Professional Documents
Culture Documents
Administrator’s Guide
VERSION 6.1
webMethods, Inc.
3930 Pender Drive
Fairfax, VA 22030
USA
703.460.2500
http://www.webmethods.com
webMethods Administrator, webMethods Broker, webMethods Dashboard, webMethods Developer, webMethods Glue, webMethods Fabric, webMethods
Installer, webMethods Integration Server, webMethods Mainframe, webMethods Manager, webMethods Mobile, webMethods Modeler, webMethods
Monitor, webMethods Optimize, webMethods Trading Networks, webMethods Workflow, and the webMethods logo are trademarks of webMethods, Inc.
"webMethods" is a registered trademark of webMethods, Inc.
Acrobat, Adobe, and Reader are registered trademarks of Adobe Systems Incorporated. Amdocs and ClarifyCRM are registered trademarks of Amdocs Ltd.
Ariba is a registered trademark of Ariba Inc. BEA is a registered trademark, and BEA WebLogic Platform and BEA WebLogic Server are trademarks of BEA
Systems, Inc. BMC Software and PATROL are registered trademarks of BMC Software, Inc. BroadVision is a registered trademark of BroadVision, Inc. Chem
eStandards and CIDX are trademarks of Chemical Industry Data Exchange. Unicenter is a registered trademark of Computer Associates International, Inc.
Kenan and Arbor are registered trademarks of CSG Systems, Incorporated. SNAP-IX is a registered trademark, and Data Connection is a trademark of Data
Connection Ltd. DataDirect, DataDirect Connect, and SequeLink are registered trademarks of DataDirect Technologies. D&B and D-U-N-S are registered
trademarks of D&B, Inc. Entrust is a registered trademark of Entrust. Hewlett-Packard, HP, HP-UX, and OpenView are trademarks of Hewlett-Packard
Company. i2 is a registered trademark of i2 Technologies, Inc. AIX, AS/400, CICS, DB2, IBM, Infoprint, Informix, MQSeries, OS/390, OS/400, RACF, RS/6000,
SQL/400, S/390, System/390, VTAM, and WebSphere are registered trademarks; and Communications System for Windows NT, IMS, MVS, SQL/DS, Universal
Database, and z/OS are trademarks of IBM Corporation. JBoss and JBoss Group are trademarks of Marc Fleury under operation by JBoss Group, LLC. J.D.
Edwards and OneWorld are registered trademarks, and WorldSoftware is a trademark of J.D. Edwards. Linux is a registered trademark of Linus Torvalds and
others. X Window System is a trademark of Massachusetts Institute of Technology. MetaSolv is a registered trademark of Metasolv Software, Inc. ActiveX,
Microsoft, Outlook, Visual Basic, Windows, and Windows NT are registered trademarks; and SQL Server is a trademark of Microsoft Corporation. Teradata is
a registered trademark of NCR. Netscape is a registered trademark of Netscape Communications Corporation. New Atlanta and ServletExec are trademarks
of New Atlanta Communications, LLC. CORBA is a registered trademark of Object Management Group, Inc. UNIX is a registered trademark of Open Group.
Oracle is a registered trademark of Oracle Corporation. PeopleSoft and Vantive are registered trademarks, and PeopleSoft Pure Internet Architecture is a
trademark of PeopleSoft, Inc. Infranet and Portal are trademarks of Portal Software, Inc. RosettaNet is a trademark of “RosettaNet,” a non-profit organization.
SAP and R/3 are trademarks or registered trademarks of SAP AG. Siebel is a trademark of Siebel Systems, Inc. SPARC and SPARCStation are trademarks of
SPARC International, Inc. SSA Global is a trademark and SSA Baan is a registered trademark of SSA Global Technologies, Inc. EJB, Enterprise JavaBeans, Java,
Java Naming and Directory Interface, JavaServer Pages, JDBC, JSP, J2EE, Solaris, Sun Microsystems, and SunSoft are trademarks of Sun Microsystems, Inc.
SWIFT and SWIFTNet are trademarks of S.W.I.F.T. SCRL. Sybase is a registered trademark of Sybase, Inc. UCCnet is a trademark of UCCnet. eBusinessReady
is a trademark of Uniform Code Council, Inc. (UCC) and Drummond Group, Inc. (DGI). Verisign is a registered trademark of Verisign. VERITAS, VERITAS
SOFTWARE, and VERITAS Cluster Server are trademarks of VERITAS Software. W3C is a registered trademark of World Wide Web Consortium.
All other marks are the property of their respective owners.
Copyright © 2004 by webMethods, Inc. All rights reserved, including the right of reproduction in whole or in part in any form.
Contents
Deleting Brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Name Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Uninstalling Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Deploying Additional Brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
Copying Broker Information Using the Clipboard Feature of the Broker Administrator . . . . . . . . 70
Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
This guide provides information about how to use the webMethods Broker Administrator
and command line utilities. It describes how to create and manage Brokers on a Broker
Server, set up access permissions, and monitor document traffic through a Broker.
webMethods software needs to be successfully installed before you can use webMethods
Broker Administrator.
webMethods Broker Administrator’s Guide Version 6.1 is designed primarily for the system
administrator who is responsible for configuring and monitoring the webMethods Broker.
This guide assumes you are familiar with the following:
Terminology and basic operations of your operating system (OS)
Document Conventions
Convention Description
Bold Identifies elements on a screen.
Italic Identifies variable information that you must supply or change based
on your specific situation or environment. Identifies terms the first
time they are defined in text. Also identifies service input and output
variables.
Narrow font Identifies storage locations for services on the webMethods Integration
Server using the convention folder.subfolder:service.
Typewriter Identifies characters and values that you must type exactly or
font messages that the system displays on the console.
UPPERCASE Identifies keyboard keys. Keys that you must press simultaneously are
joined with the “+” symbol.
\ Directory paths use the “\” directory delimiter unless the subject is
UNIX-specific.
[] Optional keywords or values are enclosed in [ ]. Do not type the [ ]
symbols in your own code.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Overview
This chapter introduces webMethods Broker and describes its components and
management tools for Windows and UNIX systems. The management tools include
webMethods Broker Administrator and the command line utilities.
Brokers
Each Broker Server has one or more entities, called Brokers, that reside on it. A Broker is
where the client programs connect, where document types are stored, and where client
queues and subscriptions are monitored and stored. When you install a Broker Server, the
installation program creates one Broker and makes it the default Broker. Using the Broker
Administrator tool, you can change the default status of a Broker, add new Brokers, and
delete existing Brokers.
When a Broker client publishes a document, the Broker determines which Broker clients
have subscribed to that document and places the document in the matching Broker client
queues.
Territories
Brokers can share information about their document type definitions and client groups by
joining a territory. Brokers within the same territory have knowledge of each other’s
document type definitions and client groups. Documents can travel from clients on one
Broker to clients on another Broker in the same territory. Each Broker can reside on a
Document Types
Documents are messages that travel over a network from a publisher to a subscriber,
through the Broker. Each document is an instance of a document type. A document type’s
name, which must be unique, is carried by all documents of its type.
Document folders provide a means for grouping document types. A document folder
provides scope for naming document types, allowing a document type in one scope to
have the same base name as a document type in another scope. For example,
Order::Received and Order::Shipped are members of the Order document folder and
Part::Received and Part::Shipped are members of the Part scope.
Each document type has properties associated with it, such as its document folder name,
when it was created, how many times it has been published and retrieved by Broker
clients, and the number of subscriptions.
Note: The maximum size of any single document operation is 1GB with a transaction size
of 1GB.
The maximum number of document types that a Broker can support is 65533.
Broker Clients
A Broker client is an object that is used by client programs. A Broker client is a handle that
is created and used by client programs. It represents a connection to a particular Broker.
Client programs may use one or more Broker clients.
Client State
A Broker client has a client state. The client state is the information about a Broker client
that the Broker maintains. This information includes:
Client ID
Application name
Client group
Subscription list
Client Groups
Client groups provide a method for setting important properties for a group of Broker
clients. Instead of assigning properties to each Broker client separately, you can assign
properties to a client group. Properties you assign to a client group include:
Client life cycle
Broker Administrator
Broker Administrator uses the browser on the local machine and the Integration Server,
which can be anywhere in the network, to connect to a Broker Server. The Integration
Server is installed using the webMethods installation program.
The Broker Administrator allows you to configure administrative websites from which
you can monitor webMethods Broker Servers, territories, Adapters, Brokers, and clients
from any browser-equipped workstation in your organization’s network.
You set up the Broker Administrator on any Integration Server during the Broker Server
installation. For instructions on installing the Broker Administrator, refer to the
webMethods Installation Guide.
To learn how to start the Broker Administrator, see Chapter 2, “Logging On to Broker
Administrator.”
The command line utilities are described in detail in Appendix A, “webMethods Broker
Command Line Utilities.”
See Chapter 3, “Managing webMethods Broker Servers.” to learn how to add existing
Broker Servers to the Broker Administrator.
8 Optionally, configure and manage territories and territory gateways.
A client on one Broker can communicate with a client on another Broker within the
same territory. Territory gateways provide control over documents that pass from
one territory to another. Using gateways, it is possible for clients to communicate
across administrative domains.
See Chapter 10, “Territories and Gateways.” to learn how to set up territories and
gateways.
9 Optionally, set up Secure Sockets Layer (SSL) support.
SSL provides a secure means of communication over a network between two
programs. To provide SSL support in webMethods Broker, you must enable SSL for
the Broker Server and for each client application, adapter, and/or the Broker
Administrator.
See Chapter 11, “Managing Broker Security.” to learn more about SSL support.
10 Publish a document to test your settings.
Basic Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Host and port of the webMethods Broker to which you are connecting
Note: To load the Broker Administrator, the browser must be able to display images,
support frames and cascading style sheets, and must be able to run javascript.
1 From the Start menu choose Programs > > Servers > Integration Server to start your
Integration Server.
2 Open a browser window.
3 Point your browser to the host and port where the Integration Server is running.
Examples:
If the Integration Server is running on the default port on the same machine where
you are running the Broker Administrator, you would type:
http://hostname:5555/WmBrokerAdmin/
If the Integration Server is running on port 4040 on a machine called ATLAS, you
would type:
http://ATLAS:4040/WmBrokerAdmin/
Log on to the Integration Server with a user name and password that has
administrator privileges.
If you just installed the webMethods Integration Server, you can use the following
default values:
User Name: Broker
Password: manage
Use the exact combination of upper- and lower-case characters shown above (user
names and passwords are case sensitive).
Note: recommends that you change the password immediately after installing
webMethods Integration Server. Otherwise, your server will be vulnerable to anyone
who knows the default passwords that installs on its servers. When you change the
password, be sure to select one that is difficult to guess. For example, use a mixture
of upper- and lower-case letters, numbers, and special characters. Do not use a name,
phone number, social security number, license plate, or other generally available
information. See the webMethods Integration Server Administrator’s Guide for
instructions on changing the password.
Note: If the Integration Server is not running, your browser will issue an error similar
to the following:
Banner
Navigation
panel
Main
page
The main page displays a screen that corresponds to the object you select from the
Navigation panel. From this page, you view and edit the settings for the webMethods
Broker Servers, Brokers, Adapters, and Territories on the network.
Broker Servers
within the network
Territories and
Brokers within
the network
Adapters view
Choose which
Adapters to view
Adapters as
associated with
Brokers within
the network
To switch between these views, click the appropriate link in the Navigation panel.
Note: An SSL connection cannot be made if the remote machine connecting to the
Broker Administrator is not SSL enabled.
For detailed information about SSL support, see Chapter 11, “Managing Broker
Security.”
