keyword to retrieve only the total statistics (this
suppresses the detailed output). You can also optionally specify the "wide"
keyword when displaying statistics for destinations or routes. This specifies that
inbound and outbound message statistics should be displayed on the same line
(the line can be 100 characters or more).
The following illustrates displaying statistics for a route where detailed statistic
tracking is enabled.
tcp://server1:7322> show stat route B
Inbound statistics for route 'B':
Total Count Rate/Second
Destination Msgs Size Msgs Size
<total> 189 37.9 Kb 10 2.0 Kb
Topic: dynamic.0 38 7.6 Kb 2 0.4 Kb
Topic: dynamic.1 38 7.6 Kb 2 0.4 Kb
Topic: dynamic.2 38 7.6 Kb 2 0.4 Kb
Topic: dynamic.3 38 7.6 Kb 2 0.4 Kb
Topic: dynamic.4 37 7.4 Kb 2 0.4 Kb
Outbound statistics for route 'B':
Total Count Rate/Second
Destination Msgs Size Msgs Size
<total> 9538 1.9 MB 10 2.1 Kb
Topic: dynamic.0 1909 394.9 Kb 2 0.4 Kb
Topic: dynamic.1 1908 394.7 Kb 2 0.4 Kb
Topic: dynamic.2 1907 394.5 Kb 2 0.4 Kb
Topic: dynamic.3 1907 394.5 Kb 2 0.4 Kb
Topic: dynamic.4 1907 394.5 Kb 2 0.5 Kb

See s h o w s t a t on page 160 for more information and detailed syntax of the show
stat command.

TIBCO Enterprise Message Service User’s Guide

440
| Chapter 17 Monitoring Server Activity

TIBCO Enterprise Message Service User’s Guide

 | 441

Chapter 18 Using the SSL Protocol

Secure Sockets Layer (SSL) is a protocol that provides secure authentication and
transmits encrypted data over the Internet or an internal network. Most web
browsers support SSL, and many Web sites and Java applications use it to obtain
confidential user information, such as credit card numbers.
The SSL protocol is complex, and this chapter is not a complete description of
SSL. Instead, this chapter describes how to configure SSL in the TIBCO Enterprise
Message Service server and in client applications that communicate with the
server. For a more complete description of SSL, see the SSL specification at
http://wp.netscape.com/eng/ssl3/.

Topics

• SSL Support in TIBCO Enterprise Message Service, page 442

• Digital Certificates, page 443
• File Names for Certificates and Keys, page 445
• Configuring SSL in the Server, page 447
• Configuring SSL in EMS Clients, page 448
• Specifying Cipher Suites, page 452
• SSL Authentication Only, page 458
• Enabling FIPS Compliance, page 459

TIBCO Enterprise Message Service User’s Guide

442
| Chapter 18 Using the SSL Protocol

SSL Support in TIBCO Enterprise Message Service

TIBCO Enterprise Message Service supports the Secure Sockets Layer (SSL)
protocol. SSL uses public and private keys to encrypt data over a network
connection to secure communication between pairs of components:
• between an EMS client and the t i b e m s d server
• between the t i b e m s a d m i n tool and the t i b e m s d server
• between two routed servers
• between two fault-tolerant servers
SSL provides secure communication that works with other mechanisms for
authentication available in the EMS server. When a u t h o r i z a t i o n is enabled in
the server, the connection undergoes a two-phase authentication process. First, an
SSL hand-shake between client and server initializes a secure connection. Second,
the EMS server checks the credentials of the client using the supplied username
and password. If the connecting client does not supply a valid username and
password combination, the connection fails, even if the SSL handshake
succeeded.

When authorization is enabled, usernames and passwords are always checked,

even on SSL secured connections.

Implementations The TIBCO Enterprise Message Service server and the C client libraries use
OpenSSL for SSL support. For more information, see www.openssl.org.
EMS Java clients can use either JSSE (from Sun JavaSoft) or the SSL
implementation from Entrust. The EMS Java installation includes JSSE; if you
prefer to use Entrust, you must purchase and install the Entrust SSL
implementation separately.
EMS .NET 2.0 clients use the Microsoft implementation of SSL. The Microsoft
implementation of SSL is compatible with OpenSSL. Certificates required by the
client can either be stored in files or the Microsoft certificate store. However,
Microsoft requires that the root certificate be installed in the Microsoft Certificate
Store, even when certificate files are in use.
EMS distributions usually build and include the latest versions of OpenSSL and
OpenLDAP publicly available at the time of release. For exact version numbers
see the Third Party Software License Agreements documented in the TIBCO
Software Inc. End User License Agreement for TIBCO Enterprise Message
Service.

TIBCO Enterprise Message Service User’s Guide

 Digital Certificates 443
|

Digital Certificates

Digital certificates are data structures that represent identities. EMS uses
certificates to verify the identities of servers and clients. Though it is not necessary
to validate either the server or the client for them to exchange data over SSL,
certificates provide an additional level of security.
A digital certificate is issued either by a trusted third-party certificate authority, or
by a security officer within your enterprise. Usually, each user and server on the
network requires a unique digital certificate, to ensure that data is sent from and
received by the correct party.
In order to support SSL, the EMS server must have a digital certificate. Optionally,
EMS clients may also be issued certificates. If the server is configured to verify
client certificates, a client must have a certificate and have it verified by the server.
Similarly, an EMS client can be configured to verify the server’s certificate. Once
the identity of the server and/or client has been verified, encrypted data can be
transferred over SSL between the clients and server.
A digital certificate has two parts—a public part, which identifies its owner (a
user or server); and a private key, which the owner keeps confidential.
The public part of a digital certificate includes a variety of information, such as
the following:
• The name of the owner, and other information required to confirm the unique
identity of the subject. This information can include the URL of the web server
using the digital certificate, or an email address.
• The subject’s public key.
• The name of the certificate authority (CA) that issued the digital certificate.
• A serial number.
• The length of time the certificate will remain valid—defined by a start date
and an end date.
The most widely-used standard for digital certificates is ITU-T X.509. TIBCO
Enterprise Message Service supports digital certificates that comply with X.509
version 3 (X.509v3); most certificate authorities, such as Verisign and Entrust,
comply with this standard.

TIBCO Enterprise Message Service User’s Guide

444
| Chapter 18 Using the SSL Protocol

Digital Certificate File Formats

TIBCO Enterprise Message Service supports the following file formats for digital
certificates:
• PEM (Privacy Enhanced Mail)
• DER (Distinguished Encoding Rules)
• PKCS#7
• PKCS#12
• Java KeyStore (for client digital certificates)
• Entrust Store (for client digital certificates)

Private Key Formats

TIBCO Enterprise Message Service supports the following file formats for private
keys:
• PEM (Privacy Enhanced Mail)
• DER (Distinguished Encoding Rules)
• PKCS#8
• PKCS#12
The EMS server uses OpenSSL to read private keys. It supports PEM, DER,
PKCS8 and PKCS12 formats; it does not read Java KeyStore or Entrust Store files.

TIBCO Enterprise Message Service User’s Guide

 File Names for Certificates and Keys 445
|

File Names for Certificates and Keys

For all parameters that specify the identity (digital certificate), private key, issuer
(certificate chain), or trusted list of certificate authorities, valid files must be
specified. Not all types of files are supported for clients and servers. The
description of each parameter details which formats it supports.
Table 65 lists the valid types of files.

Table 65 File types

Extension Description
.pem PEM encoded certificates and keys (allows the certificate and
private key to be stored together in the same file)

.der DER encoded certificates

.p8 PKCS#8 file

.p7b PKCS#7 file

.p12 PKCS12 file (allows the certificate and private key to be

stored together in the same file)

.jks Java KeyStore file

.epf Entrust store file

Certificates are located in the EMS_install_dir/ c e r t s directory. EMS is installed

with some sample certificates and private keys that are used by the sample
configuration files.
The sample certificates include:
• A root, self-signed certificate and corresponding private keys in encrypted
PEM and PKCS8 formats:
server_root.cert.pem
server_root.key.pem
server_root.key.p8

• A server certificate and corresponding private keys in encrypted PEM and

PKCS8 formats. This certificate is issued by s e r v e r _ r o o t . c e r t . p e m and is
used by the server:
server.cert.pem
server.key.pem
server.key.p8

TIBCO Enterprise Message Service User’s Guide

446
| Chapter 18 Using the SSL Protocol

• A root, self-signed certificate and corresponding private key in encrypted

PEM and PKCS8 formats.
client_root.cert.pem
client_root.key.pem
client_root.key.p8

• A client certificate and corresponding private key in encrypted PEM and

PKCS8 formats. This certificate is issued by c l i e n t _ r o o t . c e r t . p e m and is
used by the clients:
client.cert.pem
client.key.pem
client.key.p8

• A PKCS12 file that includes the c l i e n t . c e r t . p e m client certificate, the

c l i e n t . k e y . p e m client private key, and the c l i e n t _ r o o t . c e r t . p e m issuer
certificate:
client_identity.p12

TIBCO Enterprise Message Service User’s Guide

 Configuring SSL in the Server 447
|

Configuring SSL in the Server

To use SSL, each instance of t i b e m s d must have a digital certificate and a private
key. The server can optionally require a certificate chain or trusted certificates.
Set the server to listen for SSL connections from clients by using the l i s t e n
parameter in t i b e m s d . c o n f . To specify that a port accept SSL connections,
specify the SSL protocol in the l i s t e n parameter as follows:
listen = ssl://localhost:7243

SSL Parameters
Several SSL parameters can be set in t i b e m s d . c o n f . The minimum configuration
is only one required parameter—s s l _ s e r v e r _ i d e n t i t y. However, if the server’s
certificate file does not contain its private key, then you must specify it in
s s l _ s e r v e r _ k e y.

SSL Server Parameters on page 208 provides a complete description of the SSL
parameters that can be set in t i b e m s d . c o n f .

Command Line Options

The server accepts a few command-line options for SSL.
When starting t i b e m s d , you can specify the following options:
• - s s l _ t r a c e —enables
tracing of loaded certificates. This prints a message to
the console during startup of the server that describes each loaded certificate.
• - s s l _ d e b u g _ t r a c e —enables more detailed SSL tracing for debugging only; it
is not for use in production systems.
• - s s l _ p a s s w o r d —specifies the private key password. Alternatively, you can
specify this password in the s s l _ s e r v e r _ p a s s w o r d parameter in
t i b e m s d . c o n f . If you do not supply a password using either of these
methods, t i b e m s d will prompt for the password when it starts. For more
information, see the description of the s s l _ p a s s w o r d configuration
parameter.

TIBCO Enterprise Message Service User’s Guide

448
| Chapter 18 Using the SSL Protocol

Configuring SSL in EMS Clients

To use an SSL connection to the EMS server, a client must include these JAR files
in the C L A S S P A T H .
• tibcrypt.jar
• slf4j-api-1.4.2.jar
• slf4j-simple-1.4.2.jar

These JARs are included with the TIBCO Enterprise Message Service installation,
and are located in the EMS_HOME\ l i b directory.

Entrust To use Entrust with an EMS client, you must separately purchase and install the
Entrust libraries. If you use the Entrust libraries, you must include them in the
CLASSPATH before the t i b c r y p t JAR file. To use Entrust with JDK, you must
download the unlimited strength policy JAR files from Sun's website and install
them in your local installation of JDK. For installation and configuration details,
see Entrust documentation.

Client Digital Certificates

When client authentication with a digital certificate is required by the EMS server
(see the description of the s s l _ r e q u i r e _ c l i e n t _ c e r t parameter in
t i b e m s d . c o n f ), the client may combine its client certificate and private key in a
single file in one of the following formats:
• PKCS#12
• Java KeyStore
• Entrust Store
You can also store the private key file separately from the client certificate file. If
this is the case, the certificate and private key must be stored in one of the
following formats:
• PEM
• PKCS#8
The format of the client digital certificate and private key file depends on the SSL
vendor used by the client. JSSE and Entrust support different formats and
combinations of formats. For more information about formats, see your SSL
vendor’s documentation.

TIBCO Enterprise Message Service User’s Guide

 Configuring SSL in EMS Clients 449
|

Configuring SSL
A client connecting to an EMS server can configure SSL characteristics in the
following ways:
• Create a connection factory that specifies the appropriate SSL parameters and
use JNDI to lookup the connection factory. The server URL in the connection
factory must specify the SSL protocol, and the factory must specify
appropriate SSL parameters.
A preconfigured connection factory is the preferred mechanism in many
situations. See Creating Connection Factories for Secure Connections and
Performing Secure Lookups for details on how to create a connection factory
with SSL parameters in EMS.
• Dynamically create a connection factory, as described in Dynamically
Creating Connection Factories and set the global SSL parameters locally using
the T i b j m s S S L class (Java), t i b e m s S S L P a r a m s type (C), or E M S S S L class (C#).
Specifying any SSL parameters within a connection factory causes all global SSL
parameters set with the T i b j m s S S L class to be ignored.

Configuring a Connection Factory

You can configure a connection factory using the administration tool or the EMS
Administration APIs. See Chapter 6, Using the EMS Administration Tool.
When configuring a connection factory, you can specify several SSL parameters,
similar to the server parameters that you can configure in t i b e m s d . c o n f .

When configuring a connection factory, EMS does not verify any file names
specified in the SSL parameters. At the time the factory is retrieved using JNDI,
the EMS server attempts to resolve any file references. If the files do not match the
supported types or the files are not found, the JNDI lookup fails with a
ConfigurationException.

Because connection factories do not contain the s s l _ p a s s w o r d (for security

reasons), the EMS server uses the password that is provided in the "create
connection" call for user authentication. If the create connection password is
different from the s s l _ p a s s w o r d , the connection creation will fail.

Table 66 briefly describes the parameters you can set in a connection factory, and
refers to additional information about each parameter. For more information
about each parameter, see the description of the equivalent parameter in
t i b e m s d . c o n f on page 173.

TIBCO Enterprise Message Service User’s Guide

450
| Chapter 18 Using the SSL Protocol

Table 66 ConnectionFactory SSL parameters (Sheet 1 of 2)

Parameter Description
ssl_vendor The vendor name of the SSL implementation that the client uses.

ssl_identity The client’s digital certificate.

For more information on file types for digital certificates, see File
Names for Certificates and Keys on page 445.

ssl_issuer Issuer’s certificate chain for the client’s certificate. Supply the entire
chain, including the CA root certificate. The client reads the
certificates in the chain in the order they are presented in this
parameter.

Example
ssl_issuer = certs\CA_root.pem
ssl_issuer = certs\CA_child1.pem
ssl_issuer = certs\CA_child2.pem

For more information on file types for digital certificates, see File
Names for Certificates and Keys on page 445.

ssl_private_key The client’s private key. If the key is included in the digital certificate
in s s l _ i d e n t i t y, then you may omit this parameter.
For more information on file types for digital certificates, see File
Names for Certificates and Keys on page 445.

ssl_trusted List of CA certificates to trust as issuers of server certificates. Supply

only CA root certificates.
For more information on file types for digital certificates, see File
Names for Certificates and Keys on page 445.

ssl_verify_host Specifies whether the client should verify the server’s certificate. The
values for this parameter are e n a b l e d or d i s a b l e d . By default, this
parameter is enabled, signifying the client should verify the server’s
certificate.
When d i s a b l e d , the client establishes secure communication with
the server, but does not verify the server’s identity.

TIBCO Enterprise Message Service User’s Guide

 Configuring SSL in EMS Clients 451
|

Table 66 ConnectionFactory SSL parameters (Sheet 2 of 2)

Parameter Description
ssl_verify_hostname Specifies whether the client should verify the name in the CN field of
the server’s certificate. The values for this parameter are e n a b l e d and
d i s a b l e d . By default, this parameter is enabled, signifying the client
should verify the name of the connected host or the name specified in
the s s l _ e x p e c t e d _ h o s t n a m e parameter against the value in the
server’s certificate. If the names do not match, the client rejects the
connection.
When d i s a b l e d , the client establishes secure communication with
the server, but does not verify the server’s name.

ssl_expected_hostname The name the client expects in the CN field of the server’s certificate.
If this parameter is not set, the expected name is the hostname of the
server.
The value of this parameter is used when the s s l _ v e r i f y _ h o s t n a m e
parameter is e n a b l e d .

ssl_ciphers Specifies the cipher suites that the client can use.
Supply a colon-separated list of cipher names. Names may be either
OpenSSL names, or longer descriptive names.
For more information, see Specifying Cipher Suites on page 452.

ssl_rand_egd The path for the entropy gathering daemon (EGD), if one is installed.
This daemon generates random data for the client.

TIBCO Enterprise Message Service User’s Guide

452
| Chapter 18 Using the SSL Protocol

Specifying Cipher Suites

On the EMS server, specify cipher suites using the s s l _ s e r v e r _ c i p h e r s

configuration parameter in t i b e m s d . c o n f . For more information about server
configuration files, see Chapter 7, Using the Configuration Files, on page 171.
For clients connecting with a connection factory, specify cipher suites using the
s s l _ c i p h e r s connection factory parameter. For more information, see
Configuring SSL in EMS Clients on page 448.

Syntax for Cipher Suites

EMS uses OpenSSL for SSL support. Therefore, the cipher suite names can be
specified as the OpenSSL name for the cipher suite.
When specifying cipher suites, the usual way to specify more than one cipher
suite is to separate each suite name with a colon (: ) character. Alternatively, you
can use spaces and commas to separate names.

Java Client Syntax

The syntax for specifying the list of cipher suites is different for Java clients than
for any other location where cipher suites can be specified. For Java clients, you
specify a qualifier (for example, + to add the suite) followed by the cipher suite
name. Cipher suite names are case-sensitive. Table 67 describes the qualifiers you
can use when specifying cipher suite names in a ConnectionFactory for Java
clients.

Table 67 Qualifiers for Cipher Suites in Java Clients

Qualifier Description
+ Add the cipher to the list of ciphers.

- Remove the cipher from the list of ciphers.

> Move the cipher to the end of the list.

< Move the cipher to the beginning of the list.

ALL All ciphers from the list (except null ciphers). You can use this keyword to add or
remove all ciphers.
At least one cipher suite must be present, otherwise the SSL connection fails to
initialize. So, if you use - A L L , you must subsequently add the desired ciphers to the list.

TIBCO Enterprise Message Service User’s Guide

 Specifying Cipher Suites 453
|

This example specifies cipher suites in the s s l _ c i p h e r s connection factory

parameter in a Java client:
-ALL:+RC4-MD5:+DES-CBC-SHA:<DES-CBC3-SHA

This example specifies cipher suites using full names:

-ALL:+SSL_RSA_WITH_RC4_128_MD5:+SSL_RSA_WITH_DES_CBC_SHA:<SSL_RSA_
WITH_3DES_EDE_CBC_SHA

Syntax for All Other Cipher Suite Specifications

For any cipher suite list that is not specified in a connection factory of a Java
client, use the OpenSSL syntax. In particular, C clients and the
s s l _ s e r v e r _ c i p h e r s configuration parameter require OpenSSL syntax.

In OpenSSL syntax, specifying a cipher suite name adds that cipher suite to the
list. Each cipher suite name can be preceded by a qualifier. Cipher suite names are
case-sensitive. Table 68 describes the qualifiers available using OpenSSL syntax.

Table 68 OpenSSL Qualifiers for Cipher Suites (Sheet 1 of 2)

Qualifier Description
/ When entered as the first item in the list, this option causes EMS
to begin with an empty list, and add the ciphers that follow the
slash.
If the / does not prefix the cipher list, then EMS prefixes the
cipher list with the OpenSSL cipher string D E F A U L T.
This modifier can only be used at the beginning of the list. If the
/ appears elsewhere, the syntax of the cipher suite list will be
incorrect and cause an error.

+ Moves the cipher to the end of the list.

This qualifier is used to move an existing cipher. It can not be
used to add a new cipher to the list.

- Remove the cipher from the list of ciphers. When this option is
used, the cipher can be added later on in the list of ciphers.

! Permanently disable the cipher within the list of ciphers. Use

this option if you wish to remove a cipher and you do not want
later items in the list to add the cipher to the list. This qualifier
takes precedence over all other qualifiers.

TIBCO Enterprise Message Service User’s Guide

454
| Chapter 18 Using the SSL Protocol

Table 68 OpenSSL Qualifiers for Cipher Suites (Sheet 2 of 2)

Qualifier Description
ALL All ciphers from the list (except null ciphers). You can use this
keyword to add or remove all ciphers.
At least one cipher suite must be present or the SSL connection
fails to initialize. So, after using - A L L , you should add at least
one cipher to the list.

@STRENGTH Sort the cipher list by key length.

This example specifies cipher suites in the s s l _ s e r v e r _ c i p h e r s configuration

parameter.
ssl_server_ciphers = -ALL:RC4-MD5:DES-CBC-SHA:DES-CBC3-SHA

This example illustrates disables R C 4 - M D 5 , then adds all other ciphers:

ssl_server_ciphers = !RC4-MD5:ALL

Default Cipher The EMS server and C client library hard-code a default cipher list, which is
List equivalent to A L L : ! A D H : R C 4 + R S A : + S S L v 2 : @ S T R E N G T H .

Supported Cipher Suites

In general, the EMS server and C client library support all cipher suites that
OpenSSL supports, except I D E A , R C - 5 and C A S T. For a complete list, see current
OpenSSL documentation.

Supported Cipher Suites for Java Clients

Java clients support only the cipher suites listed in Table 69. For convenience, the
table lists both the standard name and the OpenSSL name for each cipher suite.

Table 69 Supported Cipher Suites in Java API (Sheet 1 of 4)

Suite Name Key Key

Export Auth Encrypt MAC
(OpenSSL Name) Exch Size
SSL_RSA_WITH_RC4_128_MD5
(RC4-MD5)

RSA RSA RC4 128 MD5

TIBCO Enterprise Message Service User’s Guide

 Specifying Cipher Suites 455
|

Table 69 Supported Cipher Suites in Java API (Sheet 2 of 4)

Suite Name Key Key

(OpenSSL Name) Export Exch Auth Encrypt Size MAC

SSL_RSA_WITH_RC4_128_SHA
(RC4-SHA)

RSA RSA RC4 128 SHA1

SSL_RSA_WITH_DES_CBC_SHA
(DES-CBC-SHA)

RSA RSA DES 56 SHA1

SSL_RSA_WITH_3DES_EDE_CBC_SHA
(DES-CBC3-SHA)

RSA RSA 3-DES 168 SHA1

SSL_RSA_EXPORT_WITH_RC4_40_MD5
(EXP-RC4-MD5)

Yes RSA(512) RSA RC4 40 MD5

SSL_RSA_EXPORT_WITH_DES_40_CBC_SHA
(EXP-DES-CBC-SHA)

Yes RSA(512) RSA DES 40 SHA1

SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
(EDH-DSS-DES-CBC3-SHA)

DH DSS 3-DES 168 SHA1

SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
(EDH-RSA-DES-CBC3-SHA)

DH RSA 3-DES 168 SHA1

SSL_DHE_DSS_WITH_DES_CBC_SHA
(EDH-DSS-DES-CBC-SHA)

DH DSS DES 56 SHA1

TIBCO Enterprise Message Service User’s Guide

456
| Chapter 18 Using the SSL Protocol

Table 69 Supported Cipher Suites in Java API (Sheet 3 of 4)

Suite Name Key Key

(OpenSSL Name) Export Exch Auth Encrypt Size MAC

SSL_DHE_RSA_WITH_DES_CBC_SHA
(EDH-RSA-DES-CBC-SHA)

DH RSA DES 56 SHA1

SSL_DHE_DSS_EXPORT_WITH_DES_40_CBC_SHA
(EXP-EDH-DSS-DES-CBC-SHA)

Yes DH(512) DSS DES 40 SHA1

SSL_DHE_RSA_EXPORT_WITH_DES_40_CBC_SHA
(EXP-EDH-RSA-DES-CBC-SHA)

Yes DH(512) RSA DES 40 SHA1

TLS_RSA_WITH_AES_128_CBC_SHA
(AES128-SHA)

RSA RSA AES 128 SHA1

TLS_RSA_WITH_AES_256_CBC_SHA
(AES256-SHA)

RSA RSA AES 256 SHA1

TLS_DHE_DSS_WITH_AES_128_CBC_SHA
(DHE-DSS-AES128-SHA)

DH DSS AES 128 SHA1

TLS_DHE_DSS_WITH_AES_256_CBC_SHA
(DHE-DSS-AES256-SHA)

DH DSS AES 256 SHA1

TLS_DHE_RSA_WITH_AES_128_CBC_SHA
(DHE-RSA-AES128-SHA)

DH RSA AES 128 SHA1

TIBCO Enterprise Message Service User’s Guide

 Specifying Cipher Suites 457
|

Table 69 Supported Cipher Suites in Java API (Sheet 4 of 4)

Suite Name Key Key

(OpenSSL Name) Export Exch Auth Encrypt Size MAC

TLS_DHE_RSA_WITH_AES_256_CBC_SHA
(DHE-RSA-AES256-SHA)

DH RSA AES 256 SHA1

SSL_RSA_WITH_NULL_MD5
(NULL-MD5)
JSSE only. Entrust does not support this suite.

DH RSA none — MD5

SSL_RSA_WITH_NULL_SHA
(NULL-SHA)
JSSE only. Entrust does not support this suite.

DH RSA none — SHA1

Supported Cipher Suites for .NET Clients

.NET client support only the following cipher suites:
• RC4-MD5
• RC4-SHA
• DES-CBC3-SHA
• DES-CBC-SHA
• EXP-RC2-CBC-MD5
• EXP-RC4-MD5

TIBCO Enterprise Message Service User’s Guide

458
| Chapter 18 Using the SSL Protocol

SSL Authentication Only

EMS servers can use SSL for secure data exchange (standard usage), or only for
client authentication. This section describes the use of SSL for client
authentication.

Motivation Some applications require strong or encrypted authentication, but do not require
message encryption.
In this situation, application architects could configure SSL with a null cipher.
However, this solution incurs internal overhead costs of SSL calls, decreasing
message speed and throughput.
For optimal performance, the preferred solution is to use SSL only to authenticate
clients, and then avoid SSL calls thereafter, using ordinary TCP communications
for subsequent data exchange. Message performance remains unaffected.

