An implementation of ConnectAttemptListener can be set on AMQConnectionFactory or PooledConnectionFactory via #setConnectAttemptListener(ConnectAttemptListener) in order to notify messaging application about every successful and unsuccessful connectivity attempt.
The failed attempt notification can be used as a trigger to rotate expired credentials, if those are set using connection extensions. The implementation can examine the error code reported as part of JMSException, and, if the error code corresponds to authentication failure codes ("530" is reported by AMQP 0-8..0-91, "320" is reported by AMQP 0-10), the credentials could be swapped with new ones using the connection extension mechanism. See Section C.1, “Connection extensions” for details.
The following implementation of ConnectAttemptListener illustrate the idea.
Example C.2. Rotate credentials on authentication failure
class CredentialsRotatingListener implements ConnectAttemptListener { @Override public boolean connectAttemptFailed(final URI brokerURI, final JMSException e) { boolean reattempt = "530".equals(e.getErrorCode()) || "320".equals(e.getErrorCode()); if (reattempt) { rotateCredentials(brokerURI); } return reattempt; } @Override public void connectAttemptSucceeded(final URI brokerURI) { credentialsRotatedSuccessfully(brokerURI); } private void rotateCredentials(inal URI brokerURI) { // credential rotating logic } private void credentialsRotatedSuccessfully(final URI brokerURI) { // notify that credentials have been rotated successfully } }
The method connectAttemptFailed can return true, if connection attempt needs to be repeated to the same broker immediately and without incrementing a failover re-try counter. Otherwise, the connection would be attempted as per failover settings.
Apache Qpid, Messaging built on AMQP; Copyright © 2015 The Apache Software Foundation; Licensed under the Apache License, Version 2.0; Apache Qpid, Qpid, Qpid Proton, Proton, Apache, the Apache feather logo, and the Apache Qpid project logo are trademarks of The Apache Software Foundation; All other marks mentioned may be trademarks or registered trademarks of their respective owners