Time interval between statistical polls. This is the number of minutes that should pass
between statistical updates. The default value is 1 minute.
Trigger. Lists only clients with a trigger client ID. For information about triggers, see
the webMethods Developer User’s Guide.
You can also create a custom filter by clicking Add User Defined Client Filter. For information
about creating client filters and applying them to Brokers, see “Client Filters” on page 103.
Basic Operation
The Broker Server Information page contains the information shown below.
Information Description
Name The name or the IP address of the Broker Server.
Port Port number on which the webMethods Broker is running.
Description A description of the webMethods Broker. Click the Change Broker Server
Description link to update this field.
Information Description
Status Status of the webMethods Broker.
Expires
Brokers page
Information Description
Broker Name The name of the Broker.
Territory The territory to which the Broker belongs.
Note: You can view the Brokers within a territory and get their statistics
from the Territories view. See Chapter 10, “Territories and Gateways”
for more information.
Click the Broker for which you want to view information and statistics.
Information Description
Name The name of the Broker.
Description A description of the Broker. You can update this field at any time by
clicking the Broker, then clicking Change Broker Description.
Connected The status of the connection. Connection status is displayed in the
following ways:
Yes is displayed with a green check mark to indicate the Broker is
connected.
In Progress indicates the connection is in the process of being
established.
Closed indicates the connection is closed.
Information Description
Document Whether document type logging is enabled. For more information
Type Logging about document type logging, see “Setting Up Your webMethods
Broker for Higher Performance” on page 66.
Document The number of document types associated with the Broker.
Types
Transactions The number of transactions that are currently executing on the Broker.
Because transactions are short-lived, typically only milliseconds, they
often complete too quickly to register in this field. A value of zero does
not necessarily mean there are no transactions executing.
Recent The document traffic on the Broker for the last X minutes. Where X is the
Deliveries time interval between statistical polls. The default value is 1 minute. To
change the default setting, see “Viewing and Changing Connection
Settings” on page 30.
Total Total document traffic on the Broker since it was created.
Deliveries
Territory The territory to which the Broker belongs.
Note: You can view the Brokers within a territory and get their statistics
from the Territories view. See Chapter 10, “Territories and Gateways”
for more information.
Managing Brokers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Overview
The Broker Server manages the flow of documents among clients, Broker Servers and
various applications. To do this, the Broker Server automatically routes, queues, and
filters documents. The Broker Server guarantees information delivery over networks that
may have intermittent connectivity, such as dial-up connections. All webMethods Broker
components communicate with a Broker Server, not with each other.
The Broker Server has an associated data directory. The files in the data directory contain
information about the Broker Server’s configuration, and about the configuration and
statistics for each of the Brokers that manage the various queues through which
documents pass from one client to another. It is good practice to make regular backups of
the data directory of every Broker Server on a host.
It is possible to have more than one Broker Server running on a host. Each Broker Server
has its own data directory and communicates through its own port. Each Broker Server is
identified by the name of the host computer and the port number. For example, a Broker
Server running on port 6840 on the Broker Server Host atlas is identified as atlas:6840.
The Broker Servers on a host do not have to be the same version of webMethods Broker.
The version of webMethods Broker installed on the host must match the highest version
among the Broker Servers you want to run. This makes it possible to run older versions of
the webMethods Broker, which is useful when the time comes to upgrade from one
version to another.
This chapter describes how to carry out Broker Server administration tasks from the
Broker Administrator, how to configure Broker Servers from the command line, and how
to back up Broker Server data directories.
The Broker Server is appended to the Broker Server list and displayed with the name
you entered.
8 Do one of the following:
To add additional Broker Servers, follow Steps 2–5.
To show or hide Broker Servers in the Broker Server list, click Change Which Broker
Servers are Visible.
When a Broker Server is installed, the install program creates a Broker and makes it the
default. You can add new Brokers to a Broker Server at any time. See “Creating New
Brokers” on page 64.
Where broker_server_name and port represent the name and port of the Broker Server that
you want to add. For example:
california
tokyo:9000
paris:7000
newyork
london:8000
Save the Broker Server List file as an ASCII text file; it must have a .txt extension in order
for Broker Administrator to import it.
1 Create a Broker Server List file. See the previous section for instructions.
2 Open the Broker Administrator if it is not already open.
3 Do one of the following:
On the Broker Servers view, click Change Broker Server List.
From the Navigation panel, on the Settings menu, click Known Broker Servers.
4 On the Known Broker Servers page, click Upload Broker Server List.
5 Enter the file name and location in the Filename field or click Browse to navigate to the
file.
6 Click Upload.
†These statistics are applicable to pre-5.0 Broker Servers only. Due to the improvements
made to Broker Server storage, these statistics are no longer applicable and will not be
displayed on Broker Server versions 5.0 or later.
Select... To...
6 Under Where to Log, specify how you want to send the logged information. You can
select one or more of the following options.
Select... To...
Write to UNIX Syslog For Solaris or HP-UX, syslog messages are sent from the Broker
Server to the syslogd. Then, syslogd writes the messages to files,
consoles, or other machines, depending on how syslogd is
configured.
To view the messages, look at the log files shown below:
Solaris: /var/log/broker.alert
/var/log/broker.info
HP-UX: /var/adm/syslog/broker.alert
/var/adm/syslog/broker.info
By default, the Broker Server logs its errors using the native logging facility of the
platform on which it runs.
Messages are in one of two categories:
Broker Server. Messages in the Broker Server category are from the awbroker
process. The awbroker process is where all the standard Broker Server tasks take
place.
webMethods Broker Server Monitor. Messages in the webMethods Broker Server
Monitor category are from the awbrokermon process. The awbrokermon process is
always running once the Broker Server is installed, and is responsible for starting
and monitoring the awbroker process.
7 Click Save Changes.
Message text
Note: To unzip the error log file on Windows systems, you can use any archive utility
available for Windows. On UNIX systems, use the Gzip data compression program.
broker_save and Script the import /export process, especially when moving
broker_load through different environments.
commands
Take regular scripted backups of metadata in your
production system
Process very large .adl files; the commands require less
memory than the import/export feature in the Broker
Admin UI.
Import/Export Export only a subset of components (for example, only doc
feature of the Broker types, or only client groups) to an ADL file.
Administrator
Save an ADL file to disk, but don’t want to use the
commands. For example, you could store this file in a
source code control system and move the file to a different
machine at a later date, when you move from a
development environment to a QA environment.
Copy information between machines that are not be on the
same network/not visible from the same Broker
Administrator.
For information about copying Broker Server information, see “Copying Broker Server
and Broker Information Using the Import/Export Feature of the Broker Administrator”
below.
For information about copying Broker information from one Broker to another, see
“Deploying Additional Brokers” on page 70.
For information about exporting Broker and Broker Server information for backup
purposes, see “Saving and Restoring System Configuration” on page 74.
For information about the broker_save and broker_load commands, see Appendix A,
“webMethods Broker Command Line Utilities.”
Copying Broker Server and Broker Information Using the Import/Export Feature of
the Broker Administrator
This section describes how to copy Broker Server information using the Import/Export
feature that is available through the Broker Administrator. For a list of other available
methods, see “Methods of Copying Broker Server and Broker Information” above.
Using the using the Import/Export feature, you can export just Broker Server information,
Broker Server and Broker information, or just Broker information.
.
8 If you also want to export Document Type, Client Group, or Client information, select
that information now.
.
Select... To...
Export Document Types Export indicated number of document types from the
selected Broker.
Export Client Groups Export indicated number of client groups from the selected
Broker.
Export Clients Export indicated number of clients from the selected Broker.
To select a subset of any of these options, click Change Selection. By default, document
type, client group, and client information are all selected for export. Click the check
boxes of the elements you do not want to export, then click Submit Changes.
9 When you are finished selecting the Broker information to export, click Export to File.
The configuration is saved as an ActiveWorks Definition Language (ADL) file and
then compressed for downloading.
10 Download the configuration file by clicking Click here to download ADL Zip-File.
Note: If the information you are copying includes an SSL configuration, you are
prompted for the certificate file password.
Note: To unzip the error log file on Windows systems, you can use any archive utility
available for Windows. On UNIX systems, use the Gzip data compression program.
Note: If you are copying broker server information to an ADL file for backup
purposes, you can stop here.
11 Open the Broker Server Information page of the target Broker Server.
12 Click Import From File.
13 In the Filename field, enter the path and name of the .adl file or click Browse to
navigate to the .adl file.
14 Click Upload.
15 Select one or more of the options in the What to Import Step 2 dialog box.
Select... To...
If the configuration does not contain information of a certain type (for example,
Broker Server configuration), that option is unavailable.
16 Click Proceed to Step 3.
17 Select one or more of the options in the What to Import Step 3 dialog box.
Select... To...
To select a subset of any of these options, click Change Selection. By default, all
elements of each option are selected for import. Clear the check boxes of the elements
you do not want to import, then click Submit Changes.
Note: If the import file contains a new SSL configuration, you may need to stop and
restart the Broker Server for the configuration to take effect. If the import file does not
contain the password for the certificate file, you are prompted for it.
Important! The Import from File option divides large files into 2MB pieces. The pieces are
then imported sequentially to the Broker and reassembled. If an error occurs during
this process, some document types may still be loaded; that is, the file may be
partially loaded if there is an error and the Broker is left in a partially updated state.
Platform independent Includes Unicode escape characters (the default). The file
can be exported to other hosts without regard to machine
type or language.
Native (locally editable) Does not include Unicode escape characters. The file can
only be used on hosts of the same type and which use the
same language and encoding.
The use of Unicode escape characters makes it possible to export Broker and Broker
Server configuration among hosts that use different languages (and sometimes to
different types of host machine that use the same language). If you want to read or edit
the configuration file, however, the escape characters can make such tasks difficult.
If your language uses an expanded character set and you want to read or edit the Broker
or Broker Server configuration file, you should save it in native format. Doing so means
that you can only export the file to another host of the same type that supports the same
language as the one on which you created the file.
In English, or other languages that do not use an extended character set, always use the
platform-independent file format to save an export file.
1 Stop the Broker Server. For instructions, see “Stopping and Starting a webMethods
Broker Server” on page 58.
2 Use an editor to open the awbroker.cfg file located in the Broker Server’s data
directory.
3 Add the following line to the awbroker.cfg file:
storage-max-cache-size=nnn
Where nnn is a cache size value. For example, if you wanted to change the cache value
to 256MB, you would enter the following:
storage-max-cache-size=256
From the command line, using the broker_stop and broker_start programs
Important! When you stop the Broker Server, all Broker clients are disconnected. No
Broker clients can reconnect and retrieve documents until you restart the Broker Server.
To stop and restart a webMethods Broker Server from the command line
You can use the broker_stop and broker_start commands to stop and start the
Broker Server. Refer to Appendix A, “webMethods Broker Command Line Utilities,”
for instructions.
awbrokermon†
awbroker‡ awbroker
...
Broker Broker Broker ... Broker
The awbroker process is where all Broker tasks take place. Some of these tasks include
receiving, queuing, and delivering documents. The awbroker process can support more
than one Broker, so you can create and deploy multiple Brokers for development and
administrative convenience.
Because multiple Brokers are supported by a single awbroker process, all actions that
affect the awbroker process also affect all Brokers that reside on the same Broker Server.
For example, shutting down the Broker Server shuts down all of its Brokers.
The awbrokermon process, which controls and monitors the awbroker process, is always
running once it is installed. The awbrokermon process starts and monitors the awbroker
process. For every Broker Server running on a host, there is a separate instance of the
awbroker process. A single awbrokermon process controls all awbroker processes running
on a host.