Preconditions All three of these preconditions must be satisfied to use SSL only for
authentication:
• The server and clients must both be release 4.2 or later. (If not, EMS behavior
reverts to using SSL for all communications throughout the life of the
connection.)
• The server must explicitly enable the parameter s s l _ a u t h _ o n l y in the
t i b e m s d . c o n f configuration file.

• The client program must request a connection that uses SSL for authentication
only. clients can specify this request in factories by enabling the
s s l _ a u t h _ o n l y parameter, or by calling:

— Java: T i b j m s S S L . s e t A u t h O n l y
— C: t i b e m s S S L P a r a m s _ S e t A u t h O n l y
— C#: E M S S S L . S e t A u t h O n l y

See Also ssl_auth_only on page 211

TIBCO Enterprise Message Service User’s Guide

 Enabling FIPS Compliance 459
|

Enabling FIPS Compliance

You can enable TIBCO Enterprise Message Service to run in compliance with
Federal Information Processing Standard (FIPS), Publication 140-2.

Enabling the EMS Server

The EMS server supports FIPS compliance only on Windows, Linux, and Solaris
10 (x86) platforms. On UNIX, only t i b e m s d 6 4 , the 64-bit version of the server, is
supported. No 32-bit support is provided.

To enable FIPS 140-2 operations in the EMS server:

• Set the f i p s 1 4 0 - 2 parameter in the main configuration file to t r u e .
• Ensure that incompatible parameters, listed below, are not included in the
server configuration files.
When f i p s 1 4 0 - 2 is enabled, on start-up the EMS server initializes in compliance
with FIPS 140-2. If the initialization is successful, the EMS server prints a message
indicating that it is operating in this mode. If the initialization fails, the server
exits (regardless of the s t a r t u p _ a b o r t _ l i s t setting).

Incompatible Parameters
In order to operate in FIPS compliant mode, you must not include these
parameters in the t i b e m s d . c o n f file:
• ssl_dh_size

• ssl_server_ciphers

• ldap_tls_rand_file

• ldap_tls_cipher_suite

• ft_ssl_ciphers

These parameters cannot be included in the r o u t e s . c o n f file:

• ssl_ciphers

TIBCO Enterprise Message Service User’s Guide

460
| Chapter 18 Using the SSL Protocol

Enabling EMS Clients

Java and C client applications can operate in FIPS compliance:
• Java Clients Java clients that use the Entrust implementation of SSL, rather
than the JSSE that is included with EMS, can operate in FIPS 140-2 complaint
mode.
To enable FIPS 140-2 operations in the Java client:
— Set the c o m . t i b c o . s e c u r i t y . F I P S property to t r u e before calling any
EMS methods.
— Download and install the Java Cryptography Extension (JCE) Unlimited
Strength Jurisdiction Policy Files for your JDK installation. These files are
available on the Sun Microsystems website.
For more information about using Entrust, see Configuring SSL in EMS
Clients on page 448.
• C Clients C clients that link to the dynamic EMS libraries can operate in FIPS
140-2 compliant mode. FIPS compliance is not available with static libraries.
To enable FIPS 140-2 operations in the C client, use compliant OpenSSL
libraries, and initialize the libraries to enable FIPS 140-2 operations before
calling any EMS functions.

C libraries support FIPS compliance only on Windows, Linux, and Solaris 10 (x86)
platforms. On UNIX, only the 64-bit C libraries are supported. No 32-bit support
is provided.

TIBCO Enterprise Message Service User’s Guide

 | 461

Chapter 19 Fault Tolerance

This chapter describes the fault tolerance features of TIBCO Enterprise Message
Service.

Topics

• Fault Tolerance Overview, page 462

• Shared State Failover Process, page 464
• Unshared State Failover Process, page 468
• Shared State, page 471
• Configuring Fault-Tolerant Servers, page 475
• Configuring Clients for Fault-Tolerant Connections, page 478
• Configuring Clients for Unshared State Connections, page 482

TIBCO Enterprise Message Service User’s Guide

462
| Chapter 19 Fault Tolerance

Fault Tolerance Overview

You can arrange TIBCO Enterprise Message Service servers for fault-tolerant
operation by configuring a pair of servers—one primary and one backup. The
primary server accepts client connections, and interacts with clients to deliver
messages. If the primary server fails, the backup server resumes operation in its
place. (We do not support more than two servers in a fault-tolerant configuration.)

Shared State
A pair of fault-tolerant servers can have access to shared state, which consists of
information about client connections and persistent messages. This information
enables the backup server to properly assume responsibility for those connections
and messages. Figure 25 illustrates a fault-tolerant configuration of EMS.

Figure 25 Primary and Backup Servers with Shared State

Primary
Fault-Tolerant Server
Clients
lo
ck

Shared
State

Backup
Server

Locking To prevent the backup server from assuming the role of the primary server, the
primary server locks the shared state during normal operation. If the primary
server fails, the lock is released, and the backup server can obtain the lock.

Unshared State Failover

You can also include backup servers that do not share state. As with shared state,
a second server assumes responsibility for connections and messages after the
failure of the current server. However, unlike shared state, unshared state is
controlled by the EMS client, and unshared state failover is not as fault-tolerant as
shared state failover. Because the state is not shared among servers, messages can
be lost, duplicated, or delivered out-of-order across the failover process.
Figure 26 illustrates an unshared state fault-tolerant configuration of EMS.

TIBCO Enterprise Message Service User’s Guide

 Fault Tolerance Overview 463
|

Figure 26 Current and Second Servers with Unshared State

Current
Clients Server

Second
Server

Configuration Files
When a primary server fails, its backup server assumes the status of the primary
server and resumes operation. Before becoming the new primary server, the
backup server re-reads all of its configuration files. If the two servers share
configuration files, then administrative changes to the old primary carry over to
the new primary.

When fault-tolerant servers share configuration files, you must limit configuration
changes to the current primary server only. Separately reconfiguring the backup
server can cause it to overwrite the shared configuration files; unintended
misconfiguration can result.

TIBCO Enterprise Message Service User’s Guide

464
| Chapter 19 Fault Tolerance

Shared State Failover Process

This section presents details of the shared state failover sequence.

Detection
A backup server detects a failure of the primary in either of two ways:
• Heartbeat Failure—The primary server sends heartbeat messages to the backup
server to indicate that it is still operating. When a network failure stops the
servers from communicating with each other, the backup server detects the
interruption in the steady stream of heartbeats. For details, see Heartbeat
Parameters on page 467.
• Connection Failure—The backup server can detect the failure of its TCP
connection with the primary server. When the primary process terminates
unexpectedly, the backup server detects the broken connection.

Response
When a backup server (B) detects the failure of the primary server (A), then B
attempts to assume the role of primary server. First, B obtains the lock on the
current shared state. When B can access this information, it becomes the new
primary server.

Figure 27 Failed Primary Server

Failed
Fault-Tolerant A Server
Clients

Shared
State
ck

B
lo

Primary
Server

Lock Unavailable
If B cannot obtain the lock immediately, it alternates between attempting to obtain
the lock (and become the primary server), and attempting to reconnect to A (and
resume as a backup server)—until one of these attempts succeeds.

TIBCO Enterprise Message Service User’s Guide

 Shared State Failover Process 465
|

Role Reversal
When B becomes the new primary server, A can restart as a backup server, so that
the two servers exchange roles.

Figure 28 Recovered Server Becomes Backup

Backup
Fault-Tolerant A Server
Clients

Shared
State

ck
B

lo
Primary
Server

Client Transfer
Clients of A that are configured to failover to backup server B automatically
transfer to B when it becomes the new primary server. B reads the client’s current
state from the shared storage to deliver any persistent messages to the client.

Client Notification
Client applications can receive notification when shared state failover occurs.

Java
To receive notification, Java client programs set the system property
t i b c o . t i b j m s . f t . s w i t c h . e x c e p t i o n to any value, and define an
E x c e p t i o n L i s t e n e r to handle failover notification; see the class
c o m . t i b c o . t i b j m s . T i b j m s in TIBCO Enterprise Message Service Java API
Reference.

C
To receive notification, C client programs call
tibems_setExceptionOnFTSwitch(TIBEMS_TRUE) and register the exception
callback in order to receive the notification that the reconnection was successful.

TIBCO Enterprise Message Service User’s Guide

466
| Chapter 19 Fault Tolerance

C#
To receive notification, .NET client programs call
T i b e m s . S e t E x c e p t i o n O n F T S w i t c h ( t r u e ) , and define an exception listener to
handle failover notification; see the method T i b e m s . S e t E x c e p t i o n O n F T S w i t c h
on page 294 in TIBCO Enterprise Message Service .NET API Reference.

Message Redelivery
Persistent When a failure occurs, messages with delivery mode P E R S I S T E N T, that were not
successfully acknowledged before the failure, are redelivered.

Synchronous When using durable subscribers, EMS guarantees that a message with
Mode P E R S I S T E N T delivery mode and written to a s t o r e with the property m o d e = s y n c ,
will not be lost during a failure.

Delivery Any messages that have been successfully acknowledged or committed are not
Succeeded redelivered, in compliance with the JMS 1.1 specification.

Topics All topic subscribers continue normal operation after a failover.

Transactions
A transaction is considered active when at least one message has been sent or
received by the session, and the transaction has not been successfully committed.
After a failover, attempting to commit the active transaction results in a
j a v a x . j m s . T r a n s a c t i o n R o l l e d B a c k E x c e p t i o n . Clients that use transactions
must handle this exception, and resend any messages sent during the transaction.
The backup server automatically redelivers any messages that were delivered to
the session during the transaction that rolled back.

Queues
For queue receivers, any messages that have been sent to receivers, but have not
been acknowledged before the failover, may be sent to other receivers
immediately after the failover.
A receiver trying to acknowledge a message after a failover may receive the
j a v a x . j m s . I l l e g a l S t a t e E x c e p t i o n . This exception signifies that the attempted
acknowledgement is for a message that has already been sent to another queue
receiver. This exception only occurs in this scenario, or when the session or
connection have been closed. This exception cannot occur if there is only one
receiver at the time of a failover, but it may occur for exclusive queues if more
than one receiver was started for that queue.

TIBCO Enterprise Message Service User’s Guide

 Shared State Failover Process 467
|

When a queue receiver catches a j a v a x . j m s . I l l e g a l S t a t e E x c e p t i o n , the best

course of action is to call the S e s s i o n . r e c o v e r ( ) method. Your application
program should also be prepared to handle redelivery of messages in this
situation. All queue messages that can be redelivered to another queue receiver
after a failover always have the header field J M S R e d e l i v e r e d set to t r u e ;
application programs must check this header to avoid duplicate processing of the
same message in the case of redelivery.

Acknowledged messages are never redelivered (in compliance with the JMS
specification). The case described above occurs when the application cannot
acknowledge a message because of a failover.

Heartbeat Parameters
When the primary server heartbeat stops, the backup server waits for its
activation interval (elapsed time since it detected the most recent heartbeat); then
the backup server retrieves information from shared storage and assumes the role
of primary server.
The default heartbeat interval is 3 seconds, and the default activation interval is
10 seconds. The activation interval must be at least twice the heartbeat interval.
Both intervals are specified in seconds. You can set these intervals in the server
configuration files. See Fault Tolerance Parameters on page 196 for details.

TIBCO Enterprise Message Service User’s Guide

468
| Chapter 19 Fault Tolerance

Unshared State Failover Process

This section presents details of the unshared state failover sequence. Detailed
configuration information is provided in Configuring Clients for Unshared State
Connections on page 482.

Detection Unshared state failover is initiated by the EMS client. When a client setup for
unshared state detects a lost connection to server (A), it attempts to connect to
server (B), as defined in the connection factory.

Figure 29 Unshared State Failover

A Failed
Clients Server

B Current
Server

Response Clients with unshared state connections automatically connect to B after losing
the connection to A.
When clients setup for unshared state detect lost connections to server A, they
create new connections to server, B. All runtime objects from the client's
connection are recreated, including sessions, destinations, message producers,
and message consumers.
Because unshared state is defined in the connection factory, B remains the current
server as long as the connection is active. If the connection to B is lost, clients
attempt to connect to another server defined in the connection factory

Message Loss Because B does not have access to persistent messages that were not delivered or
acknowledged prior to the failover, some messages may be lost or delivered out of
order across the failover process. To prevent message loss, use shared state
failover.

Unsupported These features and Java classes are not supported with unshared state
Features connections:
• XA transactions
• Durable topic subscribers

TIBCO Enterprise Message Service User’s Guide

 Unshared State Failover Process 469
|

• ConnectionConsumer
• ServerSession
• ServerSessionPool
• QueueRequestor
• TopicRequestor

Dual State Failover

An unshared state connection factory can include shared-state server pairs in its
list of backup servers. When both shared state and unshared state servers are
included, the failover process is a combination of both types of failover.
Figure 30 illustrates the dual state failover process.

Figure 30 Dual State Failover Process

A1

A2

B1

Legend

EMS Server

Shared State Storage B2

Device
EMS Client

Current Server Connection

Failed Server Connection

TIBCO Enterprise Message Service User’s Guide

470
| Chapter 19 Fault Tolerance

In this example, servers A1 and A2 share state. Servers B1 and B2 also share state.
However, A1 and A2 do not share state with B1 and B2.
The EMS clients created connections using unshared state connection factories.
The initial server connections were with server A1. When the connection to A1
failed, the failover process proceeded as described in Shared State Failover
Process on page 464, and the clients connect to A2.
A2 then failed, before A1 restarted. The clients next created connections to B1,
recreating all runtime objects from the connection (as described above in
Unshared State Failover Process). B1 is now the current server. Because B1 and B2
share state, If B1 fails, B2 becomes the current server.

TIBCO Enterprise Message Service User’s Guide

 Shared State 471
|

Shared State

For the most robust failover protection, the primary server and backup server
must share the same state. Server state includes three categories of information:
• persistent message data (for queues and topics)
• client connections of the primary server
• metadata about message delivery
During a failover, the backup server re-reads all shared state information.

Implementing Shared State

We recommend that you implement shared state using shared storage devices.
The shared state must be accessible to both the primary and backup servers.

Support Criteria
Several options are available for implementing shared storage using a
combination of hardware and software. EMS requires that your storage solution
guarantees all four criteria in Table 70.

Always consult your shared storage vendor and your operating system vendor to
ascertain that the storage solution you select satisfies all four criteria.

Table 70 Shared Storage Criteria for Fault Tolerance

Criterion Description
Write Order The storage solution must write data blocks to shared storage
in the same order as they occur in the data buffer.
(Solutions that write data blocks in any other order (for
example, to enhance disk efficiency) do not satisfy this
requirement.)

Synchronous Write Persistence Upon return from a synchronous write call, the storage
solution guarantees that all the data have been written to
durable, persistent storage.

TIBCO Enterprise Message Service User’s Guide

472
| Chapter 19 Fault Tolerance

Table 70 Shared Storage Criteria for Fault Tolerance

Criterion Description
Distributed File Locking The EMS servers must be able to request and obtain an
exclusive lock on the shared storage. The storage solution must
not assign the locks to two servers simultaneously. (See
Software Options on page 473.)
EMS servers use this lock to determine the primary server.

Unique Write Ownership The EMS server process that has the file lock must be the only
server process that can write to the file. Once the system
transfers the lock to another server, pending writes queued by
the previous owner must fail.

Hardware Options
Consider these examples of commonly-sold hardware options for shared storage:
• Dual-Port SCSI device
• Storage Area Network (SAN)
• Network Attached Storage (NAS)

SCSI and SAN Dual-port SCSI and SAN solutions generally satisfy the Write Order and
Synchronous Write Persistence criteria. (The clustering software must satisfy the
remaining two criteria.) As always, you must confirm all four requirements with
your vendors.

NAS NAS solutions require a CS (rather than a CFS) to satisfy the Distributed File
Locking criterion (see below).
Some NAS solutions satisfy the criteria, and some do not; you must confirm all
four requirements with your vendors.

NAS with NFS When NAS hardware uses NFS as its file system, it is particularly difficult to
determine whether the solution meets the criteria. Our research indicates the
following conclusions:
• NFS v2 and NFS v3 definitely do not satisfy the criteria.
• NFS v4 with TCP might satisfy the criteria. Consult with the NAS vendor to
verify that the NFS server (in the NAS) satisfies the criteria. Consult with the
operating system vendor to verify that the NFS client (in the OS on the server
host computer) satisfies the criteria. When both vendors certify that their
components cooperate to guarantee the criteria, then the shared storage
solution supports EMS.

TIBCO Enterprise Message Service User’s Guide

 Shared State 473
|

For more information on how the EMS locks shared store files, see How EMS
Manages Access to Shared Store Files on page 113.

Software Options
Consider these examples of commonly-sold software options:
• Cluster Server (CS)
A cluster server monitors the EMS server processes and their host computers,
and ensures that exactly one server process is running at all times. If the
primary server fails, the CS restarts it; if it fails to restart the primary, it starts
the backup server instead.
• Clustered File System (CFS)
A clustered file system lets the two EMS server processes run simultaneously.
It even lets both servers mount the shared file system simultaneously.
However, the CFS assigns the lock to only one server process at a time. The
CFS also manages operating system caching of file data, so the backup server
has an up-to-date view of the file system (instead of a stale cache).
With dual-port SCSI or SAN hardware, either a CS or a CFS might satisfy the
Distributed File Locking criterion. With NAS hardware, only a CS can satisfy this
criterion (CFS software generally does not). Of course, you must confirm all four
requirements with your vendors.

Messages Stored in Shared State

Messages with P E R S I S T E N T delivery mode are stored, and are available in the
event of primary server failure. Messages with N O N _ P E R S I S T E N T delivery mode
are not available if the primary server fails.
For more information about recovery of messages during failover, see Message
Redelivery on page 466.

Storage Files
By default, the t i b e m s d server creates three file-based stores to store shared state:
• $ s y s . f a i l s a f e —This store holds persistent messages using synchronous
I/O calls.
• $ s y s . n o n f a i l s a f e —This file stores messages using asynchronous I/O calls.
• $ s y s . m e t a —This store holds state information about durable subscribers,
fault-tolerant connections, and other metadata.

TIBCO Enterprise Message Service User’s Guide

474
| Chapter 19 Fault Tolerance

These stores are fully customizable through parameters in the stores

configuration file. More information about these files and the default
configuration settings are fully described in s t o r e s . c o n f on page 237.
To prevent two servers from using the same store file, each server restricts access
to its store file for the duration of the server process. For more information on
how the EMS manages shared store files, see How EMS Manages Access to
Shared Store Files on page 113.

These default files can be changed or modified. See Default Store Files on page 30
for more information.

Storage Parameters
Several configuration parameters apply to EMS storage files (even when
fault-tolerant operation is not configured); see Storage File Parameters on
page 189.

TIBCO Enterprise Message Service User’s Guide

 Configuring Fault-Tolerant Servers 475
|

Configuring Fault-Tolerant Servers

Shared State
To configure an EMS server as a fault-tolerant backup, set these parameters in its
main configuration file (or on the server command line):
• server Set this parameter to the same server name in the configuration
files of both the primary server and the backup server.
• ft_active In the configuration file of the primary server, set this
parameter to the URL of the backup server. In the configuration file of the
backup server, set this parameter to the URL of the primary server.
When the backup server starts, it attempts to connect to the primary server. If it
establishes a connection to the primary, then the backup server enters standby
mode. If it cannot establish a connection to the primary, then the backup server
assumes the role of the primary server (in active mode).
While the backup server is in standby mode, it does not accept connections from
clients. To administer the backup server, the a d m i n user can connect to it using the
administration tool.

Authorization and Fault-Tolerant Servers

EMS authorization interacts with fault tolerance. If a u t h o r i z a t i o n is enabled
and the two EMS Servers are configured for fault tolerance, then both servers in a
fault-tolerant pair must be configured as follows:
• The t i b e m s d . c o n f file for each server must have the same server name and
password (the s e r v e r and p a s s w o r d parameters must be the same on each
server).
• The user name and password in the u s e r s . c o n f file for each server must
match the values of the s e r v e r and p a s s w o r d parameters in the
t i b e m s d . c o n f file.

If the two EMS Servers are not sharing a u s e r s . c o n f file, make sure that you
create a user with the same name as the EMS Server, and set the user's password
with the value of the "server" password.

For example, you have two EMS Servers (Server 1 and Server 2) that are named
"EMS-SERVER" and are to use a password of "mySecret", but which do not share a
u s e r s . c o n f file. To set the user names and passwords, start the EMS
Administration Tool on each server, as described in Using the EMS
Administration Tool on page 115, and do the following.

TIBCO Enterprise Message Service User’s Guide

476
| Chapter 19 Fault Tolerance

From the active (Server 1), enter:

set server password=mySecret
create user EMS-SERVER password=mySecret

From the backup (Server 2), enter:

set server password=mySecret
create user EMS-SERVER password=mySecret

From the active (Server 1), enter:

set server authorization=enabled

From the backup (Server 2), enter:

set server authorization=enabled

SSL
You can use SSL to secure communication between a pair of fault-tolerant servers.
Parameters in the main configuration file (t i b e m s d . c o n f ) affect this behavior.
The relevant parameters all begin with the prefix f t _ s s l .
The server initializing a secure connection to another server uses the f t _ s s l
parameters to determine the properties of its secure connection to the other
server. The receiving server validates the incoming connection against its own
s s l _ parameters. For more information about f t _ s s l parameters, see Fault
Tolerance Parameters on page 196. For more information about s s l _ parameters,
see SSL Server Parameters on page 208.

See Also Chapter 18, Using the SSL Protocol, on page 441

Reconnect Timeout
When a backup server assumes the role of the primary server during failover,
clients attempt to reconnect to the backup server (that is, the new primary) and
continue processing their current message state. Before accepting reconnects from
the clients, the backup server reads its message state from the shared state files.
You can instruct the server to clean up state information for clients that do not
reconnect before the time limit specified by the f t _ r e c o n n e c t _ t i m e o u t
configuration parameter. The f t _ r e c o n n e c t _ t i m e o u t time starts once the server
has fully recovered the shared state, so this value does not account for the time it
takes to recover the store files. See f t _ r e c o n n e c t _ t i m e o u t on page 197 for
details.

TIBCO Enterprise Message Service User’s Guide

 Configuring Fault-Tolerant Servers 477
|

Unshared State
When configuring a fault tolerant pair that does not share state, you must ensure
that both servers use identical configurations. This is especially important for
these configuration settings:
• Destinations Both servers must support the same destinations.
• Routes Messages must be able to arrive at the endpoints, using equivalent or
identical routes across servers.
• Access Control Access control must be setup identically in both servers, so
that the u s e r s . c o n f , g r o u p s . c o n f , and a c l . c o n f file settings match.
• SSL When SSL is deployed, both servers must use the same certificate(s).

TIBCO Enterprise Message Service User’s Guide

478
| Chapter 19 Fault Tolerance

Configuring Clients for Fault-Tolerant Connections

When a backup server assumes the role of the primary server during failover,
clients attempt to reconnect to the backup server (that is, the new primary). To
enable a client to reconnect, you must specify the URLs of both servers when
creating a connection.
Specify multiple servers as a comma-separated list of URLs. Both URLs must use
the same protocol (either t c p or s s l ). For example, to identify the first server as
t c p : / / s e r v e r 0 : 7 2 2 2 , and the second server as t c p : / / s e r v e r 1 : 7 3 4 4 (if first
server is not available), you can specify:
serverUrl=tcp://server0:7222, tcp://server1:7344

The client attempts to connect to each URL in the order listed. If a connection to
one URL fails, the client tries the next URL in the list. The client tries the URLs in
sequence until all URLs have been tried. If the first failed connection was not the
first URL in the list, the attempts wrap to the start of the list (so each URL is tried).
If none of the attempts succeed, the connection fails.
For information on how to lookup a fault-tolerance URL in the EMS naming
service, see Performing Fault-Tolerant Lookups on page 342.

The reconnection logic in the client is triggered by the specifying multiple URLs
when connecting to a server. If no backup server is present, the client must still
provide at least two URLs (typically pointing to the same server) in order for it to
automatically reconnect to the server when it becomes available after a failure.

When messages are sent in non-persistent or reliable modes, the consumer does
not normally wait for a server reply to its acknowledgements. However, a fault
tolerant consumer does wait for a server reply (when using an acknowledgement
mode other than D U P S _ O K _ A C K N O W L E D G E or
E X P L I C I T _ C L I E N T _ D U P S _ O K _ A C K N O W L E D G E ). This is true for shared state
configurations. Unshared state configurations, which tolerate lost, duplicated,
and out-of-order messages during a failover, do not wait for server
acknowledgements.

Specifying More Than Two URLs

Even though there are only two servers (the primary and backup servers), clients
can specify more than two URLs for the connection. For example, if each server
has more than one listen address, a client can reconnect to the same server at a
different address (that is, at a different network interface).

TIBCO Enterprise Message Service User’s Guide

 Configuring Clients for Fault-Tolerant Connections 479
|

Setting Reconnection Failure Parameters

EMS allows you to establish separate parameters for initial connection attempts
and reconnection attempts. How to set the initial connection attempt parameters
is described in Setting Connection Attempts, Timeout and Delay Parameters on
page 314. This section describes the parameters you can establish for reconnection
attempts following a fault-tolerant switchover.
The reason for having separate connect and reconnect attempt parameters is that
there is a limit imposed by the operating system to the number of connection
attempts the EMS server can handle at any particular time. (For example, in Unix,
this limit is adjusted by the u l i m i t setting.) Under normal circumstances, each
connect attempt is distributed so it is less likely for the server to exceed its
maximum accept queue. However, during a fault-tolerant switchover, all of the
clients automatically try to reconnect to the backup server at approximately the
same time. When the number of connections is large, it may require more time for
each client to reconnect than for the initial connect.
By default, a client will attempt reconnection 4 times with a 500 ms delay between
each attempt. You can modify these settings in the f a c t o r i e s . c o n f file or by
means of your client connection factory API, as demonstrated by the examples in
this section.
The following examples establish a reconnection count of 10, a delay of 1000 ms
and a timeout of 1000 ms.

