Connecting IBM Websphere MQ Queue from WSO2 ESB

Connecting to a IBM Websphere MQ queue via WSO2 ESB is pretty straight forward. There are two approaches you can adopt.

1. Connect with com.sun.jndi.fscontext.RefFSContextFactory as the initial context factory with .bindings file to specify the connection parameters.
2. Connect with com.ibm.mq.jms.context.WMQInitialContextFactory as the initial context factory.

Connecting with approach 1 is fully described in WSO2 ESB Documentation. What I'd like to describe here are the niceties when connecting using approach 2.

Basic Configuration

When using approach two, your axis2.xml inside the <ESB_HOME>/repository/conf/axis2/ folder should have something similar to the following.

    <transportReceiver name="jms" class="org.apache.axis2.transport.jms.JMSListener">          
     <parameter name="ibmQueueConnectionFactory" locked="false">

   <parameter name="java.naming.factory.initial" locked="false">
       com.ibm.mq.jms.context.WMQInitialContextFactory
      </parameter>

   <parameter name="java.naming.provider.url" locked="false">
       10.100.0.183:1415/testsc
      </parameter>

   <parameter name="transport.jms.ConnectionFactoryJNDIName" locked="false">
       testqm
      </parameter>

   <parameter name="transport.jms.ConnectionFactoryType" locked="false">
       queue
      </parameter>

   <parameter name="transport.jms.Destination">testq</parameter>

   </parameter>

    </transportReceiver>

You would be connecting to a channel on IBM Websphere MQ server and the provider URL should be of the following form.

<ip of the host that runs the JMS broker>:<port>/<channel_id>

e.g. 10.100.0.183:1415/testsc

The 'ConnectionFactoryJNDIName' should be the name of the queue manager in IBM MQ. The destination will be the name of the queue you are connecting to.

Security

When connecting to IBM MQ, you can setup channel security. One parameter that will be authenticated is the MCA user-id field. You can find more information here. If you do not specifically enforce security configurations, any client that connects with a blank username will be allowed to connect to the channel. However, when connecting via the ESB, the username of the user who started the JVM will be submitted as the MCA user-id field. This would result in IBM 2035 MQRC_NOT_AUTHORIZED error. To get rid of this error, you can set the MCA user-id for a channel via the IBM Websphere MQ Explorer to a user that is authorized. This would ensure that any client connections for that particular channel will be processed under the user-id specified in the channel configuration.

Tuning

Most of the time, the default number of concurrent consumers will not be enough to considerable performance. To fix this, you can add the following configurations to ESB.

Create a directory named 'conf' inside ESB product home directory and create a file named 'jms.properties'. Please note that these configuration files need to be named in lowercase exactly as specified. Then add the following two parameters.

snd_t_core=200

snd_t_max=250

If you are using a proxy as the JMS listener, use the following parameters for that proxy as well.

<?xml version="1.0" encoding="UTF-8"?>

<proxy xmlns="http://ws.apache.org/ns/synapse"

       name="JmsProxy"

       transports="https http jms"

       startOnLoad="true"

       trace="disable">

   <description/>

   <target>

       .....

   </target>

   <parameter name="transport.jms.ConcurrentConsumers">100</parameter>

   <parameter name="transport.jms.ConnectionFactory">ibmQueueConnectionFactory</parameter>

   <parameter name="transport.jms.Destination">testq</parameter>

   <parameter name="transport.jms.MaxConcurrentConsumers">100</parameter>

</proxy>

Additionally, in the queue manager of IBM MQ, you need to increase the limits Max. Active Channels and Max. Current Channels. The default value is 100 which will not be enough if we are connecting with more than 100 concurrent JMS consumers.