If the awbroker process stops unexpectedly, awbrokermon logs the fault and attempts to
restart awbroker. The awbrokermon process does not perform a restart if awbroker has
three unexpected exits within five minutes.
You can stop and restart the awbrokermon and awbroker processes by using specific
commands. See “broker_stop and broker_start” on page 205.
To shut down a Broker Server (awbrokermon and awbroker processes) on Solaris, HP-UX,
and Windows platforms, use the commands described in the following sections.
Note: On Solaris, you can only run these commands as user root or user bin. These
commands can only shut down webMethods Broker processes on the local machine.
Note: On HP-UX, you can only run these commands as user root or user bin. These
commands can only shut down webMethods Broker processes on the local machine.
Note: On Windows, any user with administrator privileges can start or stop any service.
You can start and stop services on a remote machine and a local machine if you have a
Domain established and have domain administrator privileges.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Overview
Each Broker Server has one or more entities, called Brokers, that reside on it. A Broker is
where the client programs connect to, where document types are stored, and where client
queues and subscriptions are monitored and stored. When you install a Broker Server, the
installation program creates one Broker and makes it the default Broker. This chapter
describes how to carry out Broker administration tasks such as creating and deleting
Brokers, and deploying copies of existing Brokers.
If you want to work from the command line, rather than from Broker Administrator,
you can use the broker_create command to create a Broker. Refer to
“broker_create” on page 197 for instructions.
Volatile
Code Documents Guaranteed Documents
Uses System Swap no yes noa
Important! Pre-5.0 Brokers cannot accommodate guaranteed documents larger than 7MB.
Version 5.0 and 6.0 Brokers will discard guaranteed documents larger than 7MB if
publishing to a pre-5.0 Broker.
To log this action, configure a client on the Broker to subscribe to the document type
Broker::Trace::DropRemote.
See “Understanding Client Group Properties” on page 82 to learn more about document
types and storage.
Guaranteed Documents
The maximum document size of a guaranteed document type is restricted to the size of
the log file (which is configurable) and the amount of virtual memory (which is divided
by 3 due to internal buffering).
Volatile Documents
You can publish volatile documents of an unlimited size up to the smaller of available
swap or the Broker’s volatile storage limit (restricted only by the available memory).
Deleting Brokers
You can permanently delete a Broker and all its Broker client, client group, and document
type information using Broker Administrator or the broker_delete command on the
command line.
If you want to work from the command line, rather than from Broker Administrator,
you can use the broker_delete command to delete a Broker. Refer to
“broker_delete” on page 198 for instructions.
Name Limitations
There are character limitations for Broker component names. The table below lists the
Broker component by name, the maximum length in bytes, and other rules and limitations
for naming.
Uninstalling Applications
At times you may need to uninstall a webMethods Broker application that did not
uninstall properly. When this happens you need to delete the Broker client and client
groups associated with the application.
For information about how to delete Broker clients or Broker client subscriptions, refer to
“Controlling Clients” on page 112.
For information about deleting client groups, refer to “Assigning “Can Publish” and “Can
Subscribe” Permissions” on page 88.
For information about other available methods, see “Methods of Copying Broker Server
and Broker Information” on page 53.
3 From the Information page for that Broker, Client Group, Client, or Document Type,
click Copy component Information to Clipboard, where component is Broker, Client Group,
Client, or Document Type.
4 Navigate to the Broker to which you want to copy the information. Select the
Information page of the Broker, Client Group, Client, or Document Type to which you
want to copy the information and click Paste component 'component_name' to current
Broker.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Overview
There are measures you can take to protect the webMethods Broker system from loss in
the case of a disk crash or other hardware failure. This chapter describes how to back up
and restore system configuration information and data files.
Broker B Broker D
Broker A Broker C
To back up the entire system, you must save a separate configuration file for each Broker
and each Broker Server. Therefore, in sample configuration in above, there must be
configuration files for each of the following:
Broker Server Alpha
Broker A
Broker B
Broker C
Broker D
When webMethods Broker saves configuration files, it uses a file format called the
ActiveWorks Definition Language (ADL). When you name configuration files, you must
save them as .adl files. You can save configuration files from Broker Administrator or
command line.
Note: You should save copies of the Broker and Broker Server configuration files in a
location other than a webMethods Broker host. That way if ever the disks fail on the
Broker Server host, the back up files are still safe.
Note: If you run webMethods Broker in a language that uses an extended character set,
the Unicode escape characters may make configuration files difficult to read. See “File
Formats for Broker and Broker Server Configuration Files” on page 57.
2 Import the Broker Server configuration files using one of these tools:
If the configuration contains any gateways, take note of warnings that indicate that
the other side of the gateway is not yet available.
4 Re-import any Broker configuration files that gave warnings during the previous
step, using the same order as before.
You should not receive any warnings during this step.
On this
platform: The data files are located here:
UNIX /var/opt/webmethods/awbrokers61/default
The Broker Server configuration file awbroker.cfg resides in the Broker Server data
directory and should be backed up regularly. For queue storage sessions, back up
Broker.qs (binary) and any configured queue storage and log files.
Important! Backing up the Broker Server files while there are documents in the Broker
Server is not recommended because documents could be delivered again or could be lost
when the data files are restored.
Important! Always stop the Broker Server before backing up; otherwise, the backup could
be corrupted. Refer to section “Stopping and Starting a webMethods Broker Server” on
page 58.
1 Stop the Broker Server. See “Stopping and Starting a webMethods Broker Server” on
page 58 for instructions.
Note: Whenever you stop the Broker Server, you will lose volatile documents in all
queues.
2 Make a copy of the contents of the Broker Server data directory, for example,
C:\webMethods\Broker\data\awbrokers61\default\Broker.qs.stor.
3 Restart the Broker Server. See “Stopping and Starting a webMethods Broker Server”
on page 58 for instructions.
Note: If there were any guaranteed or persistent documents in the queues when you
made the time the backup files, those documents are resent when you restore the files.
While the Broker Server data directory contains configuration and statistics information
for the Broker Server and its Brokers, the directory does not necessarily contain the
certificate file used for SSL support. When you back up Broker Server data directories on
your host, it is also good practice to back up the certificate files that those Broker Servers
use. For this reason, webMethods recommends that you place the Broker Server’s
certificate file into the data directory. For more information about certificate files, see
“Creating and Managing SSL Certificate Files” on page 168.
Property Description
Client Group description A one-line description of the client group, to be displayed in
Broker Administrator main window.
Broker Client lifecycle Determines what the Broker does with a Broker client’s state
when the Broker client disconnects. There are two types of
lifecycles: Explicit destroy and Destroy on disconnect. See
“Lifecycle Properties” on page 83.
Client queue storage type Determines how safe the documents in a Broker client’s
queue are. Storage type also affects how quickly a Broker
can process documents. See “Client Queue Storage Types”
on page 83.
Encryption level None
Lifecycle Properties
The lifecycle determines if the Broker keeps information about the Broker client’s state
when the Broker client disconnects from the Broker or when the Broker restarts. The two
types of lifecycles are shown below.
Lifecycle Description
Explicit destroy The state of a Broker client exists until it is destroyed by a
program using the Broker client. The Broker remembers the
Broker client’s state across connections and Broker Server
restarts. Use the Explicit destroy lifecycle for applications that
need to maintain state information in the Broker between
connections.
For example, a webMethods Broker dbAdapter uses the
explicit destroy lifecycle so that documents that update the
database are not lost if the adapter is not running. When the
dbAdapter is not running, the Broker queues documents for it;
the dbAdapter retrieves the documents when it restarts.
Destroy on disconnect The state of a Broker client exists for the duration of the Broker
client’s connection to the Broker. The Broker automatically
deletes the client state when the connection breaks. Use Destroy
on disconnect for applications that do not need to maintain any
state in the Broker between connections. For example, Broker
Administrator uses this kind of client connection when it is
running.
Queue
Storage Type Description
Guaranteed The safest, but slowest type of storage. This storage type is suited for
storage documents that you cannot afford to lose. Documents are written to
disk using a logged commit. Guaranteed storage has a fixed,
pre-allocated size that can only be changed while the Broker is stopped;
how large a portion depends on the document flow and size of
documents. The default guaranteed storage size is 32MB per transaction
and 512MB. You can increase the storage size by adding new storage
files, see “server_config storage” on page 192.
Persistent Broker versions 5.0 through 6.0 automatically upgrade all Persistent
storage documents to Guaranteed; all Persistent documents are treated as if
they are Guaranteed.
Volatile The least safe but fastest type of storage. This storage type is suited for
storage documents that have a short life or are not critical. Documents are not
written to disk; they are only stored in memory. All documents of a
volatile document type and documents in a volatile client queue are lost
when the Broker is shut down or when the computer restarts.
Factors Limitations
Document size Limited to the lesser of:
1GB with a transaction size of 1GB
The size of the log file (which can be increased using the
server_config program. See “server_config storage” on
page 192 for more information.)
The amount of virtual memory available on the Broker host
(divided by 3 due to the internal buffering)
Total storage Dependent on Broker hardware
available
The Client Groups on Broker page appears, displaying the list of client groups and their
descriptions. The information and statistics in Client Groups on Broker page are as
follows.
Information Description
3 Click a client group name to view additional information and statistics. The
information and statistics on the Client Group Information page are as follows:
Information Description
Information Description
Log publish types Displays the number of document types that Broker clients in
the client group can log when published. Click this number to
list all document types. See “Assigning Log Publish and Log
Acknowledge Types” on page 90.
Log acknowledge Displays the number of document types that Broker clients in
types the client group can log when received. Click this number to
list all document types. See “Assigning Log Publish and Log
Acknowledge Types” on page 90.
If you select Destroy on Disconnect, the queue storage type is automatically Volatile. If
you select Explicit Destroy, you need to select the queue storage type. See “Lifecycle
Properties” on page 83 for details about client group lifecycle properties.
7 Select the queue storage type (if you selected Explicit Destroy lifecycle) from Queue
Storage Type field.
8 Click Create.
Once the client group is created, you can configure Can Publish and Can Subscribe
permissions. See “Assigning “Can Publish” and “Can Subscribe” Permissions” below.
Note: A Broker delivers a document only to Broker clients that have subscribe permission
to it. A delivered document is addressed to just one Broker client.
6 Select the document types you want to add, then click Add.
The document types you selected now appear in the Can Publish Document Types list.
.
To remove a document type from a Client Group’s Can Publish and Can Subscribe lists
To add document types to a client group’s Log Publish Document Types lists
Note: Each client group’s document folder contains client groups that come with the
webMethods Broker system: adapters, admin, and accessLabelAdapter. You cannot
delete these client groups. The Delete option is disabled when these client groups are
selected.
Note: You cannot delete a client group if Broker clients in the group are connected to the
Broker. You must delete the Broker clients before deleting the group.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Overview
This chapter describes how to manage document types and measure system activity. For a
brief overview of document types, see “Document Types” on page 17. For more
information about developing document types and document folders, refer to Publish-
Subscribe Developer’s Guide.
Publish documents and check the document type’s publish and retrieve statistics to
ensure that the Broker client subscriber actually received documents
Note: The maximum number of document types that a Broker can support is 65533.
The Document Types page lists the following information about all document types that
exist in the current Broker.
Information Description
3 On the Document Types page, click the name of the folder/document type for which
you want to display document type information. If the document type is stored in a
folder, continue clicking until you reach the document type you want to display.
The Document Type Information page displays the following information.
Information Description
Information Description
Validation Full. All fields must be defined in the document type and
all fields must match the document type definition. New
fields cannot be created in the published document.