Java
Use the T i b j m s C o n n e c t i o n F a c t o r y object’s s e t R e c o n n A t t e m p t C o u n t ( ) ,
s e t R e c o n n A t t e m p t D e l a y ( ) , and s e t R e c o n n A t t e m p t T i m e o u t ( ) methods to
establish new reconnection failure parameters:
factory.setReconnAttemptCount(10);
factory.setReconnAttemptDelay(1000);
factory.setReconnAttemptTimeout(1000);

C
Use the t i b e m s C o n n e c t i o n F a c t o r y _ S e t R e c o n n e c t A t t e m p t C o u n t ,
t i b e m s C o n n e c t i o n F a c t o r y _ S e t R e c o n n e c t A t t e m p t D e l a y , and
t i b e m s C o n n e c t i o n F a c t o r y _ S e t R e c o n n e c t A t t e m p t T i m e o u t functions to
establish new reconnection failure parameters:
status = tibemsConnectionFactory_SetReconnectAttemptCount(
factory, 10);

status = tibemsConnectionFactory_SetReconnectAttemptDelay(
factory, 1000);

status = tibemsConnectionFactory_SetReconnectAttemptTimeout(

TIBCO Enterprise Message Service User’s Guide

480
| Chapter 19 Fault Tolerance

factory, 1000);

TIBCO Enterprise Message Service User’s Guide

 Configuring Clients for Fault-Tolerant Connections 481
|

C#
Use the C o n n e c t i o n F a c t o r y . S e t R e c o n n A t t e m p t C o u n t ,
C o n n e c t i o n F a c t o r y . S e t R e c o n n A t t e m p t D e l a y, and
C o n n e c t i o n F a c t o r y . S e t R e c o n n A t t e m p t T i m e o u t methods to establish new
reconnection failure parameters:
factory.setReconnAttemptCount(10);
factory.setReconnAttemptDelay(1000);
factory.setReconnAttemptTimeout(1000);

TIBCO Enterprise Message Service User’s Guide

482
| Chapter 19 Fault Tolerance

Configuring Clients for Unshared State Connections

Unshared state failover is an extension of the JMS specification. Because state is

not shared among servers, messages can be lost, duplicated, or delivered
out-of-order across the failover process.

Unshared state connections are created differently from shared state connections
in three important ways. First, there is a JAR file that must be present in the
environment C L A S S P A T H of the client. Second, the connection must be created
using an unshared state connection factory. And finally, the server URLs must be
specified using unshared state syntax.

Include the tibjmsufo JAR File

Before creating the connection factory, ensure that the C L A S S P A T H includes the
JAR file:
tibjmsufo.jar

Create an Unshared State Connection Factory

To create unshared state connections, use the c o m . t i b c o . t i b e m s . u f o package
and methods.

Connection When an unshared state connection fails, the connection’s E x c e p t i o n L i s t e n e r

Recovery callback is invoked. To recover the connection—repair it so that it is connected to
an active server—the client application calls the connection factory’s
r e c o v e r C o n n e c t i o n method. This must be performed in the
E x c e p t i o n L i s t e n e r callback. The r e c o v e r C o n n e c t i o n method blocks until the
connection (and its related objects, including sessions, producers, and consumers)
are fully recreated, or until it has failed in all its attempts to recreate these objects.
As long as the unshared state client has a valid connection, the API behaves the
same as the standard EMS client. However, when the unshared state client’s
connection is broken, the API performs as follows:
1. Methods called inside a M e s s a g e L i s t e n e r callback immediately return a
ConnectionFailureException.

2. Methods called elsewhere block until the connection is valid again.

Note that the connection is considered broken from the point where the
underlying TCP/SSL connection fails, and until r e c o v e r C o n n e c t i o n successfully
returns.

TIBCO Enterprise Message Service User’s Guide

 Configuring Clients for Unshared State Connections 483
|

Specify Server URLs

When a server connection is lost during an unshared state failover, clients attempt
to reconnect to the second server. To enable a client to reconnect, you must specify
the URLs of both servers when creating a connection.
• Unshared State Specify multiple servers as a list of URLs separated by plus
(+) signs. For example, to identify the first server as t c p : / / s e r v e r 0 : 7 2 2 2 ,
and the second server as t c p : / / s e r v e r 1 : 7 3 4 4 , you can specify:
serverUrl=tcp://server0:7222+tcp://server1:7344

• Dual State To combine shared state server pairs with unshared state servers,
use commas to separate the servers that share state, and plus (+ ) signs to
separate servers that do not share state. For example, this line specifies server
a 1 and a 2 as a fault-tolerant pair that share state, and servers b 1 and b 2 as a
second pair with shared state:
serverUrl=tcp://a1:8222,tcp://a2:8222+tcp://b1:8222,tcp://b2:8222

Note that a 1 and a 2 do not share state with b 1 and b 2 .

The client attempts to connect to each URL in the order listed. If a connection to
one URL fails, the client tries the next URL in the list. The client tries the URLs in
sequence until all URLs have been tried. If the first failed connection was not the
first URL in the list, the attempts wrap to the start of the list (so each URL is tried).
If none of the attempts succeed, the connection fails.

Server lookup functions do not permit unshared state syntax. That is, you cannot
separate server URLs using the plus (+ ) symbol during a server lookup.

TIBCO Enterprise Message Service User’s Guide

484
| Chapter 19 Fault Tolerance

TIBCO Enterprise Message Service User’s Guide

 | 485

Chapter 20 Working With Routes

This chapter describes routing of messages among TIBCO Enterprise Message

Service servers.

Topics

• Overview of Routing, page 486

• Route, page 487
• Zone, page 490
• Active and Passive Routes, page 493
• Configuring Routes and Zones, page 494
• Routed Topic Messages, page 499
• Routed Queues, page 504
• Routing and Authorization, page 507

TIBCO Enterprise Message Service User’s Guide

486
| Chapter 20 Working With Routes

Overview of Routing

TIBCO Enterprise Message Service servers can route messages to other servers.
• Topic messages can travel one hop or multiple hops (from the first server).
• Queue messages can travel only one hop to the home queue, and one hop from
the home queue.
You can define routes using an administrative interface (that is, configuration
files, t i b e m s a d m i n , or administration APIs).

TIBCO Enterprise Message Service User’s Guide

 Route 487
|

Route

Basic Operation
• Each route connects two TIBCO Enterprise Message Service servers.
• Each route forwards messages between corresponding destinations (that is,
global topics with the same name, or explicitly routed queues) on its two
servers.
• Routes are bidirectional; that is, each server in the pair forwards messages
along the route to the other server.
For example, the compact view at the top of Figure 31 denotes a route between
two servers, A and B. The exploded view beneath it illustrates the behavior of the
route. Each server has a global topic named T1, and a routed queue Q1; these
destinations correspond, so the route forwards messages between them. In
addition, server A has a global topic T2, which does not correspond to any topic
on server B. The route does not forward messages from T2.

Figure 31 Routes: bidirectionality and corresponding destinations

Route
Server: A Server: B

Server: A Server: B

Queue:
Queue: Q1
Q1@A

Topic: T1 Topic: T1

Topic: T2

TIBCO Enterprise Message Service User’s Guide

488
| Chapter 20 Working With Routes

Global Destinations
Routes forward messages only between global destinations—that is, for topics the
g l o b a l property must be set on both servers (for queues, see Routed Queues on
page 504). (For more information about destination properties, See Destination
Properties on page 55.)
Figure 32 illustrates a route between two servers, C and D, with corresponding
destinations T1 and T2. Notice that T1 is global on both C and D, so both servers
forward messages across the route to the corresponding destination. However, T2
is not global on C, neither C nor D forward T2 messages to one another.

Figure 32 Routes: global destinations

Server: C Server: D

T1 T1
global=true global=true

T2
T2
global=true

Unique Routing Path

It is illegal to define a set of routes that permit a message to reach a server by more
than one path. TIBCO Enterprise Message Service servers detect illegal duplicate
routes and report them as configuration errors.
Figure 33 on page 489 depicts two sets of routes. On the left, the routes connecting
servers A, B, C, D and E form an acyclic graph, with only one route connecting
any pair of servers; this configuration is legal (in any zone).
In contrast, the routing configuration on the right is illegal in a multi-hop zone.
The graph contains redundant routing paths between servers Q and S (one direct,
and one through R and T).

Note that the configuration on the right is illegal only in a multi-hop zone; it is
legal in a one-hop zone. For further information, see Zone on page 490.

TIBCO Enterprise Message Service User’s Guide

 Route 489
|

Figure 33 Routes: Unique Path

Legal Illegal (in a multi-hop zone)

A B C P Q R

D E S T

TIBCO Enterprise Message Service User’s Guide

490
| Chapter 20 Working With Routes

Zone

Zones restrict the behavior of routes, so you can configure complex routing paths.
Zones affect topic messages, but not queue messages.

Basic Operation
A zone is a named set of routes. Every route belongs to a zone. A zone affects the
forwarding behavior of its routes:
• In a multi-hop (m h o p ) zone, topic messages travel along all applicable routes
to all servers connected by routes within the zone.
• In a one-hop (1 h o p ) zone, topic messages travel only one hop (from the first
server).
• Queue messages travel only one hop, even within multi-hop zones.
For example, Figure 34 depicts a set of servers connected by routes within a
multi-hop zone, Z1. If a client sends a message to a global topic on server B, the
servers forward the message to A, C, D and E (assuming there are subscribers at
each of those servers). In contrast, if Z1 were a one-hop zone, B would forward
the message to A, C and D—but D would not forward it E.

Figure 34 Zones: multi-hop

A B C

Zone: Z1
mhop

D E

Eliminating Redundant Paths with a One-Hop Zone

Figure 35 illustrates an enterprise with four servers:
• B1 and B2 serve producers at branch offices of an enterprise.
• M serves consumers at the main office, which process the messages from the
branches.
• R serves consumers that record messages for archiving, auditing, and backup.

TIBCO Enterprise Message Service User’s Guide

 Zone 491
|

The goal is to forward messages from B1 and B2 to both M and R. The routing
graph seems to contain a cycle—the path from B1 to M to B2 to R duplicates the
route from B1 to R. However, since these routes belong to the one-hop zone Z2, it
is impossible for messages to travel the longer path. Instead, this limitation results
in the desired result—forwarding from B1 to M and R, and from B2 to M and R.

Figure 35 Zones: one-hop

B1 B2

Zone: Z2
1hop

M R

Overlapping Zones
A server can have routes that belong to several zones. When zones overlap at a
server, the routing behavior within each zone does not limit routing in other
zones. That is, when a forwarded message reaches a server with routes in several
zones, the message crosses zone boundaries, and its hop count is reset to zero.
Figure 36 on page 492 illustrates an enterprise with one-hop zones connecting all
the servers in each of several cities in a fully-connected graph. Zone TK connects
all the servers in Tokyo; zone NY connects all the servers in New York; zone PA
connects all the servers in Paris. In addition, the multi-hop zone WO connects one
server in each city.
When a client of server TK3 produces a message, it travels one hop to each of the
other Tokyo servers. When the message reaches TK1, it crosses into zone WO. TK1
forwards the message to NY1, which in turn forwards it to PA1. When the
message reaches NY1, it crosses into zone NY (with hop count reset to zero); NY1
forwards it one hop to each of the other New York servers. Similarly, when the
message reaches PA1, it crosses into zone PA (with hop count reset to zero); PA1
forwards it one hop to each of the other Paris servers.

TIBCO Enterprise Message Service User’s Guide

492
| Chapter 20 Working With Routes

Figure 36 Zones: overlap

TK3 TK2 PA2 PA3

Zone: TK Zone: WO Zone: PA

TK4 1hop TK1 PA1 1hop PA4
mhop

NY1 NY2

Zone: NY
NY4 1hop NY3

TIBCO Enterprise Message Service User’s Guide

 Active and Passive Routes 493
|

Active and Passive Routes

A route connects two servers. You may configure a route at either or both of the
servers.

Active-Passive When you configure a route at only one server, this asymmetry results in two
Routes perspectives on the route:
• A route is active from the perspective of the server where it is configured. This
server actively initiates the connection to the other server, so we refer to it as
the active server, or initiating server.
• A route is passive from the perspective of the other server. This server
passively accepts connection requests from the active server, so we refer to it
as the passive server.
A server can have both active and passive routes. That is, you can configure
server S to initiate routes, and also configure other servers to initiate routes to S.
You can specify and modify the properties of an active route, but not those of a
passive route. That is, properties of routes are associated with the server where
the route is configured, and which initiates the connection.

Note that defining a route specifies a zone as well (either implicitly or explicitly).
The first route in the zone defines the type of the route; subsequent routes in the
same zone must have the same zone type (otherwise, the server reports an error).

Active-Active Two servers can both configure an active route one to the other. This arrangement
Routes is called an active-active configuration. For example, server A specifies a route to
server B, and B specifies a route to A. Either server can attempt to initiate the
connection. This configuration results in only one connection; it does not result in
redundant routes.
You can promote an active-passive route to an active-active route. To promote a
route, use this command on the passive server:
create route name u r l = url
The url argument is required, so that the server (where the route is being
promoted) can connect to the other server if the route becomes disconnected.
See also c r e a t e r o u t e on page 124.
The promoted route behaves as a statically configured route—that is, it persists
messages for durable subscribers, and stores its configuration in r o u t e s . c o n f ,
and administrators can modify its properties.

TIBCO Enterprise Message Service User’s Guide

494
| Chapter 20 Working With Routes

Configuring Routes and Zones

You can create routes using the administration tool (see Chapter 6 on page 115), or
the administration APIs (see c o m . t i b c o . t i b j m s . a d m i n . R o u t e I n f o in the online
documentation).

Syntax To create a route using the administration tool, first connect to one of the servers,
then use the c r e a t e r o u t e command with the following syntax:
create route name u r l = URL z o n e _ n a m e = zone_name z o n e _ t y p e = 1 h o p | m h o p properties
• name is the name of the server at the other end of the route; it also becomes the
name of the route.
• URL specifies the other server by its URL—including protocol and port.
If your environment is configured for fault tolerance, the URL can be a
comma-separated list of URLs denoting fault-tolerant servers. For more
information about fault tolerance, see Chapter 19, Fault Tolerance, on
page 461.
• zone_name specifies that the route belongs to the routing zone with this name.
When absent, the default value is d e f a u l t _ m h o p _ z o n e (this default yields
backward compatibility with configurations from releases earlier than 4.0).
• The zone type is either 1 h o p or m h o p . When omitted, the default value is m h o p .
• properties is a space-separated list of properties for the route. Each property has
the syntax:
prop_name=value

For gating properties that control the flow of topics along the route, see
Selectors for Routing Topic Messages on page 501.
For properties that configure the Secure Sockets Layer (SSL) protocol for the
route, see Routing and SSL on page 495.

Example For example, these commands on server A would create routes to servers B and C.
The route to B belongs to the one-hop zone Z 1 . The route to C belongs to the
multi-hop zone Z M .
create route B url=tcp://B:7454 zone_name=Z1 zone_type=1hop
create route C url=tcp://C:7455 zone_name=ZM zone_type=mhop

TIBCO Enterprise Message Service User’s Guide

 Configuring Routes and Zones 495
|
Show Routes You can display these routes using the s h o w routes command in the
administration tool:
show routes
Route T ConnID URL Zone T
B A 3 tcp://B:7454 Z1 1
C A - tcp://C:7455 ZM m

• The R o u t e column lists the name of the passive server.

• The T column indicates whether the route is active (A ) or passive (P ), from the
perspective of server A.
• The C o n n I D column contains either an integer connection ID (if the route is
currently connected, or a dash (- ) if the route is not connected.

Routes to Fault-Tolerant Servers

You can configure servers for fault tolerance. Client applications can specify the
primary and backup servers; if the client’s connection to the primary server fails,
the client can connect to the backup server and resume operation. Similarly, a
route specification can specify primary and secondary passive servers, so that if
the route to the primary server fails, the active server can connect to the backup
server and resume routing.
Failover behavior for route connections is similar to that for client connections;
see Configuring Clients for Fault-Tolerant Connections on page 478.

Example
create route B url=tcp://B:7454,tcp://BBackup:7454 zone_name=Z1 zone_type=1hop

Routing and SSL

When configuring a route, you can specify SSL parameters for the connection.
Although both participants in an SSL connection must specify a similar set of
parameters, each server specifies this information in a different place:
• The passive server must specify SSL parameters in its main configuration file,
tibemsd.conf.

• When a server initiates an SSL connection, it sends the route’s SSL parameters
to identify and authenticate itself to the passive server. You can specify these
parameters when creating the route, or you can specify them in the route
configuration file, r o u t e s . c o n f .

TIBCO Enterprise Message Service User’s Guide

496
| Chapter 20 Working With Routes

Table 71 lists the parameters that you can specify in the r o u t e s . c o n f

configuration file, or on the command line when creating a route. The parameters
for configuring SSL between routed servers are similar to the parameters used to
configure SSL between server and clients; see Chapter 18, Using the SSL Protocol,
on page 441.

Table 71 SSL Parameters for Routes (Sheet 1 of 3)

Parameter Description
ssl_identity The server’s digital certificate in PEM, DER, or
PKCS#12 format. You can copy the digital
certificate into the specification for this parameter,
or you can specify the path to a file that contains
the certificate in one of the supported formats.
For more information, see File Names for
Certificates and Keys on page 445.

ssl_issuer Certificate chain member for the server. Supply

the entire chain, including the CA root certificate.
The server reads the certificates in the chain in the
order they are presented in this parameter.
The certificates must be in PEM, DER, PKCS#7 or
PKCS#12 format.

Example
ssl_issuer = certs\CA_root.pem
ssl_issuer = certs\CA_child1.pem
ssl_issuer = certs\CA_child2.pem

For more information, see File Names for

Certificates and Keys on page 445.

ssl_private_key The local server’s private key. If the digital

certificate in s s l _ i d e n t i t y already includes this
information, then you may omit this parameter.
This parameter accepts private keys in PEM, DER
and PKCS#12 formats.
You can specify the actual key in this parameter,
or you can specify a path to a file that contains the
key.
For more information, see File Names for
Certificates and Keys on page 445.

TIBCO Enterprise Message Service User’s Guide

 Configuring Routes and Zones 497
|

Table 71 SSL Parameters for Routes (Sheet 2 of 3)

Parameter Description
ssl_password Private key or password for private keys.
You can set passwords using the t i b e m s a d m i n
tool. When passwords are set with this tool, the
password is obfuscated in the configuration file.
For more information, see Chapter 6, Using the
EMS Administration Tool, on page 115.

ssl_trusted List of certificates that identify trusted certificate

authorities.
The certificates must be in PEM, DER or PKCS#7
format. You can either provide the actual
certificates, or you can specify a path to a file
containing the certificate chain.
For more information, see File Names for
Certificates and Keys on page 445.

ssl_verify_host Specifies whether the server must verify the other

server’s certificate. The values for this parameter
are e n a b l e d and d i s a b l e d .
When omitted, the default is e n a b l e d , signifying
the server must verify the other server’s
certificate.
When this parameter is d i s a b l e d , the server
establishes secure communication with the other
server, but does not verify the server’s identity.

TIBCO Enterprise Message Service User’s Guide

498
| Chapter 20 Working With Routes

Table 71 SSL Parameters for Routes (Sheet 3 of 3)

Parameter Description
ssl_verify_hostname Specifies whether the server must verify the name
in the CN field of the other server’s certificate.
The values for this parameter are e n a b l e d and
disabled.

When omitted, the default is e n a b l e d , signifying

the server must verify the name of the connected
host or the name specified in the
s s l _ e x p e c t e d _ h o s t n a m e parameter against the
value in the server’s certificate. If the names do
not match, the connection is rejected.
When this parameter is d i s a b l e d , the server
establishes secure communication with the other
server, but does not verify the server’s name.

ssl_expected_hostname Specifies the name expected in the CN field of the

other server’s certificate. If this parameter is not
set, the default is the hostname of the other server.
This parameter is relevant only when the
s s l _ v e r i f y _ h o s t n a m e parameter is enabled.

ssl_ciphers Specifies a list of cipher suites, separated by

colons (:).
This parameter accepts both the OpenSSL name
for cipher suites, or the longer descriptive names.
For information about available cipher suites and
their names, see Specifying Cipher Suites on
page 452.

ssl_rand_egd The path for the installed entropy gathering

daemon (EGD), if one is installed. This daemon
generates random numbers.

TIBCO Enterprise Message Service User’s Guide

 Routed Topic Messages 499
|

Routed Topic Messages

A server forwards topic messages along routes only when the g l o b a l property is
defined for the topic; see a d d p r o p t o p i c on page 121 and c r e a t e t o p i c on
page 125.
Topic messages can traverse multiple hops.
When a route becomes disconnected (for example, because of network problems),
the forwarding server stores topic messages. When the route reconnects, the
server forwards the stored messages.
Servers connected by routes do exchange messages sent to temporary topics.

Propagating Registered Interest

To ensure forwarding of messages along routes, servers propagate their topic
subscriptions to other servers. For example, the top of Figure 37 depicts an
enterprise with three servers—A, M and B—connected by routes in a multi-hop
zone. The bottom of Figure 37 illustrates the mechanism at work within the
servers to route messages from a producer client of server A, through server M, to
server B and its subscriber client. Consider this sequence of events.

Figure 37 Routing: Propagating Subscribers

Zone: Z
A mhop M B

Server: A Server: M Server: B

Topic: T1 Topic: T1 Topic: T1

global global global

Subscriber Subscriber Subscriber

T1 T1 T1

Client Client
Producer Subscriber
T1 T1

TIBCO Enterprise Message Service User’s Guide

500
| Chapter 20 Working With Routes

1. All three servers configure a global topic T1.

2. At bottom right of Figure 37, a client of server B creates a subscriber to T1.
3. Server B, registers interest in T1 on behalf of the client by creating an internal
subscriber object.
4. Because a route connects servers M and B, server B propagates its interest in
T1 to server M. In response, M creates an internal subscriber to T1 on behalf of
server B. This subscriber ensures that M forwards (that is, delivers) messages
from topic T1 to B. Server B behaves as a client of server M.
5. Similarly, because a route connects servers A and M, server M propagates its
interest in T1 to server A. In response, A creates an internal subscriber to T1 on
behalf of server M. This subscriber ensures that A forwards messages from
topic T1 to M. Server M behaves as a client of server A.
6. When a producer client of server A sends a message to topic T1, A forwards it
to M. M accepts the message on its topic T1, and forwards it to B. B accepts the
message on its topic T1, and passes it to the client.

Subscriber Client If the client of server B creates a non-durable subscriber to T1, then if the client
Exit process exits, the servers delete the entire sequence of internal subscribers. When
the client restarts, it generates a new sequence of subscribers; meanwhile, the
client might have missed messages.
If the client of server B creates a durable subscriber to T1, then if the client process
exits, the entire sequence of internal subscribers remains intact; messages
continue to flow through the servers in store-and-forward fashion. When the
client restarts, it can consume all the messages that B has stored in the interim.

Server Failure In an active-active route between servers B and M, if B fails, then M retains its
internal subscriber and continues to store messages for clients of B. When B
reconnects, M forwards the stored messages.
In an active-passive route configured on B, if B fails, then M removes its internal
subscriber and does not store messages for clients of B—potentially resulting in a
gap in the message stream. When B reconnects, M creates a new internal
subscriber and resumes forwarding messages.
In an active-passive route configured on A, if either server fails, then M retains its
internal subscriber in the same way as an active-active route. However, B does not
retain its internal state which it uses to suppress duplicate messages from A and
can deliver messages to its consumers after they have consumed them. Therefore,
if it is desirable to not lose messages and to not have duplicate messages, the route
should be active-active.

TIBCO Enterprise Message Service User’s Guide

 Routed Topic Messages 501
|
Network Failure If an active-passive connection between B and M is disrupted, M displays the
same behavior as during a server failure.

maxbytes Combining durable subscribers with routes creates a potential demand for
storage—especially in failure situations. For example, if server B fails, then server
M stores messages until B resumes. We recommend that you set the m a x b y t e s or
m a x m s g s property of the topic (T1) on each server, to prevent unlimited storage
growth (which could further disrupt operation).

Selectors for Routing Topic Messages

Motivation A server forwards a global topic message along routes to all servers with
subscribers for that topic. When each of those other servers requires only a small
subset of the messages, this policy could potentially result in a high volume of
unwanted network traffic. You can specify message selectors on routes, to narrow
the subset of topic messages that traverse each route.

Message selectors on routes are different from message selectors on individual

subscribers, which narrow the subset of messages that the server delivers to the
subscriber client.

Example Figure 38 on page 501 illustrates an enterprise with a central server for processing
customer orders, and separate regional servers for billing those orders. For
optimal use of network capacity, we configure topic selectors so that each regional
server gets only those orders related to customers within its region.

TIBCO Enterprise Message Service User’s Guide

502
| Chapter 20 Working With Routes

Figure 38 Routing: Topic Selectors, example

Incoming Orders

Central Order Server

USA Orders Canada Orders Mexico Orders

USA Canada Mexico

Order Processing Order Processing Order Processing

Specifying Specify message selectors for global topics as properties of routes. You can define
Selectors these properties in two ways:
• Define selectors when creating the route (either in r o u t e s . c o n f , or with the
administrator command c r e a t e r o u t e ).
• Manipulate selectors on an existing route (using the a d d p r o p , s e t p r o p , or
removeprop administrator commands).

If you change the message selectors on a route, only incoming messages are
evaluated against the new selectors. Messages pending in the server are
re-evaluated only if the server is restarted.

Syntax The message selector properties have the same syntax whether they appear in a
command or in a configuration file:
i n c o m i n g _ t o p i c = topicName s e l e c t o r = " msg-selector"
o u t g o i n g _ t o p i c = topicName s e l e c t o r = " msg-selector"

The terms incoming and outgoing refer to the perspective of the active server—
where the route is defined.
topicName is the name of a global topic.

msg-selector is a message selector string. For detailed information about message

selector syntax, s ee the documentation for class M e s s a g e in TIBCO Enterprise
Message Service Java API Reference.

TIBCO Enterprise Message Service User’s Guide

 Routed Topic Messages 503
|
Example Syntax In the example of Figure 38, an administrator might configure these routes on the
central order server:
setprop route Canada outgoing_topic="orders" selector="country=’Canada’"
setprop route Mexico outgoing_topic="orders" selector "country=’Mexico’"
setprop route USA outgoing_topic="orders" selector="country=’USA’"

Those commands would create these entries in r o u t e s . c o n f :

[Canada]
url=ssl://canada:7222
outgoing_topic=orders selector="country=’Canada’"
...
[Mexico]
url=ssl://mexico:7222
outgoing_topic=orders selector="country=’Mexico’"
...
[USA]
url=ssl://usa:7222
outgoing_topic=orders selector="country=’USA’"
...

