Update for MQ 9.3.5

Author: ibmmqmet

CHANGES.md

@@ -1,6 +1,14 @@
 # Changelog
 Newest updates are at the top of this file
 
+## 3.2.3 (2024-02-26)
+- Update Spring dependencies
+- Update to MQ 9.3.5.0
+- Add "token" property for JWT authentication
+- Add "reconnectTimeout" property
+- Restructure simplifies SSLBundle processing, now that we do not need to cope with Spring 2.
+- Remove default userid/password to match removal in MQ Developer images
+
 ## 2.7.18 and 3.2.1 (2024-01-10)
 - Update Spring dependencies
   NOTE: Spring Boot 2 has now reached its end of non-commercial service life. 

README.md

@@ -21,13 +21,7 @@ mechanism and has tasks that can push compiled jars to either a local repository
 Maven Central. When signing/authentication of modules is required, use the `gradle.properties.template` file as a
 starter for your own `gradle.properties`.
 
-Java 17 is required as the compiler level when building this package, as that is the baseline for Spring 3. Compiler
-directives are used to build the Spring 2 version as compatible with the older Java 8 runtime.
-
-The script builds modules for both the JMS2 and JMS3 standards. The JMS3 (Jakarta) variant is the primary source. The
-older JMS2 version does not have a separate source tree in this repository. Instead, the source is generated
-automatically during the build process, by simply changing package names in the JMS3 code. The created jar files have
-the same names, but different version numbers.
+Java 17 is required as the compiler level when building this package, as that is the baseline for Spring 3. 
 
 ### Spring Boot Applications
 
@@ -52,7 +46,8 @@ Maven:
 </dependency>
 ```
 
-**Note** This repository and the corresponding Maven Central artifacts require either Spring Boot 2 or 3.
+**Note** This repository and the corresponding Maven Central artifacts requires Spring Boot 3. Maven
+Central continues to provide older versions that work with Spring Boot 2.
 
 ## Design Approach
 
@@ -92,25 +87,33 @@ The default attributes are
     ibm.mq.queueManager=QM1
     ibm.mq.channel=DEV.ADMIN.SVRCONN
     ibm.mq.connName=localhost(1414)
-    ibm.mq.user=admin
-    ibm.mq.password=passw0rd
+    ibm.mq.user=
+    ibm.mq.password=
 
 ### Connection security
 
-The default userid and password have been chosen for a commonly-used queue manager configuration.
+The default userid and password have been removed from this package, as the corresponding default configuration has been
+removed from the MQ Developer images. Authentication must now be explicitly defined both for the queue manager, and for
+the Spring applications.
 
-To disable user/password checking entirely, you must set the `ibm.mq.user` and `ibm.mq.password` attribute to empty
-values so that the defaults are not used.
+To revert to the previous default user/password checking, perhaps if you are still using older Developer images, you
+must now set the `ibm.mq.user` and `ibm.mq.password` attribute.
 