Open. Fields that are defined in the document type must
match the document type definition. Fields can be
present in the published document and not be checked.
None. No validation for published documents.
See “Document Type Validation” on page 98.
Fields The data fields of a document. See “Data Field Information”
on page 99.
Infosets For pre-6.0 Brokers only. The infosets that help to define the
use of the document type.
Note: To perform any editing task in the Broker Administrator, you must have the
appropriate permissions. See “Setting Up Broker Administrator Permissions” on page 30
Note: The Broker Server automatically upgrades Persistent storage types to Guaranteed.
3 On the Document Types page, click the document type whose time to live attribute you
want to change. If the document type is stored in a folder, continue clicking until you
reach the document type you want to change.
4 On the Document Type doctype page, click Change Time to Live.
5 On the Change Time to Live page, in the Time to Live field, enter the number of seconds
you want the Broker to keep a document. Enter “0” if you do not want the Broker to
delete the document before a Broker client retrieves it.
6 Click Save Changes.
Note: This is the strictest form of validation and can affect performance because the
Broker must check each and every document type field.
Open. Fields that are defined in the document type must match the document type
definition. Fields can be present in the published document and not be checked.
None. No validation for published documents.
Using the Broker Administrator you can change the level of validation or disable
validation for published documents altogether.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Overview
This chapter describes how to view, manage, and monitor Broker clients. For information
about creating and naming Broker clients, refer to the appropriate programming interface
manual.
Information Description
Client ID The Broker client’s unique ID. Either the user or the Broker assigns
this ID at the time the Broker client is created.
Application Name The name of the application that describes the Broker Client. The
user assigns this name at the time the Broker client is created.
Group The client group the Broker client belongs to.
Information Description
Client Filters
You can apply filters to the list of clients on the Clients page. In the Client Filter pulldown,
select a filter type, then click Refresh Display to update the screen with the new filter
settings.
The default filters are described on page 31. You can also create a custom filter by clicking
Modify Filters.
Group Filter according to the client group to which the Broker client
belongs.
Connection Status Filter clients by connection status. You can filter clients that are
currently connected to the Broker, not connected, or both.
Tip! If you do not want to show clients with a particular substring, use the logical
negation operator symbol “!” in front of the filter rule. For example, if you do not
want to show clients from the XYZ client group, you would enter !XYZ in the Group
field.
You can create one or more filter rules for each client filter. Create a client filter with
multiple rules to show clients that contain all of the query terms. For example, you
can create a client filter to show only the clients that are an “IntegrationServer”
application and belong to client group “Admin.”
5 Click Save Changes.
ID The Broker client’s unique ID. Either the user or the Broker
assigns this ID at the time the Broker client is created.
Application Name The name of the application that describes the Broker client.
This name is assigned by the developer at the time the
Broker client is created.
Broker Displays the name of the Broker
Subscriptions Displays the number of subscriptions for the client.
The connections ID
Forced Reconnect For 5.x Brokers and later. Specifies whether a Broker client
can reconnect to a Broker even when (at least from the
Broker's perspective) a connection already exists. This might
happen if you disconnect the machine on which a Broker
client is running, then reconnect it. The Broker might not
recognize that the connection was broken. With Forced
Reconnect set to False, the Broker will reject the
reconnection request. With Forced Reconnect set to True,
the Broker will break the existing connection and create a
new one, allowing the client to reconnect.
Queue is Locked no The queue for the Broker client is open and
documents are flowing as normal.
yes The queue for the Broker client is locked.
Note that when a queue is locked, you cannot
delete the Broker client.
For information about queue management,
see the appropriate programming interface
manual.
Lock Held by Client ID The client ID that established the lock.
Lock Held by Client The session number of the locked client.
Session
Lock Held Since The duration of time the queue lock has been established.
Access Label If the client has an access label, the contents of the label.
User Name If SSL is enabled for the client, the Distinguished Name
used in the client’s certificate.
If a client is created on the Broker over an authenticated SSL
connection, the Broker records the client's owner along with
the client. The owner is identified by the combination of
User Name and Authenticator Name. Clients that have an
owner only allow future reconnection from processes that
authenticate as the same user.
Authenticator Name If SSL is enabled for the client, the Distinguished Name of
the Certification Authority that issued the certificate.
Information Description
Client Queue Length The number of documents in the client queue that are ready
for the Broker client to retrieve.
Client Queue Size The size of the client queue in bytes.
Last Queued The last time a document was placed in the client queue.
Last Retrieved The time the Broker client last retrieved a document from its
queue.
Last Published The time the Broker client last published a document.
Highest Documents in A count of the most documents in the queue for the Broker
Queue client at one time, and the date and time on which it
occurred.
Recent Deliveries The number of documents the Broker client has recently
delivered.
Total Documents The total number of documents the Broker client has
Retrieved retrieved from its queue.
Total Documents The total number of documents the Broker client has
Published published.
Publish Sequence The sequence number of the last document published by the
Number Broker client. For information about sequence numbers, see
the appropriate programming interface manual.
Information Description
ID The Broker client’s unique ID. Either the user or the Broker
assigns this ID at the time the Broker client is created.
Document Type Displays the document type names.
Filter Displays set subscription filters.
To learn how to delete a subscription from a Broker client, see “Disconnecting a Broker
Client” on page 113.
Information Description
Connected From The IP address of the machine and the port from which the
client program session is connected.
ID The session ID. This is a unique number, generated by the
Broker client.
Information Description
For information about a particular session, click that session in the list of sessions to open
the Session’s Information page. The Session’s Information page displays platform and
encryption information for the session you have selected.
The Platform Information table displays information that is set by the Broker client. You
cannot edit this information from Broker Administrator; you can change it only in the
client application program.
Information Description
Adapter Language The programming language of the Broker API used to connect to
the Broker.
Adapter Language Version of the adapter language.
Version
Hardware Hardware on which the broker client runs.
OS Operating system on which the broker client runs.
Information Description
Important! Use this option with care because it will delete documents that the Broker client
not yet processed. If multiple clients are sharing the same client state, invoking this
method can have far-reaching effects.
Controlling Clients
There may be times when you need to control a Broker client that is not behaving
normally. There are several methods you can use to control a Broker client, such as
removing a Broker client subscription, disconnecting one or more Broker client sessions,
or deleting a Broker client.
You may want to remove a Broker client’s subscription to stop the unwanted and
repeated delivery of a document from another out-of-control Broker client. You can
disconnect a misbehaving Broker client from the Broker without destroying its queue or
documents as long as it does not have a Destroy on Disconnect life cycle. You may want to
delete a Broker client, rather than just disconnecting it, if it did not disconnect from the
Broker when it should have. Deleting a Broker client always destroys its queue, regardless
of the life cycle type.
Documents published The number of documents that the transactional client has
published or delivered within the context of this transaction since the transaction
started. (If the transactional client published other documents during this time under
another transactional context, those documents would be reflected in a separate
transaction entry.)
Documents Ack'ed The number of documents the transactional client has received and
acknowledged within the context of this specific transaction since the transaction was
started. (If the transactional client received other documents during this time under
another transactional context, those documents would be reflected in a separate
transaction entry.)
the client and terminates the transaction. Whether the Broker executes a commit
or a roll back depends on the way in which you configure the Broker’s post-
prepare timeout action parameter. The default is to commit the transaction.
The post-prepare timeout parameter does not apply to single-phase transactions.
You may specify an infinite pre-prepare period (i.e., impose no timeout limit) by
setting the post-prepare timeout parameter to -1.
4 Select Commit Transactions or Roll Back Transactions, depending on which operation you
want to perform.
5 Select the transactions that you want to commit or roll back and click Commit or Roll
Back.
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Territories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Overview
This chapter describes territories and territory gateways, and shows you how to use
Broker Administrator to view and control them.
Each territory contains one or more Brokers and is essentially managed as a single entity.
In many ways, a territory acts as a single Broker that spans multiple hosts because all
Brokers in a territory are directly connected to all other Brokers in that territory and share
that configuration. As a result, a client on one Broker can communicate with a client on
another Broker in that same territory even though they are not directly connected to the
same Broker. Territory gateways are used to provide control over documents that pass
from one territory to another, and therefore allow clients to communicate even though
they may not be part of the same administrative domain.
Territories
The Broker-to-Broker feature allows communication among two or more Brokers. This
Broker-to-Broker communication allows applications and adapters to be spread around
your company and still communicate with each other.
When using the Broker-to-Broker feature, Brokers join a territory. All Brokers in a territory
share the same document types and client groups. This shared view of data and semantics
makes communication between client applications possible.
Each Broker communicates directly with every other Broker in its territory, as shown in
the following diagram. This direct connection ensures the fastest communication between
Brokers.
An Example Territory
Client 3
Broker D
Broker B Client 4
Client 1
Broker A
Client 2
Broker C
In the diagram above, the application Client 1 can communicate not only with Client 2 on
the same Broker, but also with Clients 3 and 4 on Broker D.
Brokers within a territory have knowledge only of other Brokers currently in the same
territory.
Once a Broker leaves a territory, it loses knowledge of any Brokers in the territory.
Brokers remaining in the territory lose knowledge of the Broker that has left.
A Broker can be a member of only one territory at a time. To change from one territory
to another, a Broker must leave the first territory and then join the second.
Two or more Brokers on the same host can be members of different territories.
Operations on document types and client groups affect all Brokers in the territory.
Territories
All Brokers in a territory share the same client groups and document types. In effect,
they appear to operate under a single configuration.
Within a territory, documents published on one Broker can be sent to other Brokers
because they are delivered there or because a client on another Broker has a matching
subscription.
You cannot merge territories. To create a single territory where two existed before, the
Brokers in one territory must leave it and then join the second territory.
A territory cannot be empty. To create one, you must find a Broker that does not
belong to any other territory.
Security
Within a territory, either all Brokers use SSL or no Brokers use SSL. You cannot mix
the two modes.
When using SSL, each Broker uses its Broker Server’s SSL configuration for outgoing
connections and for accepting incoming connections.
Clients
Brokers in a territory do not share clients. Although a territory appears to be managed
like a single mega-Broker, each client keeps its queue, and other state information, on
a single Broker.
Because clients are not shared by Brokers, operations on a specific client work only if
the Broker actually hosts the client.
Unique Names
The follow conventions relate to the use of names.
Each Broker on a Broker Server must have a unique name.
Each Broker in a territory must have a name that is unique among Brokers in that
territory.
Territories joined by gateways must all have unique names.
Managing Territories
The following sections describe how to create territories and how to make Brokers join
and leave territories. Use Broker Administrator to create, join, and leave territories, and to
display detailed information about a territory.
Creating a Territory
To create a new territory, you must have a Broker that does not belong to any other
territory. You can find Brokers that are not part of a territory by looking at the Brokers
page, as shown below. If a Broker is part of a territory, the name of the territory is listed in
the Territory column.
Territory Column
(this Broker is part of the A Territory)
To create a territory
Territory
Information Description
Territory
Information Description
Recent Deliveries The document traffic on the Broker for the last X minutes.
Where X is the time interval between statistical polls. The
default value is 1 minute. To change the default setting, see
“Viewing and Changing Connection Settings” on page 30.
Gateways Lists the gateways to Brokers in other territories.
3 To learn more about a territory, click on its name in the Territories column.
The Territory Information page displays information that describes the relationships of
the current Broker with other (remote) Brokers in the territory. The Territory Information
page contains the following information.
Joining a Territory
You use Broker Administrator to join Brokers to territories, one at a time. For a Broker to
be eligible to join a territory, it must not currently be a member of any other territory.