Symmetry outgoing_topic and i n c o m i n g _ t o p i c are symmetric. Whether A specifies a

route to B with i n c o m i n g _ t o p i c selectors, or B specifies a route to A with
o u t g o i n g _ t o p i c selectors, the effect is the same. That is, B sends only those
messages that match the selector over the route.

Active-Active In an active-active configuration, you may specify selectors on either or both

Configuration servers. If you specify o u t g o i n g _ t o p i c selector S 1 for topic T on server A, and
i n c o m i n g _ t o p i c selector S 2 for T on server B, then the effective selector for T on
the route from A to B is ( S 1 A N D S 2 ) .
See also Active and Passive Routes on page 493.

Wildcards You can specify wildcards in topic names. For each actual topic, the server uses
logical A N D to combine all the selectors that match the topic.

TIBCO Enterprise Message Service User’s Guide

504
| Chapter 20 Working With Routes

Routed Queues

With respect to routing, queues differ from topics in several respects:

• Servers route queue messages between the queue owner and adjacent servers.
• The concept of zones and hops does not apply to queue messages (only to
topic messages).
The left side of Figure 39 depicts an enterprise with three servers—P, R and S—
connected by routes. The remainder of Figure 39 illustrates the mechanisms that
routes queue messages among servers (center) and their clients (right side).

Figure 39 Routing: Queues

Server: P J Producer
Q1
P Q1@R global
- store and fwd to R
K Consumer
- proxy rcvr
Q1

Server: R L Producer
Q1
R Q1 global
- home queue M Consumer
Q1

Server: S

S Q1@R global
- proxy rcvr N Consumer
Q1

Owner & Home Server R defines a global queue named Q1. R is the owner of Q1.
Servers P and S define routed queues Q1@R. This designation indicates that these
queues depend upon and reflect their home queue (that is, Q1 on server R). Notice
that the designation Q1@R is only for the purpose of configuration; clients of P
refer to the routed queue as Q1.

TIBCO Enterprise Message Service User’s Guide

 Routed Queues 505
|
Example When J sends a message to Q1, server P forwards the message to the home
queue—Q1 on server R.
Now the message is available to receivers on all three servers, P, R and S—
although only one client can consume the message. Either Q1 on P receives it on
behalf of K; or Q1 on S receives it on behalf of N; or M receives it directly from the
home queue.

Producers From the perspective of producer clients, a routed queue stores messages and
forwards them to the home queue. For example, when J sends a message to Q1 on
server P, P forwards it to the queue owner, R, which delivers it to Q1 (the home
queue).
The message is not available for consumers until it reaches the home queue. That
is, client K cannot consume the message directly from server P.
If server R fails, or the route connection from P to R fails, P continues to store
messages from K in its queue. When P and R resume communication, P delivers
the stored messages to Q1 on R.
Similarly, routed queues do not generate an exception when the m a x b y t e s and
m a x m s g s limits are exceeded in the routed server. Clients can continue to send
messages to the queue after the limit is reached, and the messages will be stored
in the routed server until the error condition is cleared.

Consumers From the perspective of consumer clients, a routed queue acts as a proxy receiver.
For example, when L sends a message to Q1 on server R, Q1 on P can receive it
from R on behalf of K, and immediately gives it to K.
If server P fails, or the route connection from P to R fails, K cannot receive
messages from Q1 until the servers resume communication. Meanwhile, M and N
continue to receive messages from Q1. When P and R resume communication, K
can again receive messages through Q1 on P.

Receiving messages from a routed queue using either a small timeout (less than
one second) or no wait can cause unexpected behavior. A small timeout value
increases the chances that protocol messages may not be processed correctly
between the routed servers. For example, queue receivers may not be correctly
destroyed.

Configuration You must explicitly configure each routed queue in q u e u e s . c o n f —clients cannot
create routed queues dynamically.
You may use the administration tool or API to configure routed queues; see
a d d p r o p q u e u e on page 120 and c r e a t e q u e u e on page 124.

TIBCO Enterprise Message Service User’s Guide

506
| Chapter 20 Working With Routes

To configure a routed queue, specify the queue name and the server name of the
queue owner; for example, on server P, configure:
Q1@R global

It is legal to use this notation even for the home queue. The queue owner
recognizes its own name, and ignores the location designation (@ R ).

It is illegal to configure a routed queue as e x c l u s i v e .

Browsing Queue browsers cannot examine routed queues. That is, you can create a browser
only on the server that owns the home queue.

Transactions TIBCO Enterprise Message Service does not support transactional consumers on
routed queues.

XA sessions and transacted sessions (local and XA transactions) do not support

consumers on routed queues.
You may enable support for transactional consumers on routed queues in the
t i b e m s d . c o n f file. For more information, see
a l l o w _ u n s u p p o r t e d _ t x _ r o u t e d _ q _ c o n s u m e r s on page 184.

TIBCO Enterprise Message Service User’s Guide

 Routing and Authorization 507
|

Routing and Authorization

User & Password

When a server’s a u t h o r i z a t i o n parameter is enabled, other servers that actively
connect to it must authenticate themselves by name and password, or by X.509
certificate.

Figure 40 Routing: Authorization

A B

authorization=enabled authorization=disabled

Q2@B Q2

In Figure 40, servers A and B both configure active routes to one another.
• Because A enables authorization, A must configure a user named B.
• However, because B disables authorization, A need not identify itself to B, and
B need not configure a user named A.

ACL
When routing a secure topic or queue, servers consult the ACL specification
before forwarding each message. The servers must grant one another appropriate
permissions to send, receive, publish or subscribe.
For example, in Figure 40, you don’t need an ACL for messages to flow from A
(where a producer is sending to) to B (where a consumer is consuming from)
because B has authorization turned off and messages are being sent to and
consumed from queues. However, if messages were to flow from B to A (producer
connects to B and consumer connects to A), then server A's ACL should grant
user B s e n d permission on the queue Q2.
If we were to use topics in this example, then for messages to flow from A to B,
you would need A to grant B the s u b s c r i b e and d u r a b l e permission on the topic
(g l o b a l on both servers). And for messages to flow from B to A, you would have
to grant topic B p u b l i s h permission on the topic.

See Also Chapter 8, Authentication and Permissions, on page 247

TIBCO Enterprise Message Service User’s Guide

508
| Chapter 20 Working With Routes

TIBCO Enterprise Message Service User’s Guide

 | 509

Appendix A Using TIBCO Hawk

This appendix describes how to configure TIBCO Hawk so that it can be used to
administer and monitor the TIBCO Enterprise Message Service server.
For more information about TIBCO Hawk, see the TIBCO Hawk documentation.

Topics

• Overview of Server Management With TIBCO Hawk, page 510

• Installing the Classes, page 511
• Method Description, page 515

TIBCO Enterprise Message Service User’s Guide

510
| Appendix A Using TIBCO Hawk

Overview of Server Management With TIBCO Hawk

TIBCO Hawk is a tool for monitoring and managing applications and operating
systems. TIBCO Enterprise Message Service provides classes for monitoring
administering the EMS server. Table 72 describes the provided classes.

Table 72 TIBCO Enterprise Message Service classes in TIBCO Hawk

Class Description
com.tibco.tibjms.admin.hawk.HawkListener Monitoring methods that allow you to
view the status of topics, queues, routes,
and other items on the TIBCO Enterprise
Message Service server.

com.tibco.tibjms.admin.hawk.HawkController Management methods for shutting down

the TIBCO Enterprise Message Service
server and performing other
administrative functions.
This class contains all H a w k L i s t e n e r
monitoring methods as well.

If you wish to both monitor and manage the server, use the H a w k C o n t r o l l e r
class. If you only wish to monitor the server, use the H a w k L i s t e n e r class. You do
not need both classes.
To use TIBCO Hawk to manage the TIBCO Enterprise Message Service server,
you must load one of the classes provided into the TIBCO Hawk agent. Once the
class is loaded, methods for managing the EMS server are available in the TIBCO
Hawk display.
This appendix details how to install the provided classes into the TIBCO Hawk
agent and the methods available for monitoring and managing the TIBCO
Enterprise Message Service server.

TIBCO Enterprise Message Service User’s Guide

 Installing the Classes 511
|

Installing the Classes

Installing the provided classes is different for UNIX and Windows platforms. The
following sections detail how to install the TIBCO Enterprise Message Service
management classes into the TIBCO Hawk agent for each platform.

These instructions are specific to TIBCO Hawk Release 4.1.0 or later. Earlier
versions of TIBCO Hawk have a different mechanism for adding plugins. Refer to
your TIBCO Hawk documentation for details on installing plugins, if you are
using an earlier version of TIBCO Hawk.

Windows Installation
To install the provided classes for use in a TIBCO Hawk agent running on a
Windows platform, perform the following:
1. Locate the t i b j m s a d m i n . h m a file in the TIBCO Enterprise Message Service
installation directory under the EMS_HOME\ s a m p l e s \ a d m i n \ h a w k
subdirectory and copy it into your h a w k \ a d m i n - p l u g i n s directory.
2. Locate the following files in the EMS_HOME\ l i b subdirectory, and copy them
into the h a w k \ a d m i n - p l u g i n s directory:
— tibjmsadmin.jar
— tibjms.jar
— jms.jar
— tibcrypt.jar

3. Open the TIBCO Hawk Configuration Utility and make certain the
a d m i n - p l u g i n s directory is set to the location where you have installed
TIBCO Hawk plugins. To set the plugins directory, click the Agent tab, then
set the Plugins Directory field to the location where the plugins are located.
For more information about using the TIBCO Hawk Configuration Utility, see
TIBCO Hawk Installation and Configuration.
4. Navigate to your plugins directory and open the t i b j m s a d m i n . h m a file in a
text editor.
5. Specify the TIBCO Hawk microagent class you wish to use in the
< c l a s s n a m e > element. You can use either the H a w k L i s t e n e r class if you only
want to monitor the server, or you can specify the H a w k C o n t r o l l e r class if
you want to monitor and manage the server.
6. Specify the username and password and server URL to use to connect to the
TIBCO Enterprise Message Service server in the appropriate < a r g > elements.
See Table 73 on page 513.

TIBCO Enterprise Message Service User’s Guide

512
| Appendix A Using TIBCO Hawk

For example:
<arguments>
<arg>-user</arg>
<arg>admin</arg>
<arg>-password</arg>
<arg>MyPassword</arg>
<arg>-server</arg>
<arg>tcp://server1.yourcompany.com:7222</arg>
<arg>-timeout</arg>
<arg>5</arg>
</arguments>

You should specify the predefined a d m i n user or a user that is a member of the
$ a d m i n group.

7. Restart the TIBCO Hawk agent service. See the TIBCO Hawk documentation
for more information about restarting the service.

UNIX Installation
To install these classes for use in a TIBCO Hawk Agent running on a UNIX
platform, perform the following procedure:
1. Locate the t i b j m s a d m i n . h m a file in the TIBCO Enterprise Message Service
installation directory under the EMS_HOME/ s a m p l e s / a d m i n / h a w k
subdirectory and copy it into your TIBCO Hawk plugins directory.
Usually, a TIBCO Hawk plugins directory is located in
/usr/tibco/hawk/plugins.

2. Locate the following files in the EMS_HOME/ l i b subdirectory, and copy them
into the TIBCO Hawk plugins directory:
— tibjmsadmin.jar
— tibjms.jar
— jms.jar
— tibcrypt.jar

3. Edit the TIBCO Hawk h a w k a g e n t . c f g file and specify the -h m a _ p l u g i n _ d i r

option to include the directory where your TIBCO Hawk plugins are located.
For more information about editing TIBCO Hawk configuration files on
UNIX, see TIBCO Hawk Installation and Configuration.
4. Navigate to your plugins directory and open the t i b j m s a d m i n . h m a file in a
text editor.
5. Specify the TIBCO Hawk microagent class you wish to use in the
< c l a s s n a m e > element. You can use either the H a w k L i s t e n e r class if you only
want to monitor the server, or you can specify the H a w k C o n t r o l l e r class if
you want to monitor and manage the server.

TIBCO Enterprise Message Service User’s Guide

 Installing the Classes 513
|

6. Specify the username and password and server URL to use to connect to the
TIBCO Enterprise Message Service server in the appropriate < a r g > elements.
See Table 73 on page 513.
For example:
<arguments>
<arg>-user</arg>
<arg>admin</arg>
<arg>-password</arg>
<arg>MyPassword</arg>
<arg>-server</arg>
<arg>tcp://server1.yourcompany.com:7222</arg>
<arg>-timeout</arg>
<arg>5</arg>
</arguments>

You should use the predefined a d m i n user or a user that is a member of the
$ a d m i n group.

Parameters

Table 73 TIBCO Hawk MicroAgent Parameters (Sheet 1 of 2)

Parameter Description
-user The MicroAgent identifies itself with this user name and password
-password when it connects to the EMS server.
When absent, the default user name is a d m i n . When absent, the default
password is the empty string.

-user To use an encrypted password, specify this pair. As the value for
-encryptedPassword - e n c r y p t e d P a s s w o r d , supply the output you obtain by running the
Hawk utility program t i b h a w k p a s s w o r d located in your h a w k / b i n
directory:
tibhawkpassword -encrypt password
where password is your current password. See the TIBCO Hawk
Installation and Configuration Guide for details.

-server The MicroAgent connects to the EMS server at this URL (host
computer and port). When absent, the default is
tcp://localhost:7222.

TIBCO Enterprise Message Service User’s Guide

514
| Appendix A Using TIBCO Hawk

Table 73 TIBCO Hawk MicroAgent Parameters (Sheet 2 of 2)

Parameter Description
-timeout Limits the time (in seconds) that the MicroAgent waits for the EMS
server to respond to queries.
Acceptable values are in the range [5, 3600]. When absent, the default is
60.

-server_in_agent_name Includes the server name with the agent name.

To monitor multiple servers on one Hawk agent, you must include the
- s e r v e r _ i n _ a g e n t argument in the tibemsadmin.hma file.

TIBCO Enterprise Message Service User’s Guide

 Method Description 515
|

Method Description

The TIBCO Hawk classes have several methods for managing and monitoring a
TIBCO Enterprise Message Service server. These methods correspond to
commands you can issue in the administration tool.
Table 74 lists the methods of each class and the corresponding t i b e m s a d m i n
command for the method. The table also lists the page where you can find more
information about each command in Chapter 6, Using the EMS Administration
Tool, on page 115.

Table 74 TIBCO Hawk Agent methods

TIBCO Hawk Agent

tibemsadmin Command Page
Method
com.tibco.tibjms.admin.hawk.HawkListener Methods

getChannels() show channel 143

show channels

(shows information from both commands for each channel)

getMethods() This method returns the list of methods that this TIBCO —
Hawk class can perform.

getServerInfo() show server 159

getNumConnections() Returns the number of connections. —

getConnections show connections 148

getDbStores show store 161

show stores

(shows information from both commands for each database

store)

getFileStores show store 161

show stores

(shows information from both commands for each file store)

getStores() show db 151

getUsers() show users 168

TIBCO Enterprise Message Service User’s Guide

516
| Appendix A Using TIBCO Hawk

Table 74 TIBCO Hawk Agent methods

TIBCO Hawk Agent

Method tibemsadmin Command Page

getQueues( show queue 157

String regexp)
show queues

(shows information from both commands for each queue)

You can specify a queue name or a pattern to return all
matching queue names.

getRoutes() show route 158

show routes

(shows information from both commands for each route)

getTopics( show topic 164

String regexp)
show topics

(shows information from both commands for each topic)

You can specify a topic name or a pattern to return all
matching topic names.

getDurables( show durables 152

String regexp)
You can specify a topic name or a pattern to return all
matching durable subscriptions.

getConsumers() show stat consumers 160

getProducers() show stat producers 160

getListenPorts() This method returns the list of ports the TIBCO Enterprise —
Message Service server is configured to listen on.

getCMLedgerInfo( show rvcmtransportledger 159

String transport,
String subjPattern)

getTransports() show rvcmlisteners 159

getTransport( show rvcmlistener 159

String name)
Shows the name and subject of the specified RVCM listener.

isRunning() Check whether the server is reachable by attempting to —

connect to it. (Afterward, this method breaks the test
connection.)

TIBCO Enterprise Message Service User’s Guide

 Method Description 517
|

Table 74 TIBCO Hawk Agent methods

TIBCO Hawk Agent

Method tibemsadmin Command Page

com.tibco.tibjms.admin.hawk.HawkController Methods (also contains all HawkListener

methods)

compact() compact 122

shutdown() shutdown 169

purgeDurable( purge durable 132

String name,
String clientID) Specify the name of the durable subscription and the client
ID associated with the durable subscription (client ID can be
null).

purgeQueue( purge queue 132

String name)
Specify the name of the queue to purge.

purgeTopic( purge topic 132

String name)
Specify the name of the topic to purge.

rotateLog() rotatelog 134

TIBCO Enterprise Message Service User’s Guide

518
| Appendix A Using TIBCO Hawk

TIBCO Enterprise Message Service User’s Guide

 | 519

Appendix B Monitor Messages

This appendix lists all topics on which the server publishes messages for system
events. The message properties for messages published on each topic are also
described. See Monitoring Server Events on page 430 for more information about
monitor topics and messages.

Topics

• Description of Monitor Topics, page 520

• Description of Topic Message Properties, page 523

TIBCO Enterprise Message Service User’s Guide

520
| Appendix B Monitor Messages

Description of Monitor Topics

Table 75 describes each monitor topic.

Table 75 Monitor topics

Topic Message Is Published When...

$sys.monitor.admin.change The administrator has made a change to the
configuration.

$sys.monitor.connection.connect A user attempts to connect to the server.

$sys.monitor.connection.disconnect A user connection is disconnected.

$sys.monitor.connection.error An error occurs on a user connection.

$sys.monitor.consumer.create A consumer is created.

$sys.monitor.consumer.destroy A consumer is destroyed.

$sys.monitor.flow.engaged Stored messages rise above a destination’s limit,

engaging the flow control feature.

$sys.monitor.flow.disengaged Stored messages fall below a destination’s limit,

disengaging the flow control feature.

$sys.monitor.limits.connection Maximum number of hosts or connections is reached.

$sys.monitor.limits.queue Maximum bytes for queue storage is reached.

$sys.monitor.limits.server Server memory limit is reached.

$sys.monitor.limits.topic Maximum bytes for durable subscriptions is reached.

$sys.monitor.multicast.stats The message published contains low-level PGM

statistics from the server and multicast daemons.

$sys.monitor.multicast.status A message consumer subscribes or attempts to

subscribe to a multicast-enabled topic.

$sys.monitor.producer.create A producer is created.

$sys.monitor.producer.destroy A producer is destroyed.

$sys.monitor.queue.create A dynamic queue is created.

TIBCO Enterprise Message Service User’s Guide

 Description of Monitor Topics 521
|

Table 75 Monitor topics

Topic Message Is Published When...

$sys.monitor.route.connect A route connection is attempted.

$sys.monitor.route.disconnect A route connection is disconnected.

$sys.monitor.route.error An error occurs on a route connection.

$sys.monitor.route.interest A change in registered interest occurs on the route.

$sys.monitor.server.info The server sends information about an event; for

example, a log file is rotated.

$sys.monitor.server.warning The primary server detects a disconnection from the

backup server.

$sys.monitor.topic.create A dynamic topic is created.

$sys.monitor.tx.action A local transaction commits or rolls back.

$sys.monitor.xa.action An XA transaction commits or rolls back.

TIBCO Enterprise Message Service User’s Guide

522
| Appendix B Monitor Messages

Table 75 Monitor topics

Topic Message Is Published When...

$ s y s . m o n i t o r . D. E. destination A message is handled by a destination. The name of
this monitor topic includes two qualifiers (D and E)
and the name of the destination you wish to monitor.
D signifies the type of destination and whether to
include the entire message:
• T — topic, include full message (as a byte array)
into each event
• t — topic, do not include full message into each
event
• Q — queue, include full message (as a byte array)
into each event
• q — queue, do not include full message into each
event
E signifies the type of event:
• r for receive
• s for send
• a for acknowledge
• p for premature exit of message
• * for all event types
For example, $ s y s . m o n i t o r . T . r . c o r p . N e w s is the
topic for monitoring any received messages to the topic
named c o r p . N e w s . The message body of any received
messages is included in monitor messages on this
topic. The topic $ s y s . m o n i t o r . q . * . c o r p . * monitors
all message events (send, receive, acknowledge) for all
queues matching the name c o r p . * . The message body
is not included in this topic’s messages.
The messages sent to this type of monitor topic include
a description of the event, information about where the
message came from (a producer, route, external
system, and so on), and optionally the message body,
depending upon the value of D.
See Monitoring Messages on page 430 for more
information about message monitoring.

TIBCO Enterprise Message Service User’s Guide

 Description of Topic Message Properties 523
|

Description of Topic Message Properties

Table 76 describes the properties that monitor topic messages can contain. Each
monitor message can have a different set of these properties.

Table 76 Message properties

Property Contents
conn_connid Connection ID of the connection that generated the event.

conn_ft Whether the client connection is a connection to a fault-tolerant

server.

conn_hostname Hostname of the connection that generated the event.

conn_ssl Whether the connection uses the SSL protocol.

conn_type Type of connection that generated the event. This property can
have the following values:
• Admin

• Topic

• Queue

• Generic

• Route

• FT (connection to fault-tolerant server)

• Unknown

conn_username User name of the connection that generated the event.

conn_xa Whether the client connection is an XA connection.

event_action The action that caused the event. This property can have the values
listed in Table 77 on page 528.

event_class The type of monitoring event (that is, the last part of the topic
name without the $ s y s . m o n i t o r ).
For message monitoring, the value of this property is always set to
message.

event_description A text description of the event that has occurred.

TIBCO Enterprise Message Service User’s Guide

524
| Appendix B Monitor Messages

Table 76 Message properties

Property Contents
event_reason The reason the event occurred (usually an error). The values this
property can have are described in Table 78 on page 530.

event_route For routing, the route that the event occurred on.

message_bytes When the full message is to be included for message monitoring,

this field contains the message as a byte array. You can use the
c r e a t e F r o m B y t e s method (in the various client APIs) to recover
the message.

mode Message delivery mode. This values of this property can be the
following:
• persistent

• non_persistent

• reliable

msg_id Message ID.

msg_seq Message sequence number.

msg_size Message size, in bytes.

msg_timestamp Message timestamp.

msg_expiration Message expiration.

replyTo Message JMSReplyTo.

rv_reply Message RV reply subject.

source_id ID of the source object.

TIBCO Enterprise Message Service User’s Guide

 Description of Topic Message Properties 525
|

Table 76 Message properties

Property Contents
source_name Name of the source object involved with the event. This property
can have the following values:
• XID (global transaction ID)
• message_id

• connections (number of connections)

• unknown (unknown name)
• Any server property name
• the name of the user, or a n o n y m o u s

source_object Source object that was involved with the event. This property can
have the following values:
• producer

• consumer

• topic

• queue

• permissions

• durable

• server

• transaction

• user

• group

• connection

• message

• jndiname

• factory

• file

• limits (a limit, such as a memory limit)

• route

• transport

TIBCO Enterprise Message Service User’s Guide

526
| Appendix B Monitor Messages

Table 76 Message properties

Property Contents
source_value Value of source object.

stat_msgs Message count statistic for producer or consumer.

stat_size Message size statistic for producer or consumer.

target_admin Whether the target object is the a d m i n connection.

target_created Time that the consumer was created (in milliseconds since the
epoch).

target_dest_name Name of the target destination

target_dest_type Type of the target destination.

target_durable Name of durable subscriber when target is durable subscriber.

target_group Group name that was target of the event

target_hostname Hostname of the target object.

target_id ID of the target object.

target_channel Name of the multicast channel.

target_name Name of the object that was the target of the event. This property
can have the following values:
• XID (global transaction ID)
• message_id

• connections (number of connections)

• unknown (unknown name)
• Any server property name
• the name of the user, or a n o n y m o u s
• channel (multicast channel)

target_nolocal NoLocal flag when target is durable subscriber.

TIBCO Enterprise Message Service User’s Guide

 Description of Topic Message Properties 527
|

Table 76 Message properties

Property Contents
target_object The general object that was the target of the event. This property
can have the following values:
• producer

• consumer

• topic

• queue

• permissions

• durable

• server

• transaction

• user

• group

• connection

• message

• jndiname

• factory

• file

• limits (a limit, such as a memory limit)

• route

• transport

target_selector Selector when the target is a consumer.

target_subscription Subscription of the target object when target is durable subscriber.

target_url URL of the target object.

target_username Username of the target object.

target_value Value of the object that was the target of the event, such as the
name of a topic, queue, permission, and so on.

TIBCO Enterprise Message Service User’s Guide

528
| Appendix B Monitor Messages

Table 77 Event Action Property Values

Event Action Value Description

accept connection accepted

acknowledge message is acknowledged

add user added to a group

admin_commit administrator manually committed an XA

transaction

admin_rollback administrator manually rolled back an XA

transaction

commit transaction committed

connect connection attempted

create something created

delete something deleted

disconnect connection disconnected

flow_engaged stored messages rise above a destination’s limit,

engaging the flow control feature

flow_disengaged stored messages fall below a destination’s limit,

disengaging the flow control feature

interest registered interest for a route

modify something changed

grant permission granted

premature_exit message prematurely exited

purge topic, queue, or durable subscriber purged

receive message posted into destination

remove user removed from a group

resume administrator resumed a route

TIBCO Enterprise Message Service User’s Guide

 Description of Topic Message Properties 529
|

Table 77 Event Action Property Values

Event Action Value Description

revoke permission revoked

rollback transaction rolled back

rotate_log log file rotated

send message sent by server to another party

subscribe subscription request

suspend administrator suspended a route

txcommit administrator manually committed a local

transaction

txrollback administrator manually rolled back a local

transaction

xacommit an application committed an XA transaction

(2-phase)

xacommit_1phase an application committed an XA transaction

(1-phase)

xastart an application started a new XA transaction

xastart_join an application has joined (that is, added) a resource

to an existing transaction

xastart_resume an application resumed a suspended XA

transaction

xaend_fail an application ended an XA transaction, indicating

failure

xaend_success an application ended an XA transaction, indicating

success

xaend_suspend an application suspended an XA transaction

xaprepare an application prepared an XA transaction

xarecover an application called recover (to get a list of XA

transactions)

TIBCO Enterprise Message Service User’s Guide

530
| Appendix B Monitor Messages

Table 77 Event Action Property Values

Event Action Value Description

xarollback an application rolled back an XA transaction

Table 78 Event Reason Property Values

Event Reason Value Description

backup_connected The fault-tolerant backup server has connected.

backup_disconnected The fault-tolerant backup server has

disconnected.

bridge Message posted to destination as result of

bridging.

closed Connection was closed.

consumer For message monitoring, this value signifies a

message was sent or acknowledged by a
consumer. For all other cases, this value signifies
a dynamic topic or queue created for a
consumer.

cycle Cyclic route created.

disabled Feature not enabled.

discarded The oldest message on the destination has been

discarded to make room for a new message. This
occurs when o v e r f l o w P o l i c y =d i s c a r d O l d is
set on the destination and either the m a x m s g s
and/or m a x b y t e s limit set for the destination
has been exceeded.

duplicate Duplicate, such as route, global queue or topic.

error Connection disconnected due to error.

exceeded Limit exceeded.

expired Message has been expired by the server.

export Message exported to a transport.