 ```
-   ibm.mq.user=
-   ibm.mq.password=
+   ibm.mq.user=admin
+   ibm.mq.password=passw0rd
 ```
+Configuration of secure connections with TLS are discussed below.
 
-Of course, that level of access must be permitted by your queue manager. The usual CHLAUTH and CONNAUTH rules will apply
-to assign an identity to the connection.
 
-Configuration of secure connections with TLS are discussed below.
+#### JWT Tokens
+If your queue manager supports authentication with JWT tokens, then you can either set `ibm.mq.token` or the password to
+the token. If you use the `password` attribute, then the `user` must also be set to the empty value (which is now the
+default anyway). Obtaining the token is outside the scope of this package; there are a number of ways that can be done
+through Spring Boot making HTTP calls to the JWT server.
+
+One approach to handling this without needing to put the token into the external configuration properties file is to make the
+HTTP call and then `System.setProperty("ibm.mq.token",token)`.
 
 ### Configuration Options
 
@@ -161,15 +164,17 @@ Spring Boot will then create a ConnectionFactory that can then be used to intera
 | ibm.mq.channel              | Channel Name for SVRCONN                                                        |
 | ibm.mq.connName             | Connection Name, which can be comma-separated list                              |
 | ibm.mq.ccdtUrl              | Location of the MQ CCDT file (URL can reference http/ftp location)              |
-| ibm.mq.user                 | User Name. Must be set to an empty value to turn off authentication attempts    |
-| ibm.mq.password             | Password                                                                        |
+| ibm.mq.user                 | User Name. Default is empty string                                              |
+| ibm.mq.password             | Password. Default is empty string                                               |
+| ibm.mq.token                | JWT token                                                                       |
 | ibm.mq.clientId             | ClientId uniquely identifies the app connection for durable subscriptions       |
 | ibm.mq.applicationName      | Application Name used for Uniform Cluster balancing                             |
 | ibm.mq.userAuthenticationMQCSP| Control authentication mechanism for old queue managers (default true)        |
 | ibm.mq.tempQPrefix          | The prefix to be used to form the name of an MQ dynamic queue                   |
 | ibm.mq.tempTopicPrefix      | The prefix to be used to form the name of an MQ dynamic topic                   |
-| ibm.mq.tempModel            | The name of a model queue for creating temporary destinations.                  |
+| ibm.mq.tempModel            | The name of a model queue for creating temporary destinations                   |
 | ibm.mq.reconnect            | Whether app tries automatic reconnect. Options of YES/NO/QMGR/DISABLED/DEFAULT  |
+| ibm.mq.reconnectTimeout     | Timeout in seconds before automatic reconnect gives up                          |
 | ibm.mq.autoConfigure        | If explicitly set to "false", then the autoconfigure bean is disabled           |
 | ibm.mq.balancingApplicationType | Hint how uniform clusters should treat the app. Options of SIMPLE/REQREP    |
 | ibm.mq.balancingTimeout     | Uniform cluster timer. Options NEVER/DEFAULT/IMMEDIATE or integer seconds       |

RUNME.sh

@@ -23,6 +23,9 @@
 #
 # Version numbers for the generated files are in the jms*.properties files, along with a few other
 # variables that need to be set differently.
+# 
+# Note that from version 3.2.2, the JMS2 variation will no longer build from the supplied
+# script.
 #
 # The gradle scripts need to be run with a Java 17 JDK or later.
 
@@ -31,7 +34,7 @@ function printSyntax {
 Usage: RUNME.sh [-j jmsVersion] [-r]
 Options:
    -j JMS Version ("jms2" or "jms3"): can be repeated to get both
-      Default builds both.
+      Default builds jms3 only.
    -r Release to Maven staging or snapshot area
 Note that after pushing files to the STAGING area they will
 still require a manual release.
@@ -104,7 +107,7 @@ fi
 
 if [ -z "$jmsVersions" ]
 then
-  jmsVersions="jms2 jms3"
+  jmsVersions="jms3"
 fi
 
 jmsVersionCount=`echo $jmsVersions | wc -w`

build.gradle

@@ -37,7 +37,7 @@ subprojects {
   apply plugin: 'signing'
 
   // This is the MQ client version
-  ext.mqVersion = '9.3.4.0'
+  ext.mqVersion = '9.3.5.0'
   ext.mqGroup = 'com.ibm.mq'
 
   // The groupid for the compiled jars when uploaded

jms3.properties

@@ -1,12 +1,12 @@
 // This file contains the versions of Spring etc to work with a Jakarta-based system
 ext {
   // Our shipped version - should usually match the Spring Boot Version but
-  // we keep it different during the pre-GA releases
-  mqStarterVersion = '3.2.1'
+  // there may be reasons to make it different 
+  mqStarterVersion = '3.2.3'
 
   // Direct Dependencies - give versions here
-  springVersion = '6.1.2'
-  springBootVersion = '3.2.1'
+  springVersion = '6.1.4'
+  springBootVersion = '3.2.3'
 
   pooledJmsVersion = '3.1.4'
   jUnitVersion = '4.13.2'

makeJms2.sh

@@ -4,6 +4,12 @@
 #
 # This script creates a copy of the Boot Starter code which is functionally (almost) identical
 # but has the jakarta package names replaced by javax in most places. 
+# 
+# Note that from version 3.2.2, the JMS3 code cannot be simply replicated in this way. Classes
+# that are unique to Spring 3 are now being used. However, this script is being left in here for now
+# as an example; it should still be possible to convert the Spring 3 code to Spring 2, but additional
+# filtering/changes are required. There is a minimal mockup of the SslBundles interface included here
+# that at least permits the code to compile.
 
 curdir=`pwd`
 in="$1"
@@ -35,6 +41,7 @@ do
       grep -v "DeprecatedConfigurationProperty" |\
       sed "s/jakarta/javax/g" |\
       sed "s/ibm.mq.javax/ibm.mq/g" |\
+      sed "s/import org.springframework.boot.ssl.*;//g" |\    
       sed "s/ibm.msg.client.javax/ibm.msg.client/g ">  $out/$f
 done
 
@@ -46,6 +53,29 @@ do
   cp $f $out/$n
 done
 
+# This creates a minimal mockup of the Spring Boot 3 SslBundles interface 
+# in an attempt to allow the JMS3 code to compile as JMS2. 
+# But it's not been seriously tested.
+cat << EOF >$out/src/main/java/com/ibm/mq/spring/boot/SslBundles.java
+package com.ibm.mq.spring.boot;
+import javax.net.ssl.SSLContext;
+class SslBundles {
+   SslBundle getBundle(String s) throws NoSuchSslBundleException{
+     return null;
+   }
+}
+
+class SslBundle {
+   SSLContext createSslContext() {
+     return null;
+   }
+}
+
+class NoSuchSslBundleException extends Exception {
+}
+
+EOF
+
 # One final piece of patching is for the SSLBundles support only available from Spring Boot 3.1
 f="./src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports"
 cat $f | grep -v "com.ibm.mq.spring.boot.MQConfigurationSslBundles" > $out/$f

mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQAutoConfiguration.java

@@ -39,12 +39,12 @@
 
 @Configuration(proxyBeanMethods=false)
 @AutoConfigureBefore(JmsAutoConfiguration.class)
-@AutoConfigureAfter({ JndiConnectionFactoryAutoConfiguration.class, JtaAutoConfiguration.class,MQConfigurationSslBundles.class})
+@AutoConfigureAfter({ JndiConnectionFactoryAutoConfiguration.class, JtaAutoConfiguration.class})
 @ConditionalOnClass({ ConnectionFactory.class, MQConnectionFactory.class })
 @ConditionalOnProperty(prefix = "ibm.mq", name = "autoConfigure", matchIfMissing=true)
 @ConditionalOnMissingBean(ConnectionFactory.class)
 @EnableConfigurationProperties({MQConfigurationProperties.class, JmsProperties.class})
-@Import({ MQConfigurationSslBundles.class, MQXAConnectionFactoryConfiguration.class,MQConnectionFactoryConfiguration.class })
+@Import({ MQXAConnectionFactoryConfiguration.class,MQConnectionFactoryConfiguration.class })
 public class MQAutoConfiguration {
   private static Logger logger = LoggerFactory.getLogger(MQAutoConfiguration.class);
   public MQAutoConfiguration() {