Note: When creating a territory with Brokers on differing operating systems, you must
take an important step to ensure a reliable connection between the Brokers. When you
create the territory, you should join the Broker with the different operating system first.
Then, you can add all other Brokers to the territory.
For example, if you want to add a Broker from a Windows system to a Solaris Territory,
you would first add the Windows Broker followed by the Solaris Brokers.
To join a territory
Leaving a Territory
To leave a territory
Territory Gateways
A territory gateway is a connection between two territories, allowing the transfer of
documents between the territories. One broker in each territory is designated to
communicate with a companion broker in the other territory. Each of the two Brokers,
referred to as gateway Brokers, belongs to its own territory, but can share document types
with its companion Broker across the gateway. There can be only one gateway between
any two territories; however, a gateway Broker in one territory can communicate with
gateway Brokers in multiple territories.
Each gateway Broker is configured and maintained independently. By controlling publish
and subscribe permissions and security across the gateway, it is possible to create a
firewall between territories. In this way, it is possible to connect territories having
differing security needs or territories belonging to different companies.
A set of territories connected by gateways forms a graph. The graph cannot have cycles; a
path that traverses the graph should not be able to return to its beginning. Visually, an
acceptable graph looks like a tree. A graph that crosses the boundary between two
administrative domains is shown in the figure below. With the correct permissions set at
each territory gateway, Broker clients 1 and A can communicate with each other.
A Territory Graph
A territory
gateway
Territory 2 Territory B
Territory 4
Territory 1 Territory A
Territory C
Territory 3 Client A
Client 1
Firewall between
Territory 5
administrative
domains
Note: Gateway creation will fail if the two territories have incompatible versions of the
webMethods Broker software.
Use the following general steps to configure a gateway. You must perform these steps on
both Brokers participating in the gateway.
To configure a gateway
Brokers)” on page 141 or “Creating the Gateway (One Broker)” on page 144 for
detailed instructions.
2 Optionally, configure gateway security.
Set the security parameters on each gateway Broker and check that a secure
connection can be established. For information about setting up SSL support across a
territory gateway, see “Using SSL Across Territory Gateways” on page 165.
Note: It is not necessary to configure the gateway for SSL support before proceeding
on to Step 3. You can perform this step last as long as the owners of both sides of the
gateway perform the steps in the same order.
[...]
If you know that the remote Broker is in the same territory as the delivering Broker, then
you can omit the territory:
bc.deliver( “//OtherBroker/:publish”, event);
If the delivering client is on Broker Q1, which is in the same territory as Broker Q2 and
Broker Q4 and the target remote Broker Q3, then Broker Q2 and Broker Q4 will not
receive the published document. Only the clients of Broker Q3 will receive the published
document. (See the following diagram.)
A Broker Territory
Broker Q1
Broker Q4
Broker Q3
Broker Q2
If the remote Broker is on the other side of a gateway, then the behavior varies slightly, as
summarized in the table below.
Broker Examples
The following examples are based on the Brokers and territories shown in the Broker
Territories diagram. The first letter of the Broker’s name indicates its territory.
Broker Territories
A Territory Gateway
Broker W1
Broker X1
Broker W3 Broker Y1
Broker W2
case). If territory Z had more Brokers and gateways, they would also receive the
document.
Note: A document using remote publish will look like a delivered document until it
reaches the target Broker. Trace documents and activity traces will record the document
as a delivery. The remote publish trace on the target Broker will also record the
document as a delivery, but the enqueue traces will look like a publish occurred.
Brokers are Linked Yes Brokers are connected and able to exchange
documents.
No One or both Brokers are not available.
Status Active The Broker is active.
Paused The Broker has been paused. When a Broker
is paused, it stops all outbound traffic. The
Broker Administrator shows the name of the
session and Broker client that paused the
Broker.
Keep Alive Interval time_interval How often (in seconds) the Broker sends
Keep Alive Events over the Gateway to
prevent the firewall from disconnecting what
it considers to be an idle connection.
If a time interval of 0 has been specified, this
field displays “disabled”. The default is
“disabled.”
Local Documents Waiting Number of documents in queue waiting to be published.
Local Broker: Name Name of the local Broker. Click to open the
Broker Information page.
Description Description of the local gateway Broker.
Connected The status of the connection between the
Broker and the Broker Server.
Territory Name of the territory to which the local
Broker belongs. Click to open the Territory
Information page for this Broker.
Recent Number of documents received by the
Receipts remote Broker. The amount of time between
updates is specified on the Connections page.
Total Receipts Total number of documents received during
lifetime of the Broker.
Last Receipt Date and time of last receipt.
Remote Broker: Name Name and Broker Host of the remote Broker
on the other side of the gateway. Click to
open the Broker Information page.
Description Description of the remote gateway Broker.
The status of the connection between the
Connected Broker and the Broker Server.
Territory Name of the territory to which the remote
Broker belongs. Click to open the Territory
Information page for this Broker.
Recent Number of documents received by the
Receipts remote Broker. The amount of time between
updates is specified on the Connections page.
Total Receipts Total number of documents received during
lifetime of the Broker.
Note: Small values, such as 1 or 2 seconds, will generate excessive network traffic. Check
your firewall configuration to find a reasonable value for this interval.
5 Click Yes or No, then click Update to synchronize the document types.
Broker Administrator synchronizes the Shared Document Type list on the two gateway
Brokers, as shown in the next figure. For example, for each document type listed in
the Remote Broker Can Subscribe panel for Broker A, Broker Administrator places that
document type in the Remote Broker Can Publish panel of Broker B.
If there is no matching document type on the remote Broker, or if the document types
are not identical, Broker Administrator cannot synchronize the shared document
type.
1 Open the Shared Document Types page. For instructions on opening the Shared
document types page, see “Displaying the Shared Document Type List” on page 139.
2 Click Hook Up Client Groups.
3 Select one or more client groups and click Add.
4 You have the option of setting up shared document types permissions on the other
side of the gateway or updating only the current side.
Click Yes or No, then click Update to synchronize the document types.
Broker Administrator populates the shared document type list of both Brokers,
assigns Can Publish and Can Subscribe permission to all document types, and then
synchronizes the document types across the gateway.
Because Broker Administrator has performed some of the configuration
automatically, you should examine the permissions lists for both gateway Brokers in
case you want to adjust the selection. Once you have synchronized the shared
document types for both Can Publish and Can Subscribe permissions, the territory
gateway is ready for traffic.
Important! If you control only one side of a territory gateway and find it necessary to
remove the gateway, there is no simple method to restore the connection. To restore the
gateway, you need to recreate the Can Subscribe and Can Publish lists for the remote
Broker.
Filtering Documents
As mentioned above, a filter string specifies criteria for the contents of a document. For
example, assume that a document contains a person’s age and state of residence. The first
document field has the name age and the second has the field name state. The following
filter string matches only those documents whose age field is greater than 65 and whose
state field is equal to FL.
age > 65 and state = "FL"
In this example filter string, age and state represent document fields. This filter also
contains an arithmetic constant 65 and a string constant "FL". The boolean operator and
combines the field criterion for age and state.
Other example filter specifications are as follows:
debt > salary*0.50
packaging = "portable" and price > 5000
answer = ’Y’ or answer = ’y’
(answer = ’Y’) or (answer = ’Y’)
Combine document field comparisons using the boolean operators and, or and not.
Filter Rules
Filter strings must adhere to the following rules:
Field names can be fully qualified, such as:
struct_field.seq_field[2]
Filter Operators
The following tables contain the various operators that you can use to create filters. For a
more complete list of operators, see the appropriate programmer’s reference manual.
Note: The Integration Server and Developer use different filter syntax for subscribing to
publishable documents. See webMethods Developer User’s Guide for more information.
Note: Logical filter operator expressions are evaluated in a method similar to SQL
expression evaluation, in that all operators are always evaluated. When a logical filter
operator expression contains multiple operators, operator precedence determines the
sequence in which the operations are performed. For example, when evaluating the
expression “A OR B”, both “A” and “B” are evaluated, even if “A“ evaluates to a true
value.
Note: Implicit type conversion occurs when operands in an arithmetic operation have
different types. The operands are converted to a larger value before the comparison
occurs. Type char is considered numeric, but boolean is not.
Note: webMethods Broker is not compatible with products that use the DSA encryption
algorithms for SSL, such as Java version 1.1 from Sun Microsystems, Inc.
The public key is part of a certificate, which is a digital document verifying that a public
key belongs to a given entity. In addition to the public key, the certificate contains a
Distinguished Name and information about the issuer of the certificate. Certificates are
issued by a Certification Authority, a trusted central organization that attests to the
identities of those to whom it issues the certificates.
The choice of a Certification Authority depends on the needs of your organization. You
can subscribe to digital certificate services or you can create a Certification Authority
within your own organization using third-party software products.
Use SSL; only the Broker Server has a certificate (provides Broker Server
authentication and optional encryption).
Use SSL; both the Broker Server and the client application have certificates (provides
Broker Server and client authentication, and optional encryption).
The client application determines whether or not communication is encrypted. Also,
the Broker’s client groups can require the use of encryption.
Trusted Roots
Certificates issued by a Certification Authority are usually associated with an
Authentication Server. It is possible to check whether any issued certificate is valid by
contacting the appropriate Authentication Server. Unless you run your own
Authentication Server, this form of authentication requires a constant Internet connection.
To remove the need for an Authentication Server, webMethods Broker uses a concept
known as a trusted root. A trusted root is a special certificate belonging to a Certification
Authority. This special certificate contains the Certification Authority's public key, and
must be well-known and trusted. Your other certificates are themselves encrypted using
the Certification Authority's private key in such a way that the certificates can be
validated. There is one trusted root for each Certification Authority that issues certificates.
The validation is done using the special trusted root certificate. A given company may
have multiple Certification Authorities, each with a different trusted root.
For the client to authenticate the Broker Server, the client needs access to a certificate file
containing the Broker Server certificates’ trusted root so the client can validate the Broker
Server’s certificate. For the Broker Server to authenticate the client, the Broker Server
needs access to a certificate file that contains the client certificates’ trusted root so that the
Broker Server can validate the client’s certificate.
Distinguished Names
A Distinguished Name is that portion of a certificate that identifies either the owner of the
certificate or the issuer of the certificate. If the Distinguished Name identifies the issuer, it
is a trusted root, described in “Trusted Roots” on page 151. The table below shows the
fields that make up a Distinguished Name.
Tag Field
CN Common Name
OU Organizational Unit
O Organization
L Locality
ST State or Province
C Country
EM E-mail Address
Note: In a territory, SSL must either be enabled for all Broker Servers or disabled for all
Broker Servers. You cannot mix SSL servers and non-SSL servers in the same territory.
When an individual client establishes a connection with the Broker Server, the client sets
the mode of operation for the connection:
Broker Server authentication only
Note: The administrative API is a set of Java services that you can use to administer Broker
objects. You can write your own user interface that uses the services, or you can use the
services without a user interface and make administrative changes programmatically.
You can limit the administrative tasks a user is allowed to perform against these objects
by using ACLs.
Note: It is possible for Broker Administrator application to not have administrative access
to a Broker Server, but still have access to a Broker that resides on that Broker Server. This
is called “Limited Access.” If administrative access is limited, “Limited Access” appears in
the title bar of the Broker Server Information page.
Note: The Broker Administrator forces you to include in the ACL a Distinguished Name
that you currently use so that you can have continued administrative access to the Broker
Server.
Note: Volatile clients cannot reconnect since they have a Destroy on Disconnect lifecycle.
Broker is locked
You will need to provide a list of Distinguished Names that should have administrative
access to the Broker. For a step-by-step description of modifying ACLs for client groups,
see “Setting Up Client Group Access Control Lists” on page 162.
1 Create the certificate file(s) needed by the Broker Server and each client.
The Broker Server and each client must have access to the certificates needed to
authenticate the connection. Certificates reside in certificate files on the Broker Server
and on hosts where client applications and adapters reside. The contents of each
certificate file depends on the host it is located on and the type of authentication, as
shown below.
Broker Server Broker Server trusted root Broker Server private key,
authentication only certificate, and trusted root
Client and Broker Broker Server trusted root; Broker Server private key,
Server client private key, certificate, and trusted root;
authentication certificate, and trusted root client trusted root
You must place the Distinguished Name of the issuer of the Broker Server’s certificate
in the certificate file on each client host. If you need client authentication, you also
need to place the Distinguished Name of the issuer of a certificate belonging to a client
must be placed in the certificate file on the Broker Server Host.
For information about how to manage client and Broker Server private keys,
certificates and certificate files, see “Creating and Managing SSL Certificate Files” on
page 168.
2 Configure the Broker Server to enable SSL. This procedure is described in “Enabling
SSL for the webMethods Broker Server” on page 160.
3 Configure each client to enable SSL.
You can find information about how to configure clients for SSL support in the
following locations:
1 Make sure the Broker Server has the SSL license key.
See “Determining If You Have an SSL License Key” on page 158.
2 Make sure that the proper certificate files are available on the Broker Server Host.
See “Preparing the Certificate File for the Broker Server” on page 158.
3 If required, enable SSL for the Broker Administrator so that it can have administrative
access to the Broker Server or to a specific Broker.
You must enable SSL for the Broker Administrator before you can create the ACL for
the Broker Server in the next step. See “Configuring Broker Administrator for SSL
Support” on page 158.
4 Using the Broker Administrator, enable SSL for the Broker Server.
See “Enabling SSL for the webMethods Broker Server” on page 160.
5 If required, set up an ACL to control administrative access to the Broker Server.
See “Setting Up Access Lists for the webMethods Broker Server” on page 161.
6 If required, set up ACLs to control administrative access to Brokers.
See “Setting Up Client Group Access Control Lists” on page 162.
4 If SSL is configured, you can modify the configuration on the current Broker Server by
clicking the entry or you can proceed to “Setting Up Access Lists for the webMethods
Broker Server” on page 161.
If SSL is not configured, you can configure SSL by clicking the entry and following the
instructions outlined in “Configuring Broker Administrator for SSL Support” on
page 158.
Note: SSL must be enabled for the Broker Administrator before you can use it to create an
ACL for the Broker Server.
Note: If other Broker Administrator pages are open, they may need to be refreshed in order
to display the new identity settings.
1 Check the Identity Settings for the Broker Administrator to make sure that an
administrative identity has already been established. If not, you will need to establish
an identity for the Broker Administrator. See “Configuring Broker Administrator for
SSL Support” on page 158 for instructions.
2 Once the Identity Settings are established on the Broker Administrator, open the
webMethods Broker Server Information page for the Broker Server.
3 From the webMethods Broker Server Information page, click the linked value to the right
of SSL.
4 Click Change Configuration on Restart to add a certificate file.
5 When the SSL Certificate File - Step 1 of 2 page appears, enter the location of the
certificate file in the Certificate Path field, then click Proceed to Next Step.
6 Enter the password for the certificate file, then click Save Changes.
7 When the Distinguished User Name - Step 2 of 2 page appears, select one of the
distinguished user names provided by the certificate.
8 Click Finished.
Broker Administrator updates the SSL settings and starts a new connection with the
Broker Server.
9 Optionally, to further limit the administrative access on the Broker Server, create and
configure ACLs for the Broker Server. See “Setting Up Access Lists for the
webMethods Broker Server” on page 161 for instructions.
Note: Before you can establish an ACL for a Broker Server, you must configure the Broker
Administrator with an identity that matches the Broker Server ACL. See “Configuring
Broker Administrator for SSL Support” on page 158.
Note: If you cannot find the Distinguished Name of a particular issuer, you must
add it to the certificate file. See “Creating and Managing SSL Certificate Files” on
page 168.
6 Optionally, click Add User Names to specify which individual clients can have access.
Note: If you do not specify which individual clients can have access, any user with a
Distinguished Name from an issuer in the Authenticator Name list can have
administrative access to the Broker Server.
Either enter the User Name into the User Name field or select one of the User Names in
the User Name list.
7 Click Add.
Note: For every client Distinguished Name that appears in the user name list of the
Access Control tab, the Distinguished Name of the certificate’s issuer must appear in
the authenticator name list. If not, you must add it to the certificate file used by the
Broker Server. See “Creating and Managing SSL Certificate Files” on page 168.
Note: If you cannot find the Distinguished Name of a particular issuer, you must
add it to the certificate file. See “Creating and Managing SSL Certificate Files” on
page 168.
7 Optionally, click Add User Names to specify which individual clients can have access.
Note: If you do not specify which individual clients can have access, any user with a
Distinguished Name from an issuer in the Authenticator Name list can have
administrative access to the Broker Server.
Either enter the User Name into the User Name field or select one of the User Names in
the User Name list.
8 Click Add.
Note: For every client Distinguished Name that appears in the user name list of the
Access Control tab, the Distinguished Name of the certificate’s issuer must appear in
the authenticator name list. If not, you must add it to the certificate file used by the
Broker Server. See “Creating and Managing SSL Certificate Files” on page 168.
Access to the client group is now available only to clients whose certificates meet the
requirements of the ACL.
Note: A gateway Broker must conform to SSL requirements for communication within a
territory but can differ for communication across the gateway. For example,
authentication may be required within the territory but not across the territory gateway.
Access to a territory is controlled by an Access Control List. To set up SSL for a territory, follow these
steps:
1 Make sure that the Broker Server for each Broker in the territory is configured for SSL.
For information about configuring Broker Servers, see “Configuring the webMethods
Broker Server for SSL” on page 157.
2 Open the Territory Information page of one of the Brokers in the territory. See “Viewing
Territory Information” on page 127 for instructions.
Note: If the issuer name does not appear in this list, it is not known to one of the
Broker Servers in the territory. You must place a Trusted Root for that
authenticator into every certificate used by every Broker Server involved in the
territory.
Alternatively, if you are willing to disable authentication and then add or remove
members of the territory, Broker Administrator adjusts the authenticator name list for
you; click Enable Authentication (administrative clients must connect using SSL) again after
the territory is modified.
7 Optionally, click Add User Names to specify which individual clients can have access.
Note: If you do not specify which individual clients can have access, any Broker
Server with a Distinguished Name from an issuer in the authenticator name list can
have access to the territory.
By default, the Broker identities list contains all user names associated with Broker
Servers in the territory. While authentication is required, there are two reasons to edit
the list:
If you intend to add a member to the territory whose Broker Server does not have
a user name in the list.
If you want to remove a user name because the Broker Server associated with it is
no longer in the territory.
8 Alternatively, if you are willing to disable authentication and then add or remove
members of the territory, Broker Administrator adjusts the user name list for you;
click Enable Authentication (administrative clients must connect using SSL) again once the
territory is modified.
Once you have listed the appropriate Distinguished Names in the Authenticator and User
Names lists, the Access Control list for the territory is complete. Access to the territory is
now available only to Brokers on Broker Servers whose certificates meet the requirements
of the ACL. Existing connections among the Brokers in the territory are not immediately
upgraded. Whenever member Brokers have reason to reconnect with each other, the new
connections use authentication and encryption as established for the territory. To force
reconnection, stop and restart each Broker Server associated with the territory.
Note: If the issuer name does not appear in this list, it is not known to one of the
Broker Servers in the territory. You must place a Trusted Root for that authenticator
into every certificate used by every Broker Server involved in the territory.
5 Optionally, click Add User Names to specify which individual clients can have access.
The User Names list contains the user name associated with the remote Broker Server.
Once you have listed the appropriate Distinguished Names in the Authenticator and User
Names lists for both sides of the gateway, the Access Control list for the gateway is
complete. Authentication is now required for all communication across the territory
gateway. The gateway Brokers immediately attempt to re-establish connection. If any of
the information is incorrect, causing an authentication failure, the connection across the
gateway is broken.
When a Broker client receives a document, the document contains some information that
can be useful in determining the nature of the path traveled from the remote Broker. The
document’s read-only envelope includes the fields shown in the table below.
Field Description
In addition, the publishing Broker client can add a digital signature in the signature field
of the document’s envelope. For more information about envelope fields, see the
appropriate programmer’s reference.
Upload a certificate that does not reside on the same machine as the Broker
Administrator. You can use this method if you are not allowed to log on to the
machine on which the Broker Administrator resides. This method allows you to
upload the certificate from the machine on which your browser is running.
Uploading a certificate that resides on the same machine as the Broker Administrator
Note: The certificate file must be on the host where the Integration Server and Broker
Administrator run. If the certificate does not yet exist on this host, you can add one by
using the Broker Administrator or the awcert command. See “Using the Certificate
Manager Program (awcert)” on page 170.
Subcommand Purpose
help Print a usage message for awcert to the screen.
For Trusted Roots
import-trust Installs a trusted root in a certificate file. See “Installing Trusted
Roots” on page 171.
list-trust Lists the trusted roots in a certificate file. See “Listing Trusted
Roots” on page 174.
remove-trust Removes a trusted root from a certificate file. See “Removing
Trusted Roots” on page 174.
For Certificates and Certificate Files
certify Installs signed certificates into a certificate file. See “Installing
Certificates” on page 173.
copy Copies certificates and certificate files. See the following sections:
“Copying All Certificates in a Certificate File” on page 176.
Subcommand Purpose
password Changes the password for a certificate file. See “Changing the
Certificate File Password” on page 178.
remove Removes a certificate from a certificate file. See “Removing
Certificates from a Certificate File” on page 177.
The process of creating and storing certificates uses the following general steps:
1 Create a certificate file and install one or more trusted roots into the file.
2 Create a certificate request.
3 Submit the certificate request to a Certification Authority.
4 Install the signed certificate into a certificate file.
These steps are described in more detail in the following sections.
The following example creates the certificate file my_certs using the password mypasswd,
and installs the trusted root contained in the file t_root.
awcert import-trust my_certs mypasswd -f t_root
This command creates an uncertified key pair and puts it into the specified certificate file.
The command also generates a certificate request file in PKCS #10 format. PKCS (Public
Key Cryptography Standards) #101 defines a syntax for certificate requests.
The key length determines the level of security provided for the connection; the larger the
key length, the greater the security. Added security comes at the price of performance; the
larger the key length, the more time it takes for encryption and signature verification
operations.
The following example generates a certificate request in the certificate file my_certs using
the password mypasswd. The certificate request file is to be named my_request.
awcert make-new my_certs mypasswd -d
“CN=Client,OU=Eng,O=webMethods,L=Sunnyvale,ST=CA,C=US” -f my_request -m 768
[Text deleted]
1. Information on PKCS #10 is available through RSA Laboratories, a division of RSA Data Secu-
rity, Inc. See http://www.rsasecurity.com/rsalabs/pkcs/pkcs-10
The block of text from BEGIN to END inclusive constitutes the certificate request. Submit the
request to the Certification Authority that provides your certificates. Contact your
Certification Authority for submission requirements.
When you receive the certificate from your Certification Authority, it should be another
block of text:
-----BEGIN CERTIFICATE-----
[Text Deleted]
-----END CERTIFICATE-----
The block of text from BEGIN to END constitutes the certificate (include the BEGIN and
END lines shown above). Copy this block into a temporary file to be used when you
install the certificate.