TIBCO Enterprise Message Service User’s Guide

 Description of Topic Message Properties 531
|

Table 78 Event Reason Property Values

Event Reason Value Description

import Message imported from a transport.

invalid_name Name not valid, such as route name.

invalid_password Invalid password provided.

maxredelivery_exceeded Message has exceeded the m a x R e d e l i v e r y

count for the queue.

new_connection A new connection was established to the server.

not_authorized Not authorized to perform action.

not_connected Could not establish connection.

not_found Something was expected, but not found.

producer For message monitoring, this value signifies a

message was posted by a producer. For all other
cases, this value signifies a dynamic topic or
queue created for a producer.

reconnect_active Connection active.

reconnected_connection The connection to the server has been

reestablished.

reconnect_unknown Connection unknown.

rotatelog Log file rotated.

route For message monitoring, this value signifies a

message was sent or received from a route. For
all other cases, this value signifies a dynamic
topic or queue created for a route.

shutdown Server was shut down.

standby Server in standby mode.

subscribed Successful subscription request.

terminated Connection was terminated.

TIBCO Enterprise Message Service User’s Guide

532
| Appendix B Monitor Messages

TIBCO Enterprise Message Service User’s Guide

 | 533

Appendix C Error and Status Messages

This appendix lists all possible error messages that the server can output,
alphabetized by category.

Key to this Appendix

Category The category indicates the general class of error.

This appendix is alphabetized by category.

Description The description explains the error category in more detail.

Resolution The resolution indicates possible recovery actions that administrators should
consider.

Errors These strings represent all instances of the error, as they appear in EMS server
code. Some categories have many error instances; others have only one. These
strings can include formatting characters.

TIBCO Enterprise Message Service User’s Guide

534
| Appendix C Error and Status Messages

Error and Status Messages

Category Admin command failed

Description An admin tool or program using the admin API attempted an operation that
failed for the given reason.

Resolution The admin tool or admin API provides the failure reason. The user of the tool or
API should examine the error and correct the syntax, parameter or configuration
that is causing the failure.

Errors %s: create %s failed: conflicting zone: existing consumer has a different zone
%s: create %s failed: detected duplicate durable subscription [%s] for topic [%s].
%s: create %s failed: illegal to use wildcard %s [%s].
%s: create %s failed: invalid %s [%s].
%s: create %s failed: invalid session id=%d.
%s: create %s failed: invalid syntax of %s [%s].
%s: create %s failed: invalid temporary %s [%s].
%s: create %s failed: not allowed to create dynamic %s [%s].
Invalid consumer in recover one msg request.
Invalid sequence number in recover one msg request.

Category A durable consumer was found in the store file for a route that does not exist

Description On server startup a durable consumer was found in the store file for a route that is
not listed in the routes.conf file. This happens if the routes.conf file is manually
edited.

Resolution Make routing changes via administration tools.

Errors Discarding durable '%s' for route '%s' because the route does not exist.

Category Backup server '%s' disconnected

Description Lost connection with the backup fault-tolerant server.

Resolution Determine if the backup server is running. If it is running, check for a network

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 535
|

partition.

Errors Backup server '%s' disconnected.

Category Bad or missing value for command line parameter

Description An invalid value was supplied for a command line parameter.

Resolution Change the value of the named parameter to an acceptable value; for information
about tibemsd command line parameters, see EMS documentation.

Errors '%s' requires an integer argument.

'%s' requires a positive integer argument.
'%s' requires a string argument.

Category Basic initialization failed

Description tibemsd was unable to start.

Resolution Correct the configuration or startup parameters and restart.

Errors Unable to add admin user into admin group: error=(%d) %s

Fault tolerant activation has to be greater than 2x heartbeat
Server heartbeat client should be non-zero and no more than a third of the client
timeout server connection
Server heartbeat server should be non-zero and no more than a third of the server
timeout server connection
Client heartbeat server should be non-zero and no more than a third of the server
timeout client connection
Fault Tolerant configuration error, can't create loop.
Fault tolerant connection failed, fault tolerant mode not supported on '%s'.
Fault tolerant heartbeat has to be greater than 0
Initialization failed due to errors in configuration.
Initialization failed due to errors in SSL.
Initialization failed due to errors with transports.
Initialization failed. Exiting.

TIBCO Enterprise Message Service User’s Guide

536
| Appendix C Error and Status Messages

Initialization has failed. Exiting.

Initialization of thread pool failed (%s). Exiting.
Startup aborted.
Server failed to read configuration.
Initialization failed: storage for '%s' not found.
Failure initializing storage thread: %s.
Initialization failed due to errors with multicast.
Configuration error: dbstore_driver_name for store [%s] cannot be empty
Configuration error: dbstore_driver_url for store [%s] cannot be empty
Configuration error: dbstore_driver_dialect for store [%s] cannot be empty
Configuration error: dbstore_driver_username for store [%s] must be specified
Configuration error: dbstore_driver_password for store [%s] must be specified
Error Loading JVM: %s
Unknown Error Loading JVM
Trying JVM location: %s
Error Loading JVM: %s
Unknown Error Loading JVM
$sys.meta store's type must be 'file' or 'dbstore'.

Category Commit failed due to prior failure or after fault-tolerant switch

Description A warning message indicating that the commit of a client application's transaction
failed either because there were earlier errors when processing this transaction or
because the transaction was started on the primary server prior to a fault-tolerant
failover.

Resolution The client application should retry the transaction.

Errors Commit failed due to prior failure or after fault-tolerant switch.

Category Compaction failed

Description Compaction of the store file failed.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 537
|
Resolution The most likely cause of this error is running out of memory. Shut down tibemsd
and see remedies for Out of memory.

Errors Compaction failed on file '%s': %d (%s). Please shutdown and restart tibemsd.
Compaction failed on file '%s': %d (%s).

Category Configured durable differs from stored one

Description The durables configuration file specifies a durable with a given name and client
identifier with attributes that are different from the identically named durable
found in the meta.db file.

Resolution Correct the durables configuration file to match the durable defined in the
meta.db file or administratively delete the durable and re-define it.

Errors Configured durable '%s' differs from durable in storage, storage version used.

Category Create of global routed topic failed: not allowed to create dynamic topic

Description A server received an interest notification from another server that does not match
the allowed topics in its configuration.

Resolution This only is printed when the trace includes ROUTE_DEBUG. If the server's topic
definitions are as expected, this statement can be ignored or remove the
ROUTE_DEBUG trace specification to prevent printing.

Errors Create of global routed topic failed: not allowed to create dynamic topic [%s].

Category Create of routed queue failed: not allowed to create dynamic queue

Description A warning indicating that a tibemsd with a route to this daemon has a queue
configured to be global but this daemon does not permit the creation of that
queue dynamically.

Resolution Add the specified queue or a pattern that includes it to this daemon if you want
the queue to be accessible from this daemon, otherwise the warning can be
ignored.

Errors Create of routed queue failed: not allowed to create dynamic queue [%s].

TIBCO Enterprise Message Service User’s Guide

538
| Appendix C Error and Status Messages

Category Database record damaged

Description An error occurred reading one of the tibemsd store files.

Resolution Send details of the error and the situation in which it occurred to TIBCO Support.

Errors Server failed to recover state.

Category Authentication error

Description The EMS server failed to authenticate the user or password.

Resolution Ensure the user is defined to EMS by one of the methods allowed by the
user_auth parameter in the main configuration file. The user is either specified by
the application or in the SSL certificate. If the user is defined, reset the password
and try again.

Errors Unable to initialize connection, SSL username error.

LDAP authentication failed for user '%s', status = %d
LDAP authentication failed for user '%s', no password provided

Category Duplicate message detected

Description Warning generated when tibemsd receives a message with a message id that
matches another message's message id.

Resolution Only seen when message id tracking is enabled.

Errors Detected duplicate %s message, messageID='%s'

Category Error in configuration file

Description The server encountered an invalid configuration statement in the specified

configuration file on the specified line.

Resolution Examine the appropriate configuration file and correct the syntax error.

Errors Configuration warning: file=%s, line=%d: route '%s' does not have a user
configured for authorization.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 539
|

SSL Configuration error: file=%s, line=%d: invalid certificate file name, unknown
extension or invalid encoding specification
Configuration error: file=%s, line=%d: illegal to specify %s for routed queue
Configuration error: file=%s, line=%d: bad destination specification: %s
Configuration warning: file=%s, line=%d: illegal to specify prefetch=none for
global or routed queue. Prefetch reset to default.
Configuration warning: file=%s, line=%d: illegal to specify prefetch=none for
topic. Prefetch reset to default.
Configuration error: file=%s, line=%d: ignored alias '%s' for %s '%s' because such
alias already exists
Configuration error: file=%s, line=%d: both tibrv_export and tibrvcm_export are
specified, ignoring tibrv_export
Configuration error: file=%s, line=%d: ignoring transport '%s' in %s list, transport
not found
Configuration error: file=%s, line=%d: multiple bridge entries for the same
destination '%s' are not allowed.
Configuration error: file=%s, line=%d: Ignoring durable, name cannot start with
$sys.route, use route property instead.
Configuration error: file=%s, line=%d: Rendezvous transport not specified for
Rendezvous CM transport '%s'
Configuration error: file=%s, line=%d: ignoring invalid max connections in the
line, reset to unlimited
Configuration error: file=%s, line=%d: ignoring invalid max_client_msg_size in
the line, reset to unlimited
Configuration error: file=%s, line=%d: value of %s out of range, reset to default
Configuration error: file=%s, line=%d: unable to create %s '%s': invalid
destination name, invalid parameters or out of memory
Configuration error: file=%s, line=%d: value of db_pool_size too big or less than
allowed minimum, reset to default value of %d bytes
Configuration error: file=%s, line=%d: Ignoring durable, route does not allow
clientid, selector or nolocal.
Configuration error: file=%s, line=%d: Route '%s' does not exist for configured
durable.
Configuration error: file=%s, line=%d: unable to process selector in route
parameters, error=%s

TIBCO Enterprise Message Service User’s Guide

540
| Appendix C Error and Status Messages

Configuration error: file=%s, line=%d: both tibrv_import and tibrvcm_import are

specified, ignoring tibrv_import
Configuration error: file=%s, line=%d: ignored route '%s' because route represents
route to this server.
Configuration error: file=%s, line=%d: ignoring invalid topic selector
specifications in route parameters
Configuration error: file=%s, line=%d: value of max_msg_memory less than
allowed, reset to %dMB
Configuration error: file=%s, line=%d: ignored alias '%s' for factory because such
alias already exists
Configuration error: file=%s, line=%d: specified value below allowable minimum.
Resetting value store_minimum to 8M.
Configuration error: file=%s, line=%d: specified value below allowable minimum.
Resetting value store_minimum_sync to 8M.
Configuration error: file=%s, line=%d: invalid certificate file name, unknown
extension or invalid encoding specification
Configuration error: file=%s, line=%d: ignored route '%s' because route has
invalid zone information.
Configuration error: file=%s, line=%d: ignored route '%s' because route with such
name or URL already exists.
Configuration error: file=%s, line=%d: value of msg_pool_size invalid or too big
or less than allowed minimum of %d, reset to default value of %d
SSL Configuration error: file=%s, line=%d: invalid private key file name,
unknown extension or invalid encoding specification
Configuration conflict: file=%s, line=%d: value of msg_pool_block_size already
set at line=%d. Ignoring msg_pool_size.
Configuration error: file=%s, line=%d: bridge has no targets, unable to process
Configuration error: file=%s, line=%d: Illegal to specify routed queue as a bridge
source
Configuration error: file=%s, line=%d: client_trace error: %s
Configuration error: file=%s, line=%d: %s
Configuration error: file=%s, line=%d: duplicate specification of transport type
Configuration error: file=%s, line=%d: duplicate value
Configuration error: file=%s, line=%d: Ignoring durable, duplicate of earlier
entry.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 541
|

Configuration error: file=%s, line=%d: Ignoring durable, name is invalid.

Configuration error: file=%s, line=%d: Ignoring durable, name is missing or
invalid.
Configuration error: file=%s, line=%d: Ignoring durable, topic is invalid.
Configuration error: file=%s, line=%d: Ignoring durable, topic is missing or
invalid.
Configuration error: file=%s, line=%d: error in the bridge description, unable to
proceed.
Configuration error: file=%s, line=%d: error in permissions
Configuration error: file=%s, line=%d: error in the transport description, unable
to proceed.
Configuration error: file=%s, line=%d: errors in line, some options may have been
ignored
Error: unable to add bridge specified in file=%s, line=%d. Error=%s
Configuration error: file=%s, line=%d: Unable to create destination defined by the
bridge source
Unable to create Rendezvous Certified transport '%s' because it references
undefined Rendezvous transport '%s'
Configuration error: file=%s, line=%d: failed to create ACL entry, reason=%s
Unable to export message to SmartSockets. error=%s.
Use fsync error: file=%s, line=%d: invalid property value
Use fsync (min disk) error: file=%s, line=%d: invalid property value
exit_on_nonretryable_disk_error: file=%s, line=%d: invalid boolean property
value
consumed_msg_hold_time: file=%s, line=%d: invalid property value
active_route_connect_time: file=%s, line=%d: invalid property value
Fault tolerant reread error: file=%s, line=%d: invalid property value
Fault standby lock check error: file=%s, line=%d: invalid property value
Configuration error: file=%s, line=%d: ignored unknown permission '%s'
Configuration error: file=%s, line=%d: ignoring duplicate %s '%s' specified earlier
Configuration error: file=%s, line=%d: ignoring duplicate transport name '%s' in
%s list
Configuration error: file=%s, line=%d: ignoring duplicate user

TIBCO Enterprise Message Service User’s Guide

542
| Appendix C Error and Status Messages

Configuration error: file=%s, line=%d: ignoring errors in permission line

Configuration error: file=%s, line=%d: ignoring invalid connect attempt count
Configuration error: file=%s, line=%d: ignoring invalid connect attempt delay
Configuration error: file=%s, line=%d: ignoring invalid connect attempt timeout
Configuration error: file=%s, line=%d: ignoring invalid disk statistic period
Configuration error: file=%s, line=%d: ignoring invalid entry syntax
Configuration error: file=%s, line=%d: ignoring invalid factory load balancing
metric
Configuration error: file=%s, line=%d: ignoring invalid ft activation in the line
Configuration error: file=%s, line=%d: ignoring invalid ft heartbeat in the line
Configuration error: file=%s, line=%d: ignoring invalid ft reconnect timeout in the
line
Configuration error: file=%s, line=%d: ignoring invalid line
Configuration error: file=%s, line=%d: ignoring invalid line in factory parameters
Configuration error: file=%s, line=%d: ignoring invalid line in route parameters
Configuration error: file=%s, line=%d: ignoring invalid line: invalid syntax in the
line
Configuration error: file=%s, line=%d: ignoring invalid reconnect attempt count
Configuration error: file=%s, line=%d: ignoring invalid reconnect attempt delay
Configuration error: file=%s, line=%d: ignoring invalid reconnect attempt
timeout
Configuration error: file=%s, line=%d: ignoring invalid value of %s
Configuration error: file=%s, line=%d: ignoring invalid value in the line
Configuration error: file=%s, line=%d: ignoring unknown property '%s'
Configuration error: file=%s, line=%d: ignoring unrecognized property '%s'
Configuration error: file=%s, line=%d: ignoring user out of group context
Configuration error: file=%s, line=%d: illegal to use predefined name %s
Configuration error: file=%s, line=%d: Invalid clientid value
Configuration error: file=%s, line=%d: invalid value of db_pool_size, reset to
default of %d bytes
Configuration error: file=%s, line=%d: invalid line syntax or line out of order

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 543
|

Configuration error: file=%s, line=%d: invalid value of max memory, reset to

unlimited
Configuration error: file=%s, line=%d: invalid value of max_msg_memory, reset
to unlimited
Configuration error: file=%s, line=%d: invalid property value
Configuration error: file=%s, line=%d: invalid property value, reset to default.
Configuration error: file=%s, line=%d: invalid password
Configuration error: file=%s, line=%d: invalid value of reserve_memory, reset to
zero
Configuration error: file=%s, line=%d: invalid value of route_recover_interval,
reset to default %d
Configuration error: file=%s, line=%d: invalid value of route_recover_count, line
ignored
Configuration error: file=%s, line=%d: Invalid selector value
Configuration error: file=%s, line=%d: invalid syntax of %s, unable to continue.
Configuration error: file=%s, line=%d: invalid transport parameter '%s'
Configuration error: file=%s, line=%d: invalid transport type '%s'
Configuration error: file=%s, line=%d: invalid trace_client_host value
Configuration error: file=%s, line=%d: invalid trace_millisecond value
Configuration error: file=%s, line=%d: invalid value of %s, reset to unlimited
Configuration error: file=%s, line=%d: invalid value, reset to no minimum.
Configuration error: file=%s, line=%d: invalid value '%s'
Configuration error: file=%s, line=%d: invalid value of '%s'
Configuration error: file=%s, line=%d: invalid value of %s
Configuration error: file=%s, line=%d: invalid value of %s, reset to 256MB
Configuration error: file=%s, line=%d: invalid value of %s, reset to default
Configuration error: file=%s, line=%d: line too long, ignoring it
Configuration error: file=%s, line=%d: maximum number of listen interfaces
reached.
Configuration error: file=%s, line=%d: multiple principals specified, line ignored
Configuration error: file=%s, line=%d: multiple targets specified, line ignored

TIBCO Enterprise Message Service User’s Guide

544
| Appendix C Error and Status Messages

Configuration error: file=%s, line=%d: out of memory, unable to create

Rendezvous transport
Configuration error: file=%s, line=%d: no permissions found in acl entry
Configuration error: file=%s, line=%d: no target found in acl entry
Configuration error: file=%s, line=%d: %s '%s' not found
Configuration error: No topic exists for configured durable '%s%s%s'.
failed to create durable '%s', exception: %s.
Configuration error: file=%s, line=%d: no valid user or group found in acl entry
Configuration conflict: file=%s, line=%d: Overriding value of msg_pool_size
already set at line=%d.
Configuration warning: file=%s, line=%d: parameter '%s' is deprecated
Configuration error: file=%s, line=%d: value of reserve_memory too small, reset
to 16MB
Configuration error: file=%s, line=%d: ignoring invalid line in route parameters:
invalid zone type, too long
Configuration error: file=%s, line=%d: ignoring invalid line in route parameters:
zone name exceeding %d bytes
Routing Configuration error: file=%s, line=%d: invalid property value
Configuration warning: file=%s, line=%d: ignoring rvcmlistener, duplicate
Configuration error: file=%s, line=%d: ignoring rvcmlistener, first token is invalid
Configuration error: file=%s, line=%d: ignoring rvcmlistener, invalid destination
Configuration error: file=%s, line=%d: ignoring rvcmlistener, second token is
invalid
Configuration error: file=%s, line=%d: ignoring rvcmlistener, third token is
invalid
Configuration error: file=%s, line=%d: ignoring rvcmlistener, wildcards are not
permitted
SmartSockets configuration directory name is too long. error=%s.
SmartSockets file '%s' not found.
SSL Configuration error: file=%s, line=%d: duplicate value
SSL Configuration error: file=%s, line=%d: invalid value of DH key size.
SSL Configuration error: file=%s, line=%d: invalid property value
SSL Configuration error: file=%s, line=%d: invalid renegotiate size value

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 545
|

SSL Configuration error: file=%s, line=%d: invalid renegotiate size value,

minimum is %dKb
SSL Configuration error: file=%s, line=%d: invalid renegotiate value, minimum is
%d (in seconds)
Configuration error: file=%s, line=%d: syntax error in the line, ignoring
Configuration error: file=%s, line=%d: syntax errors in line, line ignored
Topic '%s' not valid in configured durable '%s'.
Configuration error: file=%s, line=%d: Unrecognized attribute
Configuration error: file=%s, line=%d: user '%s' not found, ignoring
Configuration error: file=%s, line=%d: value is invalid or less than minimum %d,
reset to 0
Configuration error: file=%s, line=%d: value less than allowed minimum, reset to
0
Configuration error: file=%s, line=%d: value of %s less than allowed minimum of
%dKB, reset to unlimited
Configuration error: file=%s, line=%d: Invalid value or value does not fall
between %d and %d
Configuration error: Invalid line: file=%s, line=%d
Configuration error: Missing store header: file=%s, line=%d
Configuration error: Mixed mode configuration: file=%s, line=%d
Configuration error: Invalid store parameter: file=%s, line=%d
Configuration error: Store definition failed
Configuration error: Unrecognized store type requested.
Configuration error: Filename for store '%s' cannot be empty.
Error occurred writing store definition into file.
Configuration error: file=%s, line=%d: ignoring channel '%s' on topic '%s',
channel does not exist
Configuration error: file=%s, line=%d: ignoring channel '%s' on topic '%s',
overlaps with channel '%s' on topic '%s'
Configuration error: file=%s, line=%d: ignoring channel '%s', duplicate name
Configuration error: file=%s, line=%d: ignoring channel '%s', address of '%s:%d'
already defined
Configuration error: file=%s, line=%d: channel '%s', %s

TIBCO Enterprise Message Service User’s Guide

546
| Appendix C Error and Status Messages

Configuration error: file=%s, line=%d: channel '%s', no address specified.

Configuration error: file=%s, line=%d: channel '%s', invalid address syntax: port
not specified.
Configuration error: file=%s, line=%d: channel '%s', invalid address: group must
be in the range 224.0.0.0 to 239.255.255.255
Configuration error: file=%s, line=%d: channel '%s', interface must address a
valid multicast-capable network interface.
Configuration error: file=%s, line=%d: channel '%s', invalid address: port must be
in the range 1 to 65535
Configuration error: file=%s, line=%d: channel '%s', ttl must be in the range 1 to
255
Configuration error: file=%s, line=%d: channel '%s', priority must be in the range
-5 to 5
Configuration error: file=%s, line=%d: channel '%s', maxrate must be less than
512MB
Configuration error: file=%s, line=%d: channel '%s', maxtime must be greater
than 0
Configuration error: file=%s, line=%d: cannot store messages in: %s
Configuration error: file=%s, line=%d: cannot find store: %s
Required store param 'type' not specified for store '%s'
Invalid params at line %d in file '%s' for store '%s' when store type is 'file' %s
Invalid params at line %d in file '%s' for store '%s' when store type is 'dbstore' %s
Invalid params at line %d in file '%s' for store '%s' when store type is 'mstore' %s
Store '%s' already defined
Configuration error: Store with similar dbstore_driver_url exists, file=%s,
line=%d
Configuration error: duplicate file name %s for stores %s and %s
Configuration warning: file=%s, line=%d: the discardAmount is too small for the
selected RV Queue Limit Policy. It is recommended to have at least 10%% of the
maxEvents
Configuration error: file=%s, line=%d: the discardAmount is too big compared to
the maxEvents value. Defaulting to TIBRVQUEUE_DISCARD_NONE policy

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 547
|

Configuration error: file=%s, line=%d: maxEvents and discardAmount values

must be strictly positive for an RV Queue Limit Policy other than
TIBRVQUEUE_DISCARD_NONE. Defaulting to
TIBRVQUEUE_DISCARD_NONE policy
Configuration error: file=%s, line=%d: RV Queue Limit Policy '%s' unknown or
not supported. Defaulting to TIBRVQUEUE_DISCARD_NONE policy
Configuration error: file=%s, line=%d: Error parsing the RV Queue Limit Policy
value '%s'. Defaulting to TIBRVQUEUE_DISCARD_NONE policy
Configuration warning: file=%s, line=%d: The bridge's source destination '%s' is
dynamic but has no parent. The bridge should either be removed or a static parent
destination added

Category Error writing commit request, errors already occurred in this transaction

Description A client application's attempt to commit a transaction failed because the server
encountered an error during an operation associated with the transaction.

Resolution Examine previous error statements to determine the cause of the operation failure
and correct that before attempting the transaction again.

Errors Error writing commit request, errors already occurred in this transaction.

Category Error writing configuration file

Description tibemsd was unable to update one of its configuration files following a
configuration change.

Resolution Check that the user that started the tibemsd has permission to change the
configuration files and that there is sufficient disk space on the device.

Errors Error occurred saving acl information

Error occurred saving bridges information
Error occurred saving durables information
Error occurred saving factories information
Error occurred saving file '%s'
Error occurred saving group information
Error occurred saving %s information
Error occurred saving main configuration file '%s'

TIBCO Enterprise Message Service User’s Guide

548
| Appendix C Error and Status Messages

Error occurred saving routes information

Error occurred saving tibrvcm information
Error occurred while updating main configuration file '%s'. Configuration has not
been saved.
Error occurred writing bridges into file.
Error occurred writing destination '%s' into file
Error occurred writing factory into file.
Error occurred writing group '%s' into file
Error occurred writing into the file '%s'.
Error occurred writing route into file.
I/O error occurred saving bridge information
I/O error occurred saving group information
I/O error occurred saving route information
I/O error occurred writing into file '%s'

Category Error writing to store file

Description tibemsd was unable to write data to one of its store files.

Resolution Ensure that the directory containing the store files is mounted and accessible to
the tibemsd, and that there is free space available on the device

Errors Failed writing block data to '%s': %s

Failed writing message to '%s': I/O error or out of disk space.
Failed writing purge state for queue '%s': I/O error or out of disk space.
Failed writing purge state for topic consumer: I/O error or out of disk space.
Exception trying to create confirm record, %s.
Exception trying to create message from store: %s
Exception trying to create transaction record.
Exception trying to create valid messages record, %s.
Exception trying to export message to RV.
Failed writing message to '%s': %s.
Exception writing transaction commit record: %s.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 549
|

Exception writing transaction rollback record: %s.

Exception writing transaction prepare record: %s.
Failure deleting old version of transaction record: %s.
Failed deleting '%s' record from %s: %s

Category Failed to open TCP port

Description tibemsd was unable to open the tcp port.

Resolution Shutdown process that is using the port or change the value of the 'listen'
parameter in the server's tibemsd.conf file to a port that is not in use.

Errors Binding connection to TCP port %d failed:%d (%s).

Category File access error

Description tibemsd was unable to properly access the specified file.

Resolution Check that the path name is correct and the directory exists, the user that started
tibemsd has permission to read the specified directory and path, the file exists if it
isn't one that the tibemsd can create, the file is not being used by another tibemsd
or some other process.

Errors Configuration file '%s' not found.

Failed to create file '%s'
failed to open file '%s'.
failed to open log file '%s'.
Failed to read message from store.
Failed to rename file %s into %s: %s
Unable to open metadata file '%s', error '%s'.
Unable to open metadata file '%s', file may be locked.
Unable to open store file '%s', error '%s'.
Unable to open store file '%s', file may be locked.
Unable to preallocate storage file '%s'.
I/O error occurred reading from the file '%s'.

TIBCO Enterprise Message Service User’s Guide

550
| Appendix C Error and Status Messages

Exiting on non-retryable disk error: %d

Exception trying to read message from store.
Error during file close of '%s' - %d.

Category Invalid connection

Description Warning indicating that tibemsd was attempting to reestablish delivery of

messages across a route to another tibemsd but was unable to find the connection
for that route.

Resolution Either reduce the tibemsd's memory requirement by consuming messages or

removing messages from its queues, or increase the amount of memory available
to the tibemsd by shutting down other processes on the machine or increasing the
machine's memory.

Errors Recovery flow stall for destination %s failed: invalid route connection

Category Invalid destination

Description An application is attempting to use a destination name that is not valid.

Resolution Alter application code to use an acceptable destination name.

Errors %s: create %s failed: Not permitted to use reserved queue [%s].
%s: %s failed: illegal to use wildcard %s [%s].
%s: %s failed: %s [%s] not configured.
At least one bridge is referencing %s [%s] as a target. This destination does not
exist and there is no parent that would allow its dynamic creation. The
destination has been forcefully created. To avoid this, the bridge(s) referencing
this target should be destroyed.
Use of '$' destination prefix is not supported [%s %s].

Category Invalid listen specification

Description The server could not parse the listen parameter in the tibemsd.conf file

Resolution Correct the listen parameter to match the form [protocol]://[url] as specified in
the manual.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 551
|
Errors Invalid listen specification: '%s'.
Invalid request to create temporary destination.

Category Invalid session

Description tibemsd received a request that referred to a session that doesn't currently exist.

Resolution Send details of the error and the situation in which it occurred to TIBCO Support.

Errors Cannot find session for ack

Cannot find session for ack range
%s: destroy %s failed: invalid session id=%d.
Unable to destroy session, invalid session.
Invalid session in commit request.
Invalid session trying to update(%d) tx record.
Invalid session in commit transaction record.
Invalid session in recover request.
Invalid session in rollback request.
Invalid session in xa end request. connID=% PRINTF_LLFMT d
Invalid session in xa start request. connID=% PRINTF_LLFMT d

Category LDAP error - should always display LDAP error

Description An attempt to authenticate a client's userid and password using the external
LDAP server failed.

Resolution Examine the error code printed by the messaging server and consult the manual
for the external LDAP server.

Errors Filter '%s' contains an illegal type substitution character, only %%s is allowed
Filter '%s' contains too many occurrences of %%s, max allowed is: %d
Filter '%s' too long, max length is %d characters
Invalid search scope: %s
LDAP Configuration error: file=%s, line=%d: invalid property value
LDAP is not present

TIBCO Enterprise Message Service User’s Guide

552
| Appendix C Error and Status Messages

LDAP search resulted %d hits.

ldap_url_parse failed, returned: %d
Lookup of group '%s' produced incorrect or no results
Missing LDAP URL
Missing %s parameter
Zero entries returned from getting attributes for group '%s':
Failed adding user '%s' into LDAP user cache

Category LICENSE WARNING

Description The server detected a violation of its license.

Resolution This error only occurs with the evaluation version of the server or in an
embedded form. To correct this error either replace your evaluation version with
a production version or contact the vendor who supplied the embedded version.

Errors License violation: %s.

Category Missing configuration

Description An essential attribute has not been configured.

Resolution Change the tibemsd.conf file so that a value for the attribute is provided.

Errors Configuration error with metadata database.

Configuration error with storage databases.

Category Missing transaction

Description A client application attempted to change the state of a transaction that the
tibemsd does not have in its list of current transactions.

Resolution Check tibemsd trace logs to see if the transaction had been committed or rolled
back by an administrator, if not then check the client code to see if it or its
transaction manager are calling the transaction operations in the correct order.

Errors Cannot find transaction referred to transaction record update(%d) request.

connID=% PRINTF_LLFMT d %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 553
|

Cannot find transaction referred to in xa commit request. connID=%

PRINTF_LLFMT d %s
Cannot find transaction referred to in xa prepare request. connID=%
PRINTF_LLFMT d %s
Cannot find transaction referred to in xa rollback request. connID=%
PRINTF_LLFMT d %s
Received prepare request for transaction already prepared. connID=%
PRINTF_LLFMT d %s
Cannot find transaction referred to in xa start (resume) request. connID=%
PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s
Cannot find transaction referred to in xa start (join) request. connID=%
PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s
Cannot find transaction referred to in xa end request. connID=% PRINTF_LLFMT
d sessID=% PRINTF_LLFMT d %s

Category Out of memory

Description The server failed to allocate memory as it was attempting to perform an

operation.

Resolution Check how much memory the server process is using according to the operating
system. Compare this with how much memory and swap space the host actually
has. If there are sufficient memory and swap space, check the operating system
limits on the server process to determine if this is the cause. If the limits are set to
their maximum and this error occurs, reduce the load on this server by moving
some topics and queues to another server.

Errors %s trying to recreate persistent message.

Error during routed queue configuration, can not create routed queue consumer
Could not initialize monitor
Error: out of memory processing admin request
Error during route configuration, can not create routed queue consumer
Configuration error - duplicate group: file=%s, line=%d: ignoring line
Unable to create admin group: out of memory during initialization
Error: unable to create alias for %s '%s': no memory
Error: unable to create alias: out of memory

TIBCO Enterprise Message Service User’s Guide

554
| Appendix C Error and Status Messages

Unable to create import event for %s '%s' on transport '%s'

Unable to create internal connection, error=(%d) %s
Unable to create internal connection: out of memory during initialization
Error: unable to create %s '%s': no memory
Error: unable to create route while parsing file=%s, line=%d.
Unable to create SmartSockets subscriber on transport '%s', %s '%s': out of
memory
Unable to create temporary destination, out of memory
Failed to create reserve memory. Exiting.
Failed writing message to '%s': No memory for operation.
Unable to process message imported on transport '%s'.
Fault Tolerant configuration, no memory!
Fault Tolerant error, no memory.
LDAP initialization failed.
No memory.
No memory authenticating user '%s'
No memory authenticating via LDAP
Out of memory while building admin response message
Out of memory while building JNDI response message
Out of memory creating global import event on transport '%s'
Out of memory creating import event for %s '%s' on transport '%s'
Out of memory creating SS transport %s
No memory creating stalled flows in destination
Out of memory during initialization
Could not set replyto destination exporting SS message.
Could not set destination exporting SS message.
Could not get destination exporting SS message.
Failed to initialize SS message fields exporting SS message.
Out of memory exporting SS message.
Out of memory: unable to process SS message type on export

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 555
|

No memory for creating connection.

No memory generating dynamic route durable.
Out of memory importing SS message. error=%s.
No memory in IO thread to create pool.
Out of memory while parsing bridges file
Out of memory while parsing factories file
Out of memory while parsing routes file
No memory performing routing operation.
Out of memory processing %s on %s '%s'
Out of memory processing administrative request
Out of memory processing message tracing
No memory processing purge record.
No memory while processing route interest
Out of memory processing transports
Out of memory processing transports configuration
Out of memory reading configuration.
Out of memory restoring routed consumer
Out of memory sending monitor message.
No memory sending topic routing information.
%s trying to add message to %s queue.
No memory trying to add message to system.
No memory trying to cleanup route.
No memory to create ack record.
No memory to create client connection
No memory to create configured durable '%s%s%s'.
No memory to create configured durables
No memory to create confirm record.
No memory to create connection.
No memory to create consumer.
No memory trying to create destination.

TIBCO Enterprise Message Service User’s Guide

556
| Appendix C Error and Status Messages

No memory to create destination for consumer or browser.

No memory trying to create global topic destination.
No memory to create message from store.
No memory to extract routing info from incoming message.
No memory trying to create message producer.
No memory to create producer.
No memory trying to create queue browser.
No memory trying to create response message.
No memory to create routed consumer
No memory to create routed queue consumers
No memory trying to create routed queue destination.
No memory trying to create routed tmp queue destination.
No memory to create session.
No memory trying to create tmp destination for consumer.
No memory trying to create transaction.
No memory to create valid messages record.
No memory restoring valid sequence number info.
No memory to create zone.
No memory trying to export message to RV.
No memory trying to export message to SS.
No memory trying to import message from RV%s.
No memory trying to import message from RVCM.
No memory trying to import message from SS. error=%s.
No memory trying to initialize connection.
No memory trying to initialize route connection.
No memory trying to parse configured durable.
No memory trying to process data message.
No memory trying to process queue message.
No memory to process route interest
No memory to process SSL renegotiation request.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 557
|

No memory trying to process system request.

No memory trying to process topic consumer.
No memory trying to process topic message.
No memory trying to process xa end. connID=% PRINTF_LLFMT d sessID=%
PRINTF_LLFMT d %s
No memory trying to read message from store.
No memory trying to recover routed consumer.
No memory trying to recover one msg for routed consumer.
No memory trying to recover route stall.
No memory trying to recover route stall, will try again.
No memory to restore messages.
No memory to restore prepared transactions.
No memory trying to retrieve for queue browser.
No memory trying to send recover/rollback response.
out of memory trying to send topic interest to routes
No memory to set clientID for connection.
No memory trying to setup queue route configuration
No memory trying to setup route configuration
No memory trying to setup topic route configuration
Route recovery of destination %s on route from %s will fail: No memory
Route recovery of destination %s on route from %s will fail: No memory to create
timer
Route recovery of destination %s on route from %s will fail: %s
Failed to initialize OpenSSL environment: out of memory
Out of memory queuing imported message for processing.
Out of memory gathering consumers for incoming message.
Out of memory scheduling message delete.
Out of memory preparing to write message.
Out of memory assembling list of message to store.
Out of memory processing route consumer.
Out of memory preparing message for writing.

TIBCO Enterprise Message Service User’s Guide

558
| Appendix C Error and Status Messages

Out of memory creating connection thread list.

Out of memory creating RV gateway thread list.
Out of memory creating SmartSockets gateway thread list. error=%s.
Out of memory delaying bridged flow control response.
Out of memory preparing to delay flow control response.
Out of memory delaying one flow control response.
Out of memory delaying set of flow control responses.
Out of memory trying to clear message hold.
Out of memory trying to delete held message.
Unable to update the valid messages record. Error code: %d - %s.
No memory scheduling message delete completion.
No memory to build msg properties.
No memory to create prop.
No memory to set prop.
No memory getting the list of delivered messages. The JMSXDeliveryCount
property of some messages may no longer be accurate.
No memory getting the list of delivered messages from session %
PRINTF_LLFMT d. The JMSXDeliveryCount property of messages that were sent
to this session may no longer be accurate.
No memory getting the list of delivered messages during rollback of transaction
with xid: %s. The JMSXDeliveryCount property of messages that were rolled-back
may no longer be accurate.
Out of memory discarding message.
Out of memory advancing queue pending.
Out of memory adding message to pending list.
Out of memory returning message to pending list.
Out of memory trying to re-queue after xa rollback.
Out of memory finalizing restored queue: %s.
Out of memory restoring queue flush state.
Out of memory detaching message during queue purge.
Out of memory removing message from queue.
Out of memory retrieving message by correlation id.

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 559
|

Out of memory scheduling cleanup of transaction ack: %s.

Out of memory setting message all acked: %s.
Out of memory cleaning up transaction: %s.
Out of memory updating sent state on ack.
Out of memory updating in-doubt state on ack.
Out of memory removing message from system.
Out of memory associating ack with data.
Out of memory associating ack with transaction.
Out of memory resetting mstore discard scan: %s.
Out of memory recording modified topic.

Category Protocol error, incorrect XID in XA request

Description The tibemsd received an XA End instruction from the third party Transaction
Manager which referred to a different transaction from the one currently in use by
the session.

Resolution Report this to the your Transaction Manager vendor.

Errors Incorrect xid in xa end (0x%x) request. connID=% PRINTF_LLFMT d sessID=%

PRINTF_LLFMT d %s

Category Protocol error, transaction in incorrect state

Description A client application's attempt to start an XA transaction failed because the

transaction already exists and is not in the correct state.

Resolution This error is most likely caused by an external transaction manager that allowed
two separate client applications to use the same XA transaction identifier (XID).
Consult the manual for the transaction manager or report this to the transaction
manager vendor.

Errors Cannot process xa start for a session when another transaction is already active on
that session. connID=% PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s
Cannot process xa start with TMNOFLAGS when the transaction is already
active. connID=% PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s

TIBCO Enterprise Message Service User’s Guide

560
| Appendix C Error and Status Messages

Category Protocol message format error

Description tibemsd received a message with either missing or incomplete data.

Resolution Send details of the error and the situation in which it occurred to TIBCO Support.

Errors Unable to confirm session, invalid request.

Unable to create consumer, invalid destination.
Unable to init session, invalid request.
Unable to process msg for export. error=%s.
Unable to recover consumer, invalid request.
Unable to recover consumer, invalid session.
Unable to recover one msg for consumer, invalid request.
Unable to recover one msg for consumer, invalid sequence number.
Unable to recover one msg for consumer, invalid session.
Unable to serve the flow stall recover request from server %s, invalid request.
Unable to start consumer, invalid consumer
Unable to server the flow stall recover request from server %s, invalid consumer.
Unable to unsubscribe consumer, invalid client request.
%s: %s failed: illegal to use %s [%s] in standby mode.
Invalid flag in xa end request. connID=% PRINTF_LLFMT d sessID=%
PRINTF_LLFMT d %s
Invalid flag in xa start request. connID=% PRINTF_LLFMT d sessID=%
PRINTF_LLFMT d %s
Invalid request to delete temporary destination: %s. connID=% PRINTF_LLFMT
d
Invalid request to delete temporary destination: not owner connection.
Invalid xid in commit request.
Invalid xid in commit transaction record.
Invalid xid trying to update(%d) transaction record.
Invalid xid in rollback request.
Invalid xid in rollback transaction record.
Invalid xid in xa commit request. connID=% PRINTF_LLFMT d

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 561
|

Invalid xid in xa end request. connID=% PRINTF_LLFMT d sessID=%

PRINTF_LLFMT d
Invalid xid in xa prepare request. connID=% PRINTF_LLFMT d
Invalid xid in xa rollback request. connID=% PRINTF_LLFMT d
Invalid xid in xa start request. connID=% PRINTF_LLFMT d sessID=%
PRINTF_LLFMT d
Malformed routed message
Problem decoding sequence data in confirm: %s.
Problem decoding sequence data in rollback.
Problem decoding sequence data in xa end. connID=% PRINTF_LLFMT d
sessID=% PRINTF_LLFMT d %s
%s:%s queue browser failed: queue name is missing in request message
Received admin request with replyTo not set
Received JNDI request with replyTo not set.
Received unexpected message type %d
No destination in incoming data message.

Category Protocol sequence error

Description A non-embedded java client is attempting to connect to a tibemsd that is part of

an embedded JMS environment.

Resolution Reconfigure the client to connect to a fully licensed tibemsd.

Errors Invalid client connect detected.

No closure.

Category Rejected attempt to connect via SSL to TCP port

Description A client application attempted to connect to the server's TCP port using the SSL
protocol.

Resolution Change the client application's URL from ssl to tcp or change the server's listen
parameter from tcp to ssl. To activate a change of the server listen parameter
requires a restart of the server.

TIBCO Enterprise Message Service User’s Guide

562
| Appendix C Error and Status Messages

Errors Rejected attempt to connect via SSL to TCP port

Category Rejected attempt to connect via TCP to SSL port

Description A client application attempted to connect to the server's SSL port using the TCP
protocol.

Resolution Change the client application's URL from tcp to ssl or change the server's listen
parameter from ssl to tcp. To activate a change of the server listen parameter
requires a restart of the server.

Errors Rejected attempt to connect via TCP to SSL port

Category rejected connect from route: invalid cycle in route

Description The multi-hop route support of the server does not support configuring a cycle.
However, it detected a configuration that would create a cycle.

Resolution Remove one of the routes that creates the cycle.

Errors [%s@%s]: rejected connect from route: invalid cycle in route: %s

Illegal, route to '%s' creates a cycle. Terminate the connection
Illegal, route to '%s' creates a cycle.

Category Rendezvous transport error

Description tibemsd encountered a Rendezvous error.

Resolution See Rendezvous documentation for details of what the error means and how to
remedy it.

Errors Unable to create dispatcher for import event for %s '%s' on transport '%s', error is
%s
Unable to create inbox for import event for %s '%s' on transport '%s'
Unable to create Rendezvous Certified transport '%s': %s
Unable to create Rendezvous Certified transport '%s' because unable to create
Rendezvous transport '%s'
Unable to create Rendezvous transport '%s': %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 563
|

Unable to create TIBCO Rendezvous Certified Listener for %s '%s' on transport

'%s': %s
Failed to confirm RVCM message: %d (%s)
Failed to confirm RVCM message sequence % PRINTF_LLFMT u from cm sender
'%s'. Error: %d (%s)
Unable to store trackId % PRINTF_LLFMT d for RVCM message sequence %
PRINTF_LLFMTu from cm sender '%s'. Error: %d (%s)
Unable to retrieve trackId % PRINTF_LLFMT d. Error: %d (%s)
A problem occurred while importing RVCM message sequence %
PRINTF_LLFMT u from cm sender '%s'. Expecting a redelivery
Unable to queue the request type: %d. Transport '%s', destination '%s', CM Sender
'%s', CM Sequence % PRINTF_LLFMT u . Error: %d (%s)
Unable to queue the request type: %d. Transport '%s', destination '%s'. Error: %d
(%s)
Failed to disallow Rendezvous Certified Message listener '%s': %s
Unable to export topic message, error=%s.
Unable to pre-register certified listener '%s' on transport '%s': %s
Rendezvous send failed on transport '%s', error='%s'
Unable to restart the CM Listener for %s '%s' (RVCM Transport '%s'). Error code:
%d '%s'
Unable to create the timer for the restart of the CM Listener for %s '%s' (RVCM
Transport '%s'). Error code: %d '%s'
Unable to stop the CM Listener for %s '%s' (RVCM Transport '%s'). Error code: %d
'%s'

Category Running on reserve memory

Description Warnings indicating that the tibemsd has run out of memory and is now using its
reserve memory

Resolution Either reduce the tibemsd's memory requirement by consuming messages or

removing messages from its queues, or increase the amount of memory available
to the tibemsd by shutting down other processes on the machine or increasing the
machine's memory.

Errors Running on reserve memory, ignoring new message.

TIBCO Enterprise Message Service User’s Guide

564
| Appendix C Error and Status Messages

Running on reserve memory, no more send requests accepted. Pending msg count
= % PRINTF_LLFMT d
Pending msg count = % PRINTF_LLFMT d

Category SmartSockets transport error

Description tibemsd encountered a SmartSockets error.

Resolution See SmartSockets documentation for details of what the error means and how to
remedy it.

Errors Unable to create SmartSockets subscriber on transport '%s': failed to convert %s

'%s', error=%s
Unable to import SmartSockets message on transport %s: failed to convert subject
'%s', error=%s
Unable to import SmartSockets message on transport %s: failed to tokenize
subject '%s'
Unable to import SmartSockets message on transport %s: failed to convert reply
subject '%s', error=%s
Unable to import SmartSockets message on transport %s: no destination found
'%s'
Unable to export EMS message into SmartSockets on transport '%s'. Failed to
convert subject '%s', error=%s.
Unable to export EMS message into SmartSockets on transport '%s'. Failed to
convert reply subject '%s', error=%s.
Error translating EMS message body into SS message. Status=%s
Error translating EMS message headers into SS message. Status=%s
Error translating EMS message properties into SS message. Status=%s
Unable to confirm SS message. %s
Unable to connect to SmartSockets RTserver via transport: '%s': %d - %s
Unable to register GMD failure callback: '%s': %d - %s
Unable to create open callback on transport: '%s': %d - %s
Unable to create default callback on transport: '%s': %d - %s
Unable to create SS callback for %s '%s' on transport '%s' SS error: %s
Unable to create SS message type on export

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 565
|

Unable to create SmartSockets subscriber for %s '%s' on transport '%s', error: %s

Unable to create SmartSockets transport '%s': %d - %s
Failed to confirm SS message. error=%s.
Failed to create SmartSockets transport %s
Unable to handoff confirm SS message: %s.
Unable to import SS message. Error=%d, %s.
Unable to import SS message data fields. Error=%d, %s.
Unable to import SS message headers. Error=%d, %s.
Unable to import SS message, failed to create message destination.
Unable to import SS message, failed to create reply destination.
Unable to import SS message, error retrieving delivery mode.
Unable to import SS message, error setting imported property. error=%s.
Unable to import SS message, error setting message extentions property.
error=%s.
Unable to import SS message, failed to create message wire. error=%s.
Unable to import SS message, error retrieving number of fields.
Unable to initialize SmartSockets transport '%s': error=%d: %s
Unable to set SmartSockets Dispatcher for transport: '%s': %d - %s
Unable to set SS message type on export
Unable to set Username/Password for SmartSockets transport '%s': %d - %s
Unable to import SmartSockets message on transport %s: failed to retrieve SS
subject.
SS Subject CB destroy Failed: for '%s' on transport '%s' SS error: %s
SS Subject CB lookup Failed: for '%s' on transport '%s' SS error: %s
SmartSockets TipcMsgSetDeliveryMode failed, '%s'
SmartSockets TipcMsgSetLbMode failed, '%s'
SmartSockets TipcSrvConnFlush failed, '%s'
SmartSockets TipcSrvConnMsgSend failed, '%s'
SS Unsubscribe failed: for '%s' on transport '%s' SS error: %s
GMD delivery failed on transport '%s', SS message seq=%d, reason='%s' for
process '%s'

TIBCO Enterprise Message Service User’s Guide

566
| Appendix C Error and Status Messages

Unable to process undelivered SS GMD message, can not register EMS message,
error='%s', tport='%s', GMD seq=%d
Unable to process undelivered SS GMD message, can not add to undelivered EMS
queue, error='%s', tport='%s', GMD seq=%d
Unable to process undelivered SS GMD message, failed to build EMS message,
error='%s', tport='%s', GMD seq=%d
Unable to convert undelivered SS GMD message into EMS message, error='%s',
tport='%s', GMD seq=%d

Category SSL initialization failed

Description The server failed attempting to initialize the OpenSSL library.

Resolution Examine the OpenSSL error and the EMS User's Guide chapter describing the use
of SSL.

Errors Failed to process ft ssl password

Failed to process ssl password
Ignoring SSL listen port %s
Failed to initialize SSL: can not load certificates and/or private key and/or CRL
file(s) and/or ciphers.
Failed to initialize OpenSSL environment: error=%d, message=%s.
Failed to initialize SSL. Error=%s
Failed to initialize SSL: unable to obtain password
Failed to initialize SSL: server certificate not specified.
Failed to initialize SSL: server private key not specified.

Category System call error, should be errno-driven

Description A low-level system function has failed.

Resolution Report the error to your system administrator and ask them to remedy the
problem.

Errors Accept() failed: too many open files. Please check per-process and system-wide
limits on the number of open files.
Accept() failed: %d (%s)

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 567
|

Select() failed: %d (%s)

Epoll_wait() failed: %d (%s)
Epoll_ctl() %s on fd %d failed: %d (%s)
ioctl() on /dev/poll failed: %d (%s)
write() %s update /dev/poll on fd %d failed: %d (%s)
Cannot retrieve user name of the current process.
Client connection not created, %s.
Could not obtain hostname
Could not resolve hostname '%s'. Possibly default hostname is not configured
properly while multiple network interfaces are present.
Unable to listen for connections: %d (%s).
Unable to open socket for listening: %d (%s).
Closing SSL connection from %s due to timeout.

Category Unnecessary or duplicate message

Description tibemsd received a message with either missing or incomplete data.

Resolution Send details of the error and the situation in which it occurred to TIBCO Support.

Errors Error processing xa start request, %s. connID=% PRINTF_LLFMT d sessID=%

PRINTF_LLFMT d
Error trying to enter standby for '%s', %s.

Category Unrecognized option

Description The server's command line contains an unrecognized option.

Resolution Run the server with the -help option and compare it with the command line
containing the unrecognized option.

Errors Unrecognized option: '%s'.

Category Restoring consumer failed

TIBCO Enterprise Message Service User’s Guide

568
| Appendix C Error and Status Messages

Description Seen when tibemsd starts up and detects that the zone for a route as specified in
routes.conf has been changed.

Resolution Either delete the route or change its zone back and restart the tibemsd.

Errors Restoring consumer failed: Conflicting zone for route to [%s]: The route was
initially zone %s type %s, but now %s type %s. Zone change not allowed while
there are durable subscribers. Please delete the route first and create new one.