Installing Certificates
In response to a certificate request, the issuing Certification Authority sends you a X.509-
compliant digital certificate. ITU-T Recommendation X.5091 governs the syntax of digital
certificates. You must install the certificate into the same certificate file where you
previously created the uncertified key pair (page 171).
Note: It is possible that the issuing Certification Authority may change the returned
Distinguished Name. Visually, it appears the same as the original Distinguished Name;
the difference occurs in the binary form of the name. In this case, the awcert command
prompts you to accept the changed Distinguished Name.
To add a certificate to your certificate file, at the command line, enter this command:
awcert certify certificate_file password -f cert_text_file
The following example adds the signed certificate in the file signed_cert to the certificate
file my_certs using the password mypasswd.
awcert certify my_certs mypasswd -f signed_cert
The following example lists the trusted roots in the certificate file my_certs using the
password mypasswd.
awcert list-trust my_certs mypasswd
The awcert program lists the Distinguished Names of all trusted roots in the certificate
file.
To get the exact text of the trusted root’s Distinguished Name, use awcert list-trust,
described in “Listing Trusted Roots” on page 174.
The following example removes a trusted root from the certificate file my_certs using the
password mypasswd.
awcert remove-trust my_certs mypasswd -d "OU=Certification
Authority,O=Apex Data Security Inc.,C=US"
The following example lists all certificates and uncertified key pairs in the certificate file
my_certs using the password mypasswd.
awcert list my_certs mypasswd
The following example lists the certificate for a specific Distinguished Name:
awcert list my_certs mypasswd -d "CN=Client,OU=Eng,O=webMethods,
L=Sunnyvale,ST=CA,C=US"
The following example copies all certificates from the certificate file my_certs using the
password mypasswd to the certificate file other_certs using the password passwd2.
awcert copy my_certs mypasswd -f other_certs -p passwd2
To get the exact text of the certificate’s Distinguished Name, use awcert list, described
in “Listing Certificates in the Certificate File” on page 175.
The following example exports a single certificate from the certificate file my_certs using
the password mypasswd to the certificate file other_certs using the password passwd2.
awcert copy my_certs mypasswd -d “CN=Client,OU=Eng,O=webMethods,L=Sunnyvale,ST=CA,
C=US” -f other_certs -p passwd2
The following example uses the domestic certificate file my_certs using the password
mypasswd to create the exportable certificate file exp_certs using the password passwd2.
awcert copy my_certs mypasswd -f exp_certs -p passwd2 -x
The following example removes a certificate from the certificate file my_certs using the
password mypasswd.
awcert remove my_certs mypasswd -d “OU=Eng,O=webMethods,C=US”
The following example changes the password for the certificate file my_certs from
oldpasswd to newpasswd.
awcert password mycerts oldpasswd -p newpasswd
If a value within the Distinguished Name contains one of the characters shown here in
parentheses (, ; = + < > #), enclose the value with double quotation marks (as in
O=”webMethods, Inc.”).
On Windows, you must escape each quotation mark by preceding it with a backslash
(\"). On UNIX (except C shell), you do not have to escape the interior double
quotation marks if you enclose the Distinguished Name in single quotation marks. On
UNIX C shell, do not escape the interior double quotation marks; instead, enclose the
Distinguished Name in single quotation marks.
The following examples show the correct punctuation for a Distinguished Name as it is
used in awcert.
Windows and UNIX (except C shell):
“CN=Client,OU=Eng,O=\”webMethods, Inc.\”,L=Sunnyvale,ST=CA,C=US”
Certificate Status
Each certificate has a status associated with it, as shown in the table below.
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
broker_buildall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
broker_create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
broker_delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
broker_load . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
broker_ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
broker_save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
broker_status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Overview
This appendix describes the Broker Server and Broker command line utilities.
Syntax
server_config.exe subcommand [options ...]
With the exception of the list, start, and stop subcommands, all subcommands require
that you provide the location of the Broker Server’s data directory. The location of this
directory is dependent on the platform. When you install webMethods Broker, the data
directory for the Broker Server has the following location:
Windows C:\Program
Files\webMethods6\Broker\data\awbrokers61\default
UNIX /var/opt/webmethods6/awbrokers61/default
When you create a Broker Server, you provide the pathname of the data directory for that
Broker Server.
Each Broker Server is identified by its main port number (6849 by default), which must
not conflict with ports used by a different Broker Server. If the Broker Server supports SSL
connections, it also uses the port numbers main-1 and main-2. If you attempt to create or
update a Broker Server using a port number that is already being used by existing Broker
Servers, server_config issues an error message.
Note: The server_config command line program is not compatible with previous
versions of webMethods Broker. To configure a Broker Server version 5.x or earlier,
please refer to the documentation for that version of the product.
Broker Commands
Broker commands are shown in the table below:
server_config add
The add subcommand has two uses:
To control which Broker Server executable to use. By specifying the executable, you
can run a Broker Server other than the default one.
To add a Broker Server by using or copying the configuration of an existing Broker
Server. By specifying an existing configuration file, you can propagate Broker Server
configurations among multiple platforms, add a previously configured Broker Server
to an active configuration, or quickly upgrade an existing Broker Server deployment
to a new release of webMethods Broker.
Syntax
server_config.exe add data_dir <-e executable -k license_key |
-m config_file> [-k license_key] [-p port] [-S]
Arguments
Argument Description
data_dir The path to the data directory for the Broker Server you are
adding. If the directory does not already exist, the program
creates it.
Use double quotes if there is spacing in the data directory path.
-e executable The path to the awbroker executable file. This option allows you
to run a Broker Server using an earlier release of webMethods
Broker. The -k option (license key) is required. Do not use in
combination with the -m option.
-m config_file The path to the awbroker.cfg file to be used for the Broker Server
to be added. A copy of the configuration file is placed in data_dir.
This option allows you to copy an existing Broker Server
configuration. Do not use in combination with the -e option.
-p port The port number to be used for the Broker Server to be added.
Needed if the default port 6849 is in use by another Broker Server.
This port number overrides any existing port number.
-k license_key The Broker Server runtime license key. This license key overrides
any existing license key.
-S Silent operation. No output is shown except for warnings and
error messages.
Examples
The following example adds a new Broker Server (placing a configuration file in the
newserver directory) by copying the existing configuration file in the server2 directory,
and specifying a new port number.
server_config.exe add “C:\Program
Files\webmethods6\Broker\data\awbrokers61\newserver” -m “C:\Program
Files\webmethods6\Broker\data\awbrokers61\server2” -p 6830
The following example adds an existing Broker Server to the active configuration. The
configuration file already exists in the oldserver directory.
server_config.exe add “C:\Program
Files\webmethods6\Broker\data\awbrokers61\oldserver”
server_config create
It is possible to run multiple Broker Servers on the same host, as long as the port numbers
used by both Broker Servers do not conflict with each other. server_config create
creates a configuration file, awbroker.cfg, and the data files used by individual Brokers
(described in “Backing Up webMethods Broker Server Data” on page 77) and places them
in the data directory data_dir, as specified in the command.
Syntax
server_config.exe create data_dir -k license_key [-d description] [-p port]
[-nostart] [-S] -session_config sc-type
-session_data sc-type [-qs_log_file filename file-size][ -
qs_storage_file filename file-size [reserved-size]]
Arguments
Argument Description
data_dir The path to the data directory for the Broker Server being
created. If the directory does not already exist, the
program creates it. The directory cannot contain a copy of
the awbroker.cfg file.
Use double quotes if there is spacing in the data directory
path.
-k license_key The Broker Server runtime license key (required).
-d description A short description of the Broker Server, which appears
in the Broker Administrator main window. If the text
string includes spaces, enclose it in quotation marks.
Argument Description
-p port The port number to be used for the new Broker Server.
Needed if another Broker Server is using the default port
6849.
-nostart Creates the Broker Server, but the Broker Monitor process
will not start the Broker Server.
-S Silent operation. No output is shown except for warnings
and error messages.
-session_config sc-type sc-type is the value of a session If you do not specify
session_data it is set to the value of session_config.
You can select the session configuration type when you
create a Broker Server. You cannot change it afterwards.
The default is: -session_config qs
-session_data sc-type sc-type is the value of a session If you do not specify
session_data it is set to the value of session_config.
You can select the session configuration type when you
create a Broker Server. You cannot change it afterwards.
The default is: -session_data qs
-qs_log_file file-size specifies the amount of storage space allowed.
filename file-size Follow the amount with K, M, or G for kilobytes,
megabytes and gigabytes of storage.
You can resize the log file by increasing or decreasing the
value of file-size.
The default is:
-qs_log_file <datadir>/Broker.qs.log 32M
-qs_storage_file file-size specifies the amount of storage space allowed.
filename file-size Follow the amount with K, M, or G for kilobytes,
[reserved-size] megabytes and gigabytes of storage.
You can resize the storage file by increasing the value of
file-size; however, you cannot decrease the size of the
storage file.
reserved size specifies the amount of storage that should
be reserved until runtime. Anticipate a small delay in
operation while clearing takes place.
The default is:
-qs_storage_file <datadir>/Broker.qs.stor 512M
64M
Example
The following example creates a new Broker Server using port number 6840. The required
license key is abbreviated for brevity. The example uses the default storage parameters.
server_config.exe create “C:\Program
Files\webmethods6\Broker\data\awbrokers61\server2” -k BKR-XXXX -p 6840
server_config delete
The delete subcommand removes the Broker Server configuration file, all of the data
files associated with the Broker Server (and any other file residing in the directory), and
the data directory. When you execute the command to delete a Broker Server, you are
presented with configuration information for the Broker Server and prompted to
continue. Before you delete a Broker Server, make sure the Broker Server is not running.
Syntax
server_config.exe delete data_dir [-f] [-S]
Arguments
Argument Description
data_dir The path to the data directory for the Broker Server you are deleting.
Use double quotes if there is spacing in the data directory path.
-f Forces deletion of the Broker Server without requesting confirmation.
If the Broker Server is running, server_config attempts to stop it.
-S Silent operation. No output is shown except for warnings and error
messages.
Example
The following example deletes a Broker Server.
server_config.exe delete “C:\Program
Files\webmethods6\Broker\data\awbrokers61\server2”
server_config help
Lists all the available server_config subcommands and provides a brief explanation of
each. If you need detailed information about a subcommand, use server_config.exe
help followed by the subcommand.
Syntax
server_config.exe help
Example
The following example returns a description, including variables and notes, for the add
subcommand:
server_config.exe help add
server_config list
The list subcommand contacts the Broker Server Monitor and provides a list of known
Broker Servers, their configurations, and current status. If the program cannot contact the
Broker Server Monitor, it provides a list of the configurations of known Broker Servers
from the Broker Server configuration file. This is the only subcommand to server_config
that you can use with a host other than the local host.
Syntax
server_config.exe list [-h host]
Arguments
Argument Description
-h host Lists Broker Servers running on the specified Broker Server Host.
Example
The following lists the running Broker Servers on the host atlas.
server_config.exe list -h atlas
server_config remove
The remove subcommand removes the Broker Server from the configuration file, but
does not remove the data directory. Therefore you can add the Broker Server back to the
configuration file at another time. When you execute the command to remove a Broker
Server, you are presented with configuration information for the Broker Server and
prompted to continue. Before you remove the Broker Server, make sure the Broker Server
is not running.
Syntax
server_config.exe remove [-f] [-S]
Example
The following example removes a Broker Server.
server_config.exe remove “C:\Program
Files\webmethods6\Broker\data\awbrokers61\server2”
server_config start
The server_config start command starts the Broker Server.
Syntax
server_config.exe start -h host:port
Arguments
Arguments Description
-h Displays a usage message.
host:port The name of the Broker Server to be started. If you omit the Broker
Server name, the Server on the local host is assumed. If you omit
the port number, the default port 6849 is assumed.
server_config stop
The stop subcommand stops all Brokers running on the Server, halts all document
delivery, and disconnects all clients.
To stop a Broker Server, use this command syntax:
server_config.exe stop -h host:port
Arguments
Argument Description
-h Displays a usage message.
host:port The name of the Broker Server to be stopped. If you omit the
Broker Server name, the Server on the local host is assumed. If you
omit the port number, the default port 6849 is assumed.
server_config storage
The storage subcommand configures storage sessions for a specified Broker Server.
Upon installation of a Broker Server the user will have created two separate data files: a
log file, into which data is first written before being stored in the second file, a storage file.
By default, each Broker Server has only one log file of up to 1GB with a transaction size of
1GB, and a storage file that can be increased to a maximum size of 32GB by using the
server_config storage command. For details regarding log file size, see “Maximum
Storage File Size” on page 84.
In addition to the storage file created upon installation, you can add up to 61 additional
storage files—each with a maximum size of 32GB—to a Broker Server.
When configuring storage sessions for a Broker Server, it is important to note that the
storage cache size should be at least as large as the storage log file. Otherwise, the Broker
performance for durable events will be reduced. See “Configuring the Storage Cache Size
for a webMethods Broker Server” on page 194 for information and instructions on
configuring a Broker Server’s storage cache size.
Note: You must stop the Broker Server before configuring additional storage files.
Syntax
storage datadir
[ -qs_log_file filename file-size ]
[ -qs_storage_file filename file-size [reserved-size]]*
Arguments
Argument Description
data_dir The path to the data directory for the Broker Server to which you
are adding storage files.
Use double quotes if there is spacing in the data directory path.
Argument Description
-qs_log_file
Note: For qs sessions, you can configure a single log file, and
multiple storage files, that is, -qs_storage_file can appear
multiple times.
-
qs_storage_file
filename Name of the storage file.
Note: For qs sessions, you can configure a single log file and
multiple storage files, that is, -qs_storage_file can appear multiple
times.
Example
The following example creates an additional storage file for a Broker Server:
server_config.exe storage “C:\Program
Files\webmethods6\Broker\data\awbrokers61\default” -qs_storage_file
“C:\Program Files\webmethods6\Broker\data\awbrokers61\default\
MoreStorage.qs.stor” 1024M 128M
1 Stop the Broker Server. For instructions, see “broker_stop and broker_start” on
page 205.
2 Use an editor to open the awbroker.cfg file located in the Broker Server’s data
directory.
3 Add the following line to the awbroker.cfg file:
storage-max-cache-size=nnn
Where nnn is a cache size value. For example, if you wanted to change the cache value
to 256MB, you would enter the following:
storage-max-cache-size=256
server_config update
You can update the following configuration information for an existing Broker Server:
Runtime license key
Note: On Windows, the port number is part of the service name. Hence, if you change the
port number, the program attempts to change the service name, an action that may not
succeed. To update a port number on Windows, another strategy is to use the create
subcommand to create a new Broker Server, copy the data files from the old data
directory (not including the awbroker.cfg file), and delete the old Broker Server using the
delete subcommand.
Syntax
server_config.exe update data_dir [-k license_key] [-d description]
[-p port] [-S]
For the changes to take effect, you must restart the Broker Server. To change the port
number. You must stop the Broker Server before using the server_config program.
Arguments
Argument Description
data_dir The path to the data directory for the Broker Server you are
updating.
Use double quotes if there is spacing in the data directory path.
-k license_key The new runtime license key.
-d description A new description of the Broker Server. This optional description
appears in the Broker Administrator main window. If the text
string includes spaces, enclose it in quotation marks.
-p port A new port number to be used by the Broker. Stop the Broker
before you attempt to change the port number.
-S Silent operation. No output is shown except for warnings and
error messages.
Example
The following example updates the configuration of a Broker to use a new runtime license
key. The required license key is abbreviated here.
server_config.exe update “C:\Program
Files\webmethods6\Broker\data\awbrokers61\server2” -k BKR-XXXX
broker_buildall
Use the broker_buildall command line utility to compile all intelligent integration
components and scripted operations from a Broker. This command line utility is
particularly useful when used in conjunction with broker_load to migrate a Broker
configuration from your webMethods Broker test environment to your production
environment.
When you run the broker_buildall command line utility, it compiles all components on
the Broker that have the “Need to compile” status. If an error is encountered while
compiling, broker_buildall writes a message to the event log and continues with the
next component. You can recompile if necessary.
Syntax
broker_buildall [-force] [-output] [-h] [-?] [--] [broker@]server[:port]
[-idhelp] [id_options]
Arguments
Argument Description
-h Displays a usage message.
-? Displays usage help for Java command line options
-force Causes the tool to bypass error checking. Forces a recompile for
every Scripted Operation and Intelligent Integration Component
regardless of their state.
-output The command outputs standard output name of component being
compiled.
-- Allows the Broker name to start with the character -.
[broker@]server[: The name of the Broker Server (and optionally, the Broker and the
port] port number) on which to load the Broker information. If you omit
the Broker name, the default Broker is assumed. If you omit the
Broker Server, only syntax checking is performed on the file.
-idhelp Displays a usage message for the ID options.
Argument Description
[id_options] Provide identification needed for administrative access to Brokers
or webMethods Brokers if they are protected by Access Control
Lists (ACLs).
Using ACLs, it is possible to limit administrative access to Brokers
or webMethods Brokers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
webMethods Broker, as described in “Access Control Lists” on
page 153. To gain administrative access, use the following ID
options with the broker_status command:
-certfile Name of the certificate file to be used for this connection.
filename
-password Password for the certificate file. You will be prompted for the
password password if you omit it from the command.
-dn name The Distinguished Name used to provide the Identity for this
command. Optional if there is only one Distinguished Name in the
certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
broker_create
If you want to work from the command line, rather than from Broker Administrator, you
can use the broker_create command to create a Broker.
Syntax
broker_create -h [[--]broker[@server[:port]] [-default]
[-description text] [-createterr territory]
[-jointerr broker[@server[:port]]] [-idhelp] [id_options]
Arguments
Argument Description
-h Displays a usage message.
-- Allows the Broker name to start with the
character -.
broker[@server The name to be assigned to the Broker. Broker Server and port
[:port]] number are optional if the Broker Server is on the local host.
-default Makes the Broker the default Broker.
Argument Description
-description A one-line description of the Broker, to be displayed in Broker
text Administrator main window.
-createterr Creates a new territory and makes the new Broker the first member.
territory
-jointerr Makes the new Broker a member of the territory that the specified
broker Broker is a member of.
[@server[:port]]
-idhelp Displays a usage message for the ID options listed below.
[id_options] Provide identification needed for administrative access to Brokers
or Broker Servers if they are protected by ACLs. See the following
list of ID options.
Using ACLs, it is possible to limit administrative access to Brokers
or Broker Servers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or Broker
Server, as described in “Access Control Lists” on page 153.
To gain administrative access, use the following ID options with the
broker_stop command:
-certfile Name of the certificate file to be used for this connection.
filename
-password Password for the certificate file. You will be prompted for the
password password if you omit it from the command.
-dn name The Distinguished Name used to provide the Identity for this
command. Optional if there is only one Distinguished Name in the
certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
broker_delete
If you want to work from the command line, rather than from Broker Administrator, you
can use the broker_delete command to delete a Broker. The named Broker leaves its
territory, if it belongs to one. All client queues on the Broker are lost, all client queues are
disconnected, and the Broker, all of its document types, and client groups are deleted
permanently. By default, you are prompted to confirm this command.
syntax
broker_delete [-h] [-y] [[--] broker@server[:port]] [-idhelp] [id_options]
Arguments
Argument Description
-h Displays a usage message.
-y Implied “yes.” If this option is included, the command does not
prompt for confirmation before deleting the Broker.
-- Allows the Broker name to start with the
character -.
broker@server The name of the Broker to be deleted and the Broker Server on
[:port] which it resides. If you do not specify the port number, the default
port is assumed.
-idhelp Displays a usage message for the ID options listed below.
[id_options] Provide identification needed for administrative access to Brokers
or webMethods Brokers if they are protected by ACLs.
Using ACLs, it is possible to limit administrative access to Brokers
or webMethods Brokers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
webMethods Broker, as described in “Access Control Lists” on
page 153. To gain administrative access, use the following ID
options with the broker_status command:
-certfile Name of the certificate file to be used for this connection.
filename
-password Password for the certificate file. You will be prompted for the
password password if you omit it from the command.
-dn name The Distinguished Name used to provide the Identity for this
command. Optional if there is only one Distinguished Name in the
certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
broker_load
Use the broker_load program, from the command line, to import Broker data from a file
to a Broker.
Note: If the import file contains a new SSL configuration, you may need stop and restart
the Broker Server for the configuration to take effect. In such cases, the broker_load
program prompts for whether or not you want to stop and restart the Broker Server at
that time. Also, if the import file does not contain the password for the certificate file, you
are prompted for it.
Important! The broker_load program divides large files into 2MB pieces. The pieces are
then imported sequentially to the Broker and reassembled. If an error occurs during this
process, some document types may still be loaded, that is, the file may be partially
loaded if there is an error and the Broker is left in a partially updated state.
Syntax
broker_load [-h] input_file [-force] [-merge] [-write output_file]
[[--] [broker@]server[:port]] [-idhelp] [id_options]
Arguments
Argument Description
-h Displays a usage message.
input_file The file you saved the Broker configuration information to using
the broker_save command.
-force Causes the tool to bypass error checking.
-write The command writes a copy of the definitions in the input file to
output_file the specified output file using the latest revision of the export file
format. If no output file is specified, the only output is syntax
errors.
-- Allows the Broker name to start with the
character -.
[broker@]server[: The name of the Broker Server (and optionally, the Broker and the
port] port number) on which to load the Broker information. If you omit
the Broker name, the default Broker is assumed. If you omit the
Broker Server, only syntax checking is performed on the file.
-idhelp Displays a usage message for the ID options listed below.
Argument Description
[id_options] Provide identification needed for administrative access to Brokers
or webMethods Brokers if they are protected by Access Control
Lists (ACLs).
Using ACLs, it is possible to limit administrative access to Brokers
or webMethods Brokers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
webMethods Broker, as described in “Access Control Lists” on
page 153. To gain administrative access, use the following ID
options with the broker_status command:
-certfile filename
broker_ping
Use the broker_ping command to send system ping documents through a Broker. If the
document passes through the Broker Server and returns to broker_ping, a positive
message is printed. By default, one document is sent. If no document returns, a negative
message is printed. The broker_ping command has the following syntax:
broker_ping [-h] [-s] [-c count] [-remote [/territory/]broker2]]
[[--] [broker@]host[:port]] [-idhelp] [id_options]
Using Access Control Lists (ACL), it is possible to limit administrative access to Brokers or
Broker Servers. To be granted access, you must provide a Distinguished Name that
matches the ACL for the Broker or Broker Server, as described in “Access Control Lists”
on page 153. To gain administrative access, use the following ID options with the
broker_ping command:
-certfile filename Name of the certificate file to be used for this connection.
-password password Password for the certificate file. You will be prompted for
the password if you omit it from the command.
-dn name The Distinguished