Category Banners and debug traces

Description Banner and debug traces

Resolution Not applicable

Errors %s: %s has been changed

%s: %s has been changed to %s
%s: %s has been changed to %d
%s: %s has been changed to % PRINTF_LLFMT d
Invalid session for route configuration.
Invalid routed queue information message.
Expired % PRINTF_LLFMT d message%s.
Discarded % PRINTF_LLFMT d message%s.
[%s@%s]: rejected connect from route: invalid password
%s: purged durable '%s'
%s: %s %s '%s' permissions on %s '%s': %s
%s: create %s failed: durable creation access denied for %s [%s].
Async Recs: max=%d avg=%.2f min=%d
Process Id: %d
Server activating on failure of '%s'.
ldap_search_ext_s(%x, %s, %s, %s)
Flow Stall Recovery Timer: to recover stall of %s on route from %s, recovery count
= %d
Error, filter '%s' contains an illegal type substitution character, only %%s is
allowed

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 569
|

Rendezvous Certified Advisory: %s

LDAP response resulting from checking if an entry is a member of a dynamic
group:'
ignoring route '%s' at '%s', route user does not exist.
Created %s transport '%s'
Send recover request for routed queue flow stall for queue %s
Removing routed topic consumer '%s'
License has been activated.
Hostname: %s
Evaluation Software Notice: remaining uptime is %d hours %d minutes.
[%s@%s]: rejected connect from route: implicit route already exists
LDAP response resulting from getting attributes for group '%s':
ldap_parse_reference: %s
Storage Location: '%s'.
Search reference: %s
Route Recover Interval is %u seconds.
Route Recover Minimum Message Count is %u.
Route connect error: route has no zone setting
SS: Deleting existing GMD file.
LDAP error: %s
Clean all flow stalls for route to server %s: %s
%s: shutdown server
Reading configuration from '%s'.
Configuration warning: file=%s, line=%d: illegal to specify both '%s' and '%s',
ignoring '%s'
Recovered flow stalled consumer for destination: %s:%s
%s: revoked all %s permissions on %s '%s'
Error sending routing information to '%s'.
Send recover request
Skipping recover request, message count %d greater than recover count
Lazy Dels: max=%d avg=%.2f min=%d

TIBCO Enterprise Message Service User’s Guide

570
| Appendix C Error and Status Messages

Release Holds: max=%d avg=%.2f min=%d

%s: created rvcmlistener transport '%s' name '%s' dest '%s'
ERROR: file=%s, line=%d: %s is too long.
Route '%s' connecting to url '%s'.
Route '%s' connected to url '%s' with zone '%s:%s'.
[%s@%s]: rejected connect from route: %s
Configuration warning: file=%s, line=%d: Use of Rendezvous Bridge via tibrv_...
parameters has been deprecated. This feature is subject to removal in the next
release of this product. Please convert your configuration to utilize transports
defined in transports.conf configuration file.
Rendezvous %s %s enabled (RV %s).
Error in ldap_search_ext_s: %s
Server is re-entering standby mode.
Statistics database memory now below limit
SS: Destroying SmartSockets transport %s
Created file '%s'
Restored routed topic consumer for '%s'
Adding routed topic consumer for '%s'
Subscriber %s for topic '%s' exceeded topic limit.
Refrained from removing configured durable '%s'
Sync Recs: max=%d avg=%.2f min=%d
SS: Unsubscribe from '%s' tport = %s
Recovered %d pending connection%s.
SS: Imported message on tport='%s', subject='%s', reply='%s'.
Clean flow stall for consumers of destination %s:%s
ldap_search_s(%x, %s, %s, %s, [NULL])
%s:%s queue browser failed: illegal to use wildcard queue [%s]
There should be only one consumer reaching %s, but %d found
%s:%s queue browser failed: cannot browse [%s] because it is a routed queue.
Detected IP interface: %s (%s)
Clear (Non-IO) flow stalled on dest %s:%s from route of %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 571
|

Error sending routing information to %s, send failed

%s: %s updated: '%s'
%s: consumed_msg_hold_time updated: '%d'
Authorization is disabled.
SSL connect: using certificate username '%s'.
SSL reset to TCP for connID=% PRINTF_LLFMT d, user='%s'
Configuration warning: file=%s, line=%d: invalid trace option '%s' is ignored
Server is now active.
(NON-IO) Flow stalled on dest %s from route of %s
Dump of user cache:
Administrator group not found, created with default member.
Received exception on route '%s':'%s'
ldap_search_s(%x, %s, %s, %s, [%s,%s,%s,%s,%s,NULL])
EXPIRE: msgs=%d
Clean flow stall for routed consumer of queue %s
EXPIRE: total=% PRINTF_LLFMT d expire=0
EXITING
Configuration error: file=%s, line=%d: ignoring invalid selector specifications in
route parameters
%s: created group '%s'
set %s:%u in flow stall recover request
Error: unable to bind to LDAP server as: '%s', %s
DISK IO stats for %s:
Authorization exception creating routed topic consumer for '%s'
Fault tolerant reconnect timeout is set to a negative or 0 value of %d seconds,
Licensed server is waiting for license activation.
LDAP message resulting from checking existence:
Memory limit of %d MB exceeded.
%s %s to %s: connID=% PRINTF_LLFMT d consID=% PRINTF_LLFMT d
msgID='%s' %s='%s'%s%s%s%s%s%s
User '%s' is authenticated via LDAP

TIBCO Enterprise Message Service User’s Guide

572
| Appendix C Error and Status Messages

User '%s' is authenticated via JAAS

Route '%s' accepted from host '%s' with zone '%s:%s'.
%s:%s queue browser failed: queue does not exist: [%s]
%s acknowledged by %s: connID=% PRINTF_LLFMT d consID=%
PRINTF_LLFMT d msgID='%s' %s='%s'
%s premature exit: %s : connID=% PRINTF_LLFMT d prodID=%
PRINTF_LLFMT d msgID='%s' %s='%s'
%s: removed user '%s' from group '%s'
Reading SS configuration from '%s'.
Ignoring inbound routed topic '%s', illegal topic.
%s: Compacting %s %s with no time limit.
STARTING POP WAITING
Flow stall recover ack received Post IO
RVCM name not specified for transport '%s',
Purged % PRINTF_LLFMT d queue message%s.
Purged % PRINTF_LLFMT d topic consumer message%s.
No memory to process incoming data from connection id=% PRINTF_LLFMT d.
Connection terminated.
%s: Disconnected, connection id=% PRINTF_LLFMT d, reason: %s%s
%s: connection id=% PRINTF_LLFMT d purged after FT timeout
Error, missing %s parameter
Bytes: max=%d avg=%.2f min=%d
Server is active.
%s: %s bridge: source=[%s:%s] target=[%s:%s]
Error, filter '%s' contains too many occurrences of %%s, max allowed is: %d
%s: created JNDI name '%s' for %s '%s'
Server is in standby mode.
%s: create %s failed: durable access denied for %s [%s].
%s: Destroyed producer (connid=% PRINTF_LLFMT d, sessid=%
PRINTF_LLFMT d, prodid=% PRINTF_LLFMT d) %s
ldap_simple_bind_s(, *******)

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 573
|

[%s] %s
Active server '%s' not found.
Backup server '%s' has connected.
Error in ldap_set_option: %s
%s:%s queue browser failed: access denied for queue [%s]
Ignoring inbound routed topic '%s', no corresponding topic.
%s: created user '%s'
Unable to initialize route: expected route name '%s', received '%s'.
Evaluation Software Notice: remaining uptime is %d minutes.
%s: created topic '%s'%s%s
Connected to LDAP server %s
Processed %d msgs
Error, LDAP is disabled
Configuration warning: file=%s, line=%d: illegal to use '.' in server name, replaced
with '_',
%s: %s %s '%s' administrative permissions: %s
Warning: statistics database memory exceeded limit
[%s@%s]: rejected connect from route: this shouldn't happen: route exists with no
zone setting
Rejected connect from route '%s' at %s, routing disabled.
Missing heartbeats from primary server '%s'.
Flow stall recovery request received, send to IO
Unable to initialize route '%s': route server returned: '%s'
RUNNING SWAPPER %d %d needed = %u!
Restoring consumer warning: zone of id %d does not exist in zone mapping
entries
Ignoring inbound routed queue '%s', no corresponding queue.
%s:%s queue browser failed: illegal to use reserved queue [%s]
%s: committed transaction %s
Trying to send flow stall recovery request for destination: %s
%s: destroyed connection % PRINTF_LLFMT d

TIBCO Enterprise Message Service User’s Guide

574
| Appendix C Error and Status Messages

ldap_search_s(%x, %s, %s, %s, [%s,%s,%s,NULL])

Allocating storage to minimum %s for store '%s', please wait.
%s:%s queue browser failed: invalid name of queue [%s]
%s: updated group '%s'
SS: Created subscriber to '%s' LB override=%d. tport='%s'
%s: destroyed message '%s'
Configuration warning: file=%s, line=%d: Use of Rendezvous import/export
settings via tibrv_... parameters has been deprecated. This feature is subject to
removal in the next release of this product. Please convert your configuration to
utilize 'import' and 'export' properties and using transports defined in
transports.conf configuration file.
Route '%s' disconnected, connection id=% PRINTF_LLFMT d
Logging into file '%s'
%s: create %s failed: access denied for %s [%s].
Unable to obtain message type number for imported SS message
Route Warning: host of this name does not exist: %s
%s: created queue '%s'%s%s
now timer fired
Breaking from remove thread for wantsLock!
%s: created JNDI name '%s' = '%s'
Metadata storage: '%s'.
Flow stall recover ack received for destination %s
Server rereading configuration.
Route '%s' sent resume request
Refrained from deleting configured durable '%s' even though application's
attributes differ from configuration
EXPIRE: msgs=% PRINTF_LLFMT d exp=% PRINTF_LLFMT d expd=%
PRINTF_LLFMT d int=% PRINTF_LLFMT d tm=% PRINTF_LLFMT d
Server of version %d.%d does not support flow stall recovery, do nothing.
%s: rotated log file.
Asynchronous storage: '%s'.
Created Routed Dynamic Queue '%s' from '%s'

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 575
|

Results of searching for dynamic groups:

Transaction for non-existent consumer: % PRINTF_LLFMT d connID=%
PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s
Error in ldap_unbind: %s
Rendezvous %s %s enabled.
[%s@%s]: route connect failed: invalid password
%s: updated topic '%s': %s
ldap_search_s(%x, %s, %s, %s, [%s, NULL])
Configuration warning: file=%s, line=%d: invalid option '%s' is ignored
Server is in standby mode for '%s'.
Error, references not supported
Acknowledging the flow stall recover request for destination %s:%s and resume
the flow
Failed to rename file, original file %s saved as file %s. Please rename the file
Route connect error: can not connect to route '%s' at '%s', error=%s.
Recovered %d message%s.
%s: deleted group '%s'
Start opening sync db
Start opening async db
Removed Routed Dynamic Queue '%s'
%s: %s bridge: source=[%s:%s] target=[%s:%s] selector='%s'
Error, zero entries returned from getting attributes for group '%s':
Warning: configuration file 'tibjmsd.conf' should be renamed to 'tibemsd.conf'.
Warning: [queue: %s]: dynamic routed queues are not supported.
Transaction for non-existent message: % PRINTF_LLFMT d connID=%
PRINTF_LLFMT d sessID=% PRINTF_LLFMT d %s
Route recovery of destination %s on route from %s failed, will try again: %s
[%s@%s]: route connect failed: route server not authorized.
Implicit route to [%s] already exists
%s: %s route '%s', URL=[%s]
Results of searching for static groups:

TIBCO Enterprise Message Service User’s Guide

576
| Appendix C Error and Status Messages

%s: Queue limit exceeded for queue '%s'.

%s: Topic limit exceeded for topic '%s'.
Implicit route to '%s' already exists.
%s: deleted rvcmlistener transport '%s' name '%s' dest '%s'
Evaluation Software Notice: remaining uptime is %d hours.
Secure Socket Layer is enabled, using %s
Using cryptographic module %s
Reserve memory reestablished, all client requests accepted. Pending msg count =
% PRINTF_LLFMT d
Msg recs processed = %d
ldap_search_s(%x, %s, %s, %s, [%s,%s,NULL])
(IO) Flow stalled on dest %s:%s from route of %s
Invalid specifications for route '%s' topic '%s'
%s: Created producer (connid=% PRINTF_LLFMT d, sessid=% PRINTF_LLFMT
d, prodid=% PRINTF_LLFMT d) %s
SS: Consumer subscribe to '%s' LB override=%d. tport='%s'
Routing is enabled.
Recovering state, please wait.
Files opened.
Starting msgPass.
Finished msgPass.
Administrator user not found, created with default password.
Route '%s' sent suspend request
%d batches, %.2f batches/sec
%s: purged queue '%s'
Error in ldap_search_s: %s
%s: created durable '%s'
Accepted license with limits: conns=%d hosts=%d hours=%d
USING %d memory
Continuing as active server.
VALIDATING STORE %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 577
|

[%s@%s]: rejected connect from route: route already connected

%s: purged topic '%s'
ldap_search_ext: %s
Flow control %s on %s '%s'
Accepting connections on %s.
Configuration warning: ignoring tibrvcm_import property set on %s '%s' because
it collides with tibrvcm_import property on %s '%s'
Warning: configuration file '%s' not found and has been created. All configuration
settings have been reset to defaults.
EXPIRE ERROR: oldCount=% PRINTF_LLFMT d found=% PRINTF_LLFMT d
walked=% PRINTF_LLFMT d
Shutdown complete.
Restarting now.
%s: Created %s%sconsumer%s%s%s%s (connid=% PRINTF_LLFMT d, sessid=%
PRINTF_LLFMT d, consid=% PRINTF_LLFMT d) on %s '%s'%s%s%s%s
Search completed successfully. Entries found: %d
Created routed dynamic queue '%s' for '%s'
%s: deleted durable '%s'
Part of the DN that matches an existing entry: %s
Purged %d connection%s.
Ignoring inbound routed topic '%s', local topic is not global.
%s: deleted user '%s'
%s: create %s failed: access denied for monitoring %s [%s].
Administrator group found with no members, added default member.
%s: updated user '%s'
SmartSockets transports are enabled.
Running in Temporary Destination Compliance mode.
ldap_search_s(%x, %s, %d, %s, [%s,NULL])
%s: %screated dynamic %s '%s'
Using %d threads for LDAP processing.
Routing is disabled.

TIBCO Enterprise Message Service User’s Guide

578
| Appendix C Error and Status Messages

%s: %s factory '%s'

INIT-EXPIRE: exp=%d mexp=% PRINTF_LLFMT d oldt=% PRINTF_LLFMT d
interval=%d
Error in ldap_initialize(%s)
Created dynamic %s '%s'
%s: Compacting %s %s with time limit %PRINTF_LLFMTd seconds
Error sending route query to '%s'.
%s: updated queue '%s': %s
Server name: '%s'.
Route configuration error: global queue '%s' from route '%s' collides, global
queues must be unique.
Route configuration error: routed queue '%s' from route '%s' is not global in '%s'.
Server shutting down.
Server preparing to restart.
Route configuration warning: global queue '%s' from route '%s' not configured on
local server
Flow stall recovery request received, recover consumer of id %u
Flow Control is enabled.
%s: deleted JNDI name '%s'
Clear (IO) flow stalled on dest %s:%s from route of %s
Removing route '%s', URL='%s': this route is duplicate, creates a loop or has
configuration errors
EXPIRE: giving up amid lock
Done opening async db
Error, invalid search scope: %s
Error in ldap_url_parse, returned: %d
%s: create %s failed: durable recreation access denied for %s [%s].
Ignoring inbound routed queue '%s', illegal queue.
key: '%s' value: '%s'
Connection to primary server '%s' has been lost.
Route connect error: failed connect to server '%s' at '%s'

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 579
|

%s: rolled back transaction %s

LDAP response resulting from checking existence:
ldap_parse_result: %s
Hostname IP address: %s
Flow stall recovery request received, after IO
%s: Connected, connection id=% PRINTF_LLFMT d, type: %s%s
%s: Reconnected, connection id=% PRINTF_LLFMT d, type: %s%s
Unable to initialize one hop route: One-hop routing is not supported for server
version %d.%d
Error, must provide static and/or dynamic group name attribute
Unable to initialize route, expected route name not received.
Stat: rate=%d cleanup=%d memory=%d
%s: Destroyed %sconsumer%s%s%s%s (connid=% PRINTF_LLFMT d, sessid=%
PRINTF_LLFMT d, consid=% PRINTF_LLFMT d) on %s '%s'
%s: Unsubscribed durable consumer '%s' due to administrator deleting durable
(consid=% PRINTF_LLFMT d) on topic '%s'
%s: Unsubscribed durable consumer '%s' due to user calling unsubscribe
(connid=% PRINTF_LLFMT d, consid=% PRINTF_LLFMT d) on topic '%s'
%s %s from %s: connID=% PRINTF_LLFMT d prodID=% PRINTF_LLFMT d
msgID='%s' %s mode=%s size=%d %s='%s'%s%s
ldap_search_s(%x, %s, %s, %s, [%s,%s,%s,%s,NULL])
ldap_search_s: %s
Error, filter '%s' too long, max length is %d characters
%s: deleted %s '%s'
Disallowing Rendezvous Certified Message listener '%s'
SS: Exporting EMS message: tport='%s', dest='%s', reply='%s' SSDelivery=%d,
LB=%d
Refrained from removing configured route durable '%s'
Authorization is enabled.
Rendezvous Advisory: %s
Refrained from removing durable for route '%s' due to configured durable

TIBCO Enterprise Message Service User’s Guide

580
| Appendix C Error and Status Messages

Configuration error: file=%s, line=%d: invalid value of option '%s'. Unable to

start.
%s: %sconnect failed: %s%s
unable to create connection with existing ID % PRINTF_LLFMT d
Synchronous storage: '%s'.
Clean all flow stalls for destination %s
Done opening sync db
%s: added user '%s' to group '%s'
ldap_search_s(%x, %s, %s, %s, [%s,%s,%s,%s,%s,%s,NULL])
Configuration warning: file=%s, line=%d: can not specify 'NONE' with other
options
%s: %s failed: access denied for %s [%s].
Process started from '%s'.
Clean flow stall for routed consumer of queue %s: no other remote consumers,
remove the stall
[%s@%s]: connect failed: reached maximum number of %s %d
Refrained from removing durable for route '%s' due to configured durable
LDAP Cache: User '%s' is a member of group(s):
LDAP Cache: Deleting cached record of user: '%s'
Client ID is too long.
Durable name is too long.
Durable name must be specified (connID=% PRINTF_LLFMT d)
Consumed Msg Hold Time is %d seconds.
A duplicate durable instance (conn=%s durable=%s dest=%s) was detected,
discarding old one
A duplicate connection with same client id (clientid=%s) detected, destroying old
conn (conn-id=%d)
Warning, deleting and recreating durable '%s' due to change in client attributes:
%s%s%s
Unable to build monitor message. Error code: %d - %s
Multicast is enabled.
%s: Multicast consumers require NO_ACKNOWLEDGE sessions: %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 581
|

%s: Multicast consumers require non-transacted sessions: %s

%s: Multicast consumer status: %s (consid=% PRINTF_LLFMT d)
%s: Multicast consumer status: %s (consid=% PRINTF_LLFMT d channel='%s')
[%s]: tx=% PRINTF_LLFMT d bytes, rtx=% PRINTF_LLFMT d bytes, buf=%
PRINTF_LLFMT d bytes
[%s@%s %s]: rcv=% PRINTF_LLFMT d bytes, lost=% PRINTF_LLFMT d, naks=%
PRINTF_LLFMT d, failed=% PRINTF_LLFMT d
%s
%s: JMX stats for store '%s' updated: %s
Route configuration: Adding topic '%s' for server %s
Route configuration: Sending %d topics to server %s at %s - %s
Route configuration: Sending topics to server %s at %s - %s
Route configuration: Sending queue '%s' to server %s at %s - %s
Route configuration: Sending queues to server %s at %s - %s
Route configuration: Processing topics from server %s at %s.
Route configuration: Processing queue '%s' from server %s at %s.
Route '%s' acknowledgment timer destroyed.
Route '%s' acknowledgment timer unknown event type.
Route '%s' acknowledgment timer send failed: %s
Route '%s' acknowledgment timer connection % PRINTF_LLFMT d not found.
Route configuration: Processing queues from server %s at %s.
Discarded incoming client message exceeding size limit: connID=%
PRINTF_LLFMT d, %s='%s', size=%d.
Configuration update failure: %s
Rolling back to configuration on disk.
Rollback failed: %s
Rollback succeeded.
%s property [%s].
%s configuration item:
%s status: %s
Illegal property get in _emsdConfigurationObjectProperty_GetStringValue.

TIBCO Enterprise Message Service User’s Guide

582
| Appendix C Error and Status Messages

Attempting to generate a search key for an unsearchable object (%s).

More than one result found searching route selectors route=%s topic=%s.
More than one result found searching alias %s=%s jndiName=%s.
Secondary override required for single file fault tolerance using \qlocalhost\q.
Secondary override required for single file fault tolerance on one host.
Secondary override requires a fault tolerant active url.
Secondary override requires a fault tolerant secondary active url.
Configured as fault tolerant secondary.
Configured as fault tolerant primary.
Unable to find group %s.
Detected Mixed mode configuration: Ignoring property %s file=%s, line=%d
Missing field %s from server object %s near line %d.
Invalid field detected in server object (%s), field (%s), at line %d.
%s will not complete until the server is restarted.
Detected unsupported password hash for user \q%s\q. The user's password may
need to be reset.
Ignoring request to remove an administrative user.
Ignoring request to remove the administrative group.
%s will not occur until fault tolerant failover or restart.
Ignoring unknown property %s.
Configuration error: file=%s, line=%d: ignoring rvcmlistener
Illegal configuration namespace set, %s=%s Expecting %s.
Failed to write file %s: (%s)
Error loading configuration: %s
Applying configuration changes.
Configuration update status: %s
Rollback unable to load file %s.
Initialized queue browser on '%s'%s%s%s
Creating store '%s' file '%s' ...
Converting %s format from %s to %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 583
|

First scan on '%s' is finished

Destination cursor id % PRINTF_LLFMT d %s slot %d
Client browsing mstore-based queue %s needs to be upgraded for optimum
performance.

Category Runtime Error in Fault-Tolerant Setup

Description In a fault-tolerant setup, error occurs at runtime.

Resolution Check the status of the both server (primary, standby). In case of both active, the
file store data may be corrupted already and we recommend shutting down both
servers and investigate the situation.

Errors Fault-tolerance error: Dual-Active server detected at: '%s'

The primary EMS server does not hold the lock on meta store
The standby EMS server could not find the specified meta store.
The primary EMS server name is %s while the standby EMS server name is %s.
The names must be the same
A backup EMS server (%s) is already connected to the primary EMS server
Fault Tolerant error (%s), can't create connection to '%s'.

Category Errors in Database Stores Setup

Description In a database stores setup, errors occuring at runtime

Resolution Check your database server vendor and database administrator for failures
occuring during writes,deletes,reads of different records, for failures occuring
during database store open check with the database administrator for
permissions and the existence of the database. For failures occuring during a FT
setup where all the stores are database stores, please check with the database
server vendor or database administrator. In the case where both are active, we
recommend shutting down both the servers and investigating the problem.

Errors Unable to open store [%s]: [ ESTATUS = %d, ERRSTR = %s ]

Failed to store message record in store [%s]: [ ESTATUS = %d, ERRSTR = %s ]
Failed to write ack record in store [%s]: [ ESTATUS = %d, ERRSTR = %s ]
Failed to write txn record in store [%s]: [ ESTATUS = %d, ERRSTR = %s ]

TIBCO Enterprise Message Service User’s Guide

584
| Appendix C Error and Status Messages

Failed to update txn record in store [%s]: [ ESTATUS = %d, ERRSTR = %s ]

No memory to create no hold list for valid msgs record
No memory to create hold list for valid msgs record
No memory to create held list for valid msgs record
Failed to write valid msg record in store [%s]: [ ESTATUS = %d, ERRSTR = %s ]
Failed to update msg record with record id [% PRINTF_LLFMT d] in store [%s]: [
ESTATUS = %d, ERRSTR = %s ]
Failed to delete %s record id = % PRINTF_LLFMT d : [ ESTATUS = %d, ERRSTR =
%s ]
Failed to read message with store id = % PRINTF_LLFMT d: [ ESTATUS = %d,
ERRSTR = %s ]
Failed to initialize dbstore [%s]: [ ERRSTR = %s ]
Failed to open store [%s], error = %s
Unable to restore %s records from store [%s]: [ ESTATUS = %d, ERRSTR = %s ]
Failed to delete meta record: [ ESTATUS = %d, ERRSTR = %s ]
Failed to beginTransaction: [ ESTATUS = %d, ERRSTR = %s ]
Failed to read message with store id = % PRINTF_LLFMT d: [ ESTATUS = %d,
ERRSTR = %s ]
Store [%s] locked by server %s
Store [%s] cannot be locked by server %s
Failed to store txn record: [ txn id = % PRINTF_LLFMT d, ESTATUS = %d ]
Failed to update txn record: [ txn record id = % PRINTF_LLFMT d, ESTATUS =
%d ]
Exception while processing msg from database store [%s], error = %d
Failed to write meta record: [ ESTATUS = %d, ERRSTR = %s ]
Failed to update meta record: [ ESTATUS = %d, ERRSTR = %s ]
Failed to write connection record: error = %d
Failed to write session record: error = %d
Failed to write consumer record: error = %d
Failed to write producer record: error = %d
Failed to write zone record: error = %d
Failed to update connection record: error = %d

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 585
|

Failed to update consumer record: error = %d

Failed to write purge record: [ ESTATUS = %d, ERRSTR = %s ]
Commit Transaction Failed [ ESTATUS = %d, ERRSTR = %s ]
No Memory to create lock manager: Store [%s] cannot be locked by server %s
Could not find system record for store [%s]

Category Multicast Daemon Status Codes and Errors

Description Errors occuring in the Multicast Daemon.

Resolution Check the configuration of the Multicast Daemon and Server, as well as the health
of the network.

Errors Interface IP address: %s

[%s] Connection created, connid=% PRINTF_LLFMT d
Error: Unable to set channel property \q%s\q=% PRINTF_LLFMT d
[%s] Created consumer consid=%PRINTF_LLFMTd connid=%PRINTF_LLFMTd
topic=\q%s\q
Multicast Daemon Id=%s
Statistics enabled on a %d second interval.
Statistics disabled.
Rotating log from %s to %s
Memory allocation error, possible data loss.
Unrecoverable PGM error rc=%d, reason=%s
Could not parse configuration file \q%s\q
Interface IP address: %s
Tracing enabled.
Tracing disabled.
refused new connection with existing ID % PRINTF_LLFMT d
[%s] Connection destroyed, connid=%PRINTF_LLFMTd
Error sending to consid=%PRINTF_LLFMTd connid=%PRINTF_LLFMTd from
channel \q%s\q: %s
%s, status=%s

TIBCO Enterprise Message Service User’s Guide

586
| Appendix C Error and Status Messages

Attached channel \q%s\q to consumer consid=%PRINTF_LLFMTd

connid=%PRINTF_LLFMTd
Error attaching channel \q%s\q to consumer consid=%PRINTF_LLFMTd
connid=%PRINTF_LLFMTd
Detaching channel \q%s\q from consumer consid=%d connid=%d
Destroying consumer consid=%PRINTF_LLFMTd connid=%PRINTF_LLFMTd
Channel configuration from server does not match existing channel \q%s\q
Ignoring additional PGM receiver created on group \q%s\q, dport=%d,
sport=%d, channel=%s
Created channel: \q%s\q
Error: %s is not a valid multicast-capable IP address. Use the -ifc command line
parameter to specify a valid interface.

Category General Multicast Status Codes and Errors

Description General multicast errors that can occur in the Server and Multicast Daemon.

Resolution Check the configuration of the Multicast Daemon and Server, as well as the health
of the network.

Errors PGM ERROR: %s - %s (%d)

PGM ERROR: channel=\q%s\q - %s (%d)
Error setting PGM parameter %s=%u: %s (%d)
Error setting PGM parameter %s=\q%s\q: %s (%d)
Error getting PGM parameter \q%s\q: %s (%d)
Error getting PGM statistic \q%s\q: %s (%d)
Received an invalid EMS Message.
Received a message spanning mulitple fragments.
PGM Session was reset for channel \q%s\q, PGM seqno=%PRINTF_LLFMTd,
code=%c
Stopped receiving on channel \q%s\q
Started receiving on channel \q%s\q
Error receiving on channel \q%s\q
Stopped sending on channel \q%s\q

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 587
|

Started sending on channel \q%s\q

Error creating sender on channel \q%s\q: %s

Category Multicast channel allotted bandwith exceeded.

Description Indicates that a multicast channel's allotted bandwidth has been exceeded.

Resolution Either slow down the publisher(s), enable flow control, or increase the multicast
channel's allotted bandwidth by increasing the channel's maxrate property or
increasing the server's multicast_reserved_rate property.

Errors Multicast channel \q%s\q has exceeded its allotted bandwidth

Category Store file format mismatch

Description The store files specified were created from a different version of EMS that is not
supported by this version.

Resolution Revert to use the version of EMS that created the store file or locate the store file
conversion tool and use it to convert the store file to this version.

Errors Unsupported store format: %s (%d)

Category Recovery errors

Description An error occurred during the recovery process.

Resolution If you are not able to fix the problem and need to restart the system, make a
backup of the store files and restart the server with the '-forceStart' command line
parameter. The server will then attempt to start regardless of errors (expect
out-of-memory errors). In this mode, application messages and/or internal
records causing problems (due to file corruption or other) will be deleted.
Therefore, dataloss is likely to occur, so this command line parameter should be
used with extreme caution and only after understanding the consequences. A
copy of the store files can be sent to TIBCO Support for post-mortem analysis.

Errors The recovery process stopped while processing a '%s' record (id=%
PRINTF_LLFMT d), error: %d - %s. Check the section 'Problems on Startup' from
chapter 'Running the EMS Server' in the User's Guide before attempting to restart
the server

TIBCO Enterprise Message Service User’s Guide

588
| Appendix C Error and Status Messages

The recovery process stopped while processing a '%s' record (id=%

PRINTF_LLFMT d) due to an out-of-memory condition. Ensure that the system
can allocate sufficient memory to the EMS Server process before restarting it
Unable to get the session's context handle for %s record: %d - %s
Unable to get the list iterator for %s record
Unable to get next element from list for %s record
Unable to create %s object, no memory
Error occured while processing %s record id=% PRINTF_LLFMT d (%s) - Unable
to reconstruct message: %d - %s
Unable to recreate zone '%s': %d - %s
Unable to add zone '%s' to the system: %d - %s
Zone '%s' is defined as type '%s' in configuration but also is defined as type '%s' in
meta.db
Unable to recreate connection id=% PRINTF_LLFMT d: %d - %s
Discarding session id=% PRINTF_LLFMT d because the connection id=%
PRINTF_LLFMT d was not recovered. Recovery continues
Unable to recreate session id=% PRINTF_LLFMT d with connection id=%
PRINTF_LLFMT d: %d - %s
Unable to recreate consumer id=% PRINTF_LLFMT d with connection id=%
PRINTF_LLFMT d and session id=% PRINTF_LLFMT d: invalid destination: %s
No memory to create destination for consumer id=% PRINTF_LLFMT d
Discarding consumer id=% PRINTF_LLFMT d on destination '%s' because
connection id=% PRINTF_LLFMT d was not restored. Recovery continues
Discarding consumer id=% PRINTF_LLFMT d on destination '%s' and connection
id=% PRINTF_LLFMT d because session id=% PRINTF_LLFMT d was not
restored. Recovery continues
No memory to recreate consumer id=% PRINTF_LLFMT d
Failed to build import selectors for consumer id=% PRINTF_LLFMT d: %d - %s
Failed to read import selectors for routed consumer id=% PRINTF_LLFMT d: %d
- %s
Discarding durable id=% PRINTF_LLFMT d (connection id=% PRINTF_LLFMT
d) on destination '%s' because the durable name is not specified. Recovery
continues
Unable to recreate producer id=% PRINTF_LLFMT d with connection id=%
PRINTF_LLFMT d and session id=% PRINTF_LLFMT d: invalid destination: %s

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 589
|

No memory to create destination for producer id=% PRINTF_LLFMT d

Discarding producer id=% PRINTF_LLFMT d on destination '%s' because
connection id=% PRINTF_LLFMT d was not restored. Recovery continues
Discarding producer id=% PRINTF_LLFMT d on destination '%s' with connection
id=% PRINTF_LLFMT d because session id=% PRINTF_LLFMT d was not
restored. Recovery continues
Unable to recreate purge record: invalid destination: %s
Unable to recreate purge record for destination %s: %d - %s
Error creating message for transaction record: %d - %s
Error creating message's store structure for transaction record: %d - %s
Unable to recover transaction record: transaction id missing: %d - %s
Unable to recover transaction id=% PRINTF_LLFMT d: %d - %s
Unable to recover ack record (txid=% PRINTF_LLFMT d, consid=%
PRINTF_LLFMT d, seqid=% PRINTF_LLFMT d, location=%s): %d - %s
Unable to recover ack record, cannot create message: %d - %s
Unable to recover sequence numbers from valid record: %s
Unable to recover message, can not create lock: %d - %s
Unable to restore held message from store, (location=%s) no memory
Unable to restore message sequence=% PRINTF_LLFMT d: (location=%s) %d - %s
No memory to create destination for message
Inconsistency restoring routed message sequence=% PRINTF_LLFMT d
No memory to restore routed message sequence=% PRINTF_LLFMT d
Persisted message possibly corrupted: %s
Error creating message's store structure: %d - %s

Category Mstore errrors

Description An error occurred using an Mstore database file.

Errors Unable to open store %s: %s: %d (%s).

Wrong schema version. Found %d, expected %d.
Schema creation failed: '%s' error: %d %s
Unable to reset a statement (%s): %s.

TIBCO Enterprise Message Service User’s Guide

590
| Appendix C Error and Status Messages

Unable to step a statement (%s): %s: %d.

Store %s: %s: bind fail: %d.
Store %s: Fail retrieving consumer interest: %d.
Store %s: Fail retrieving msg interest info: %s.
Store %s: Fail writing transaction record: %s.
Store %s: Fail reading data: %s.
Store %s: Fail reading topic message: %s.
Store %s: Fail marking topic message non-pending: %s.
Store %s: Fail reading next topic message: %s.
Store %s: Fail reading queue message: %s.
Store %s: Fail getting next queue message: %s.
Store %s: Fail marking queue message non-pending: %s.
Store %s: Fail writing transaction info: %s.
Store %s: Fail deleting transaction acks: %s.
Store %s: Fail recording transaction msg: %s.
Store %s: Fail recording transaction acks: %s.
Store %s: Fail deleting ack: %s.
Store %s: Fail completing transaction: %s.
Store %s: Too many entries in memory message interest.
Store %s: Invalid message interest for destination % PRINTF_LLFMT d.
Store %s: Invalid destination read.
Store %s: Failure restoring transaction: %s.
Store %s: Failure restoring transaction msg: %s.
Store %s: Failure restoring transaction ack: %s.
Store %s: Failure resetting topic: %s.
Store %s: Correct functioning cannot be guaranteed due to mstore failure.
Exiting.
Failed writing to mstore: I/O error or out of disk space.

Category Dynamic Module Loading Errors

TIBCO Enterprise Message Service User’s Guide

 Error and Status Messages 591
|
Description An error occurred when loading or using a shared library module.

Resolution Module loading is affected by the presence of shared libraries in the module path.
Use the +load tracing flag to get more information about how the server is
loading modules. See the section on Starting the EMS Server for more details.

Errors Problem loading %s: %s

Unknown problem loading %s.
Loaded %s
Problem binding %s: %s
Unknown problem binding %s.
Unable to locate %s
Fatal error: Returned from exec(), errno = %d
OpenSSL library version mismatch

Category FIPS 140-2 Mode Errors

Description An error occurred while starting or running the server in FIPS 140-2 compliant
mode.

Resolution Check the configuration of SSL related parameters to make sure that no
incompatible ciphers or operations are requested.

Errors Cannot specify ldap_tls_cipher_suite in FIPS 140-2 mode.

Cannot specify ldap_tls_rand_file in FIPS 140-2 mode.
Cannot specify SSL cipher list in FIPS 140-2 mode.
Cannot specify random data source file in FIPS 140-2 mode.
Cannot specify ssl_dh_size in FIPS 140-2 mode.
Cannot specify ssl_server_ciphers in FIPS 140-2 mode.
Cannot specify ssl_rand_file in FIPS 140-2 mode.

Category Exceeded system resources.

Description The system resources are inadequate for timely processing of server activities.

Resolution Increase the specified resource or reduce the workload on this server.

TIBCO Enterprise Message Service User’s Guide

592
| Appendix C Error and Status Messages

Errors Slow clock tick %d, delayed messaging and timeouts may occur.

Category Transaction action while previous action is incomplete.

Description State-modifying action is requested on a transaction for which another such

action is being processed.

Resolution Send details of the error and the situation in which it occurred to TIBCO Support.

Errors Cannot request second state change for transaction while the first request is in
progress (%d, %d) %s.
Unexpected request to roll xa txn forward with previous operation (%d)
incomplete: %s.
Unexpected request to roll xa txn back with previous operation (%d) incomplete:
%s.
Unexpected request to prepare xa txn with previous operation (%d) incomplete:
%s.
Unexpected request to commit xa txn with previous operation (%d) incomplete:
%s.
Unexpected request to commit session with previous operation (%d) incomplete.

Category Transaction timeout.

Description Transaction not completed before timeout. Offending transaction is discarded.

Resolution Most likely, transaction manager error prevented it from advancing this
transaction in a timely manner. Verify correct operation of the transaction manner.

Errors Rollback due to timeout on unprepared transaction. connID=% PRINTF_LLFMT

d %s

TIBCO Enterprise Message Service User’s Guide

 | 593

Index

Symbols bridges 79
bridges.conf file 223
.NET
assembly version 309
programmer’s checklist 308
$sys.redelivery.delay 67 C
C
programmer’s checklist 303
A c#
assembly version 309
acknowledgement 38 programmer’s checklist 308
acl.conf file 222 certificates
add member command 120 file names 445
addprop factory command 120 changes from the previous release of TIBCO Enter-
addprop queue command 120 prise Message Service User’s Guide xxvi
addprop route command 121 channel property 56
addprop topic command 121 channels
admin detailed statistics 437
connect 122 channels.conf file 224
password 110 cipher suites
user 118 .NET clients 457
admin user 110 Java clients 454
administrator client tracing 205
assign password 118 CLIENT_ACKNOWLEDGE mode 38, 39
anonymous client_heartbeat_server parameter 194
user and security 110 client_timeout_server_connection parameter 196
architecture client_trace parameter 205
multicast 364 cm_name parameter 382
authorization parameter 184 command line options
AUTO_ACKNOWLEDGE mode 38, 317 multicast 352
autocommit command 121 commit command 121
compact command 122
compiling samples 89
compliant_queue_ack parameter 184
B compression, message 37
configuring
bandwidth external directory for authentication 261
managing multicast 360 LDAP 261

TIBCO Enterprise Message Service User’s Guide

594
| Index
connect delete bridge command 126
admin 122 delete connection command 126
connect command 122 delete durable command 126
connection factories 312 delete factory command 127
parameters 228 delete group command 127
connectivity delete jndiname command 127
multicast 358 delete message command 127
console_trace parameter 205 delete queue command 127
consumers delete route command 127
detailed statistics 437 delete rvcmlistener command 127
conventions delete subscriber 126
naming 119 delete topic command 128
conversion, data type 44 delete user command 128
create bridge command 123 deployment considerations
create durable command 123 multicast 358
create factory command 123 destination
create group command 123 bridges 79
create jndiname command 124 destination bridges
create queue command 124 flow control 86
create route command 124 destination properties 55
create rvcmlistener command 125 destination_backlog_swapout parameter 190
create topic command 125 detailed statistics 437
create user command 125 detailed_statistics parameter 207
customer support xxxii disabled security 109
disconnect command 128
distributed transactions 13
DTC 13
D dual-state failover 469
DUPS_OK_ACKNOWLEDGE mode 38, 40
daemon parameter 382 durable subscriber 5, 132, 132
data type conversion 44 extensible security 280
database store files durables.conf file 227
Schema Export Tool 293 dynamic destinations 50
database stores 286 creating 320
configuring 287 dynamically creating destinations
in stores.conf 289 wildcards 76
in tibemsd.conf 288
dbstore_classpath parameter 288
dbstore_driver_dialect parameter 289
dbstore_driver_name parameter 289 E
deadlock
flow control 86 echo command 128
default_ttl parameter 382 EMS server
definitions of properties 55 starting 102
delete all command 126 stopping 104

TIBCO Enterprise Message Service User’s Guide

 Index 595
|
emsntsrg 105 flow control 84
error recovery policy 108 enforcing 84, 84
exception listener 318 threads and deadlock 86
exclusive property 56 with destination bridges 86
exit command 129 with multicast 85
expiration property 57 with routes 85
EXPLICIT_CLIENT_ACKNOWLEDGE mode 39, 39, flow_control parameter 185
39, 39 flowControl property 58, 84
EXPLICIT_CLIENT_DUPS_OK_ACKNOWLEDGE ft_activation parameter 197
mode 40, 40 ft_active parameter 196
explicit_config_only parameter 382 ft_heartbeat parameter 197
export ft_reconnect_timeout parameter 197
topic property 58 ft_ssl_auth_only parameter 197
export property 58 ft_ssl_ciphers parameter 200
export_headers parameter 383 ft_ssl_expected_hostname parameter 200
export_properties parameter 383 ft_ssl_identity parameter 198
extensible security ft_ssl_issuer parameter 198
parameters 218 ft_ssl_password parameter 198
ft_ssl_private_key parameter 198
ft_ssl_rand_egd parameter 199
ft_ssl_trusted parameter 199
F ft_ssl_verify_host parameter 199
ft_ssl_verify_hostname parameter 199
factories.conf file 228
failover
dual state 469
non-shared state 462 G
shared state 471
shared state overview 462 global property 59
unshared state 468 grant admin command 130
fault tolerance 12, 461 grant queue command 129
fault-tolerant switchover 27, 479, 495 grant topic command 130
fault-tolerant URL 229, 230 group 261
file names groups.conf file 233
certificates and keys 445
file-based stores 29
files, sample 88, 88
FIPS H
fips140-2 parameter 212
FIPS 140-2 459 help command 131

TIBCO Enterprise Message Service User’s Guide

596
| Index

I K
ibrvcm.conf file 241 key
import file names 445
queue property 59
topic property 59
import property 59
info command 131 L
inheritance 77
property 77 LDAP 261
inheritance of property 50 ldap_all_groups_filter parameter 217
intervals ldap_all_users_filter parameter 216
mstore 32 ldap_cache_enabled parameter 213
ldap_cache_ttl parameter 213
ldap_conn_type parameter 213
ldap_credential parameter 212
J ldap_dynamic_group_attribute parameter 218
ldap_dynamic_group_class parameter 217
jaas_classpath parameter 218 ldap_dynamic_member_url_attribute parameter 218
jaas_config_file parameter 218 ldap_group_base_dn parameter 216
jaas_login_timeout parameter 219 ldap_group_filter parameter 216
jaas.conf file 234 ldap_group_scope parameter 216
jaci_class parameter 219 ldap_principal parameter 212
jaci_classpath parameter 219 ldap_static_group_attribute parameter 217
jaci_timeout parameter 220 ldap_static_group_class parameter 217
Java ldap_static_member_attribute parameter 217
programmer’s checklist 302 ldap_tls_cacert_dir parameter 213
JMS_TIBCO_SS_CORRELATION_ID property 416 ldap_tls_cacert_file parameter 213
JMS_TIBCO_SS_DELIVERY_MODE property 416 ldap_tls_cert_file parameter 214
JMS_TIBCO_SS_EXPIRATION property 416 ldap_tls_cipher_suite parameter 214
JMS_TIBCO_SS_LB_MODE property 416 ldap_tls_key_file parameter 214
JMS_TIBCO_SS_MESSAGE_ID property 416 ldap_tls_rand_file parameter 214
JMS_TIBCO_SS_PRIORITY property 416 ldap_url parameter 212
JMS_TIBCO_SS_SENDER property 415 ldap_user_attribute parameter 215
JMS_TIBCO_SS_SENDER_TIMESTAMP property 416 ldap_user_base_dn parameter 215
JMS_TIBCO_SS_SEQ_NUM property 416 ldap_user_class parameter 215
JMS_TIBCO_SS_TYPE_NUM property 416 ldap_user_filter parameter 215
JMS_TIBCO_SS_USER_PROP property 416 ldap_user_scope parameter 215
jre_library parameter 220 ledger_file parameter 382
jre_option parameter 220 length limitations
JVM naming conventions 119
parameters 220 library files 304
linking 304
load balancing 4, 57, 79, 233, 336, 405
load balancing URL 229, 230

TIBCO Enterprise Message Service User’s Guide

 Index 597
|
log_trace parameter 204 multicast
logfile parameter 204 architecture 364
logfile_max_size parameter 204 backwards compatibility 349
command line options 352
connectivity 358
daemon 351
M daemon errors 375
deployment considerations 358
MapMessage 22, 330 determining network capacity 369
definition 22, 330 example 98
max_client_msg_size parameter 191 example deployment 364
max_connections parameter 191 flow control 85
max_msg_memory parameter 191 managing bandwidth 360
max_stat_memory parameter 207 restricting traffic 360
maxbytes property 60 server errors 376
maxmsgs property 61 wildcards 75
maxRedelivery property 61 multicast daemon
message errors 375
acknowledgement 38 multicast parameter 201
compression 37 multicast troubleshooting 373
maximum size 22 connectivity 374
selectors 41 data loss 374
tracing 428 general tips 373
message listener 45 multicast_channels parameter 201
message pool 193 multicast_daemon_default parameter 201
messaging model multicast_statistics_interval parameter 202
multicast 5 multiple stores 29
point-to-point 3
publish and subscribe 4
MS DTC 13
msg_pool_block_size parameter 193 N
msg_pool_size parameter 193
msg_swapping parameter 192 name length limitations 119
mstore 30 naming conventions 119
intervals 32 network parameter 381
multicasat NO_ACKNOWLEDGE mode 39, 39, 39
messaging model 5 No-Acknowledgement Receipt Mode 39
non-shared state 462
implementing 482
npsend_check_mode parameter 185

TIBCO Enterprise Message Service User’s Guide

598
| Index

O properties
channel 56
options definitions 55
tibemsadmin 116 exclusive 56
overflowPolicy property 62 expiration 57
export 58
flowControl 58
global 59
P import 59
maxbytes 60
password maxmsgs 61
admin 110 maxRedelivery 61
setting 118, 134 overflowPolicy 62
password parameter 186 prefetch 65
permission queue 55
protection 255 redeliverydelay 67
secure property and 68 secure 68
persistent messages 26 sender_name 69
in queues 26 sender_name_enforced 69
in topics 26 store 70
synchronous fle storage 27 topic 55
PGM 5 trace 71
point-to-point property 16, 16, 16, 16
example 92 export 58
messaging model 3 import 59
policy.1.0 309 inheritance 50, 77
prefetch property 65 protection permissions 255
producers publish and subscribe
detailed statistics 437 example 93
programmer checklists 302 messaging model 4
C 303 purge all queues command 131
C# 308 purge all topics command 132
Java 302 purge durable command 132
purge queue command 132
purge topic command 132

Q
queue import property 59
queue limit policy 380
queue properties 55
queue property list 55
queue_import_dm parameter 383

TIBCO Enterprise Message Service User’s Guide

 Index 599
|
queues Schema Export Tool 293
delayed message redelivery 67 secure property 68
dynamic 50 secure property and permission 68
routed 504 security
static 50 and anonymous user 110
temporary 50 disabled 109
undelivered messages 20 main configuration file 257
queues.conf file 234 selectors, message 41
sender_name property 69
sender_name_enforced property 69
server
R starting 102
stopping 104
rate_interval parameter 206 server parameter 187
redeliverydelay property 67 server_heartbeat_client parameter 196
remove member command 132 server_heartbeat_server parameter 195
removeprop factory command 132 server_rate_interval parameter 206
removeprop queue command 132 server_timeout_client_connection parameter 195
removeprop route command 133 server_timeout_server_connection parameter 195
removeprop topic command 133 service parameter 381
request_old parameter 382 set password command 134
reserve memory 192 set server command 135
reserve_memory parameter 192 setprop factory command 141
restricting multicast traffic 360 setprop queue command 141
resume route command 133 setprop route command 142
revoke admin command 133 setprop topic command 142
revoke queue command 133 shared state 471
revoke topic command 134 process 464
rotatelog command 134 show bridge command 142
round-robin queue (non-exclusive) 57 show bridges command 143
routes show config command 145
detailed statistics 437 show connections command 148
flow control 85 show db command 151
zone 490 show durable command 151
routes.conf file 235 show durables command 152
rv_tport parameter 382 show factories command 153
RVCM parameters 382 show factory command 153
show group command 154
show groups command 154
show jndiname command 153
S show jndinames command 154
show members command 154
sample files 88, 88 show message command 155
samples show messages command 155
compiling 89 show parents command 155

TIBCO Enterprise Message Service User’s Guide

600
| Index
show queue command 156 statistics 436
show queues command 157 statistics parameter 206
show route command 158 statistics_cleanup_interval parameter 207
show routes command 158 stopping the EMS server 104
show rvcmlisteners command 159 store files
show rvcmtransportledger command 159 configuring database stores 287
show server command 159 configuring multiple stores 31
show stat command 160 database stores 286
show store command 161 defaults 30
show stores command 163 file-based stores 29
show topic command 163 mstore intervals 32
show topics command 164 show store command 161
show transactions command 166 show stores command 163
show transport command 167 store parameter 189
show transports command 167 store property 70
show user command 167 store_minimum parameter 189
show users command 168 stores
showacl admin command 168 multiple stores 29
showacl group command 168 stores.conf
showacl queue command 168 database store configuration 289
showacl topic command 168 stores.conf file 237
showacl user command 169 subject collisions 387
shutdown command 169 subscriber 266, 266
socket_receive_buffer_size parameter 194 delete 126
socket_send_buffer_size parameter 193 durable 132, 132
SSL support, contacting xxxii
server parameters 208 suspende route command 169
ssl_auth_only parameter 211 swapping
ssl_cert_user_specname parameter 209 msg_swapping parameter 192
ssl_crl_path parameter 211 sync_ledger parameter 382
ssl_crl_update_interval parameter 211
ssl_dh_size parameter 208
ssl_password parameter 210
ssl_rand_egd parameter 211 T
ssl_require_client_cert parameter 208
ssl_server_ciphers parameter 208 tcp 91, 122, 313
ssl_server_identity parameter 209 technical support xxxii
ssl_server_issuer parameter 210 temp_destination_timeout parameter 384
ssl_server_key parameter 210 temporary queues 50
ssl_server_trusted parameter 211 temporary topics 50
ssl_use_cert_username parameter 208 threads
starting the EMS server 102 flow control 86
startup_abort_list parameter 187 TIBCO_HOME xxix
static queues 50 tibemsadmin
static topics 50 options 116

TIBCO Enterprise Message Service User’s Guide

 Index 601
|
tibemsd 304, 308 unshared state
tibemsd.conf configuring clients 482
database store configuration 288 configuring servers 477
tibemsd.conf file 173 process 468
tibemsmcd 351 specifying URLs 483
tibemsMsg_GetStringProperty 331, 331 updatecrl command 170
tibemsMsg_SetBooleanProperty 331, 331 url formats 229, 230
tibrv_transports parameter 202 user 260
tibrv_xml_import_as_string parameter 202 admin 110
tibss_config_dir parameter 203 externally authenticated 261
tibss_transports parameter 203 user admin 118
time command 169 user_auth parameter 188
topic export property 58 users.conf file 245
topic import property 59
topic properties 55
topic property list 55
topic_import_dm parameter 383 W
topics
dynamic 50 whoami command 170
routed 499 wildcards 74
static 50 in dynamically created destinations 76
temporary 50 in queues 75
topics.conf file 241 in topics 75
trace property 71
trace_client_host parameter 206
tracing 428
client 205 Z
trace options 424
track_correlation_ids parameter 200 zones 490
track_message_id parameter 200
transaction commit command 170
transaction rollback command 170
transactions 13
transports.conf file 242
type conversion 44
type parameter 381

U
undelivered message queue 20
UNIX system
using for user authentication 261

TIBCO Enterprise Message Service User’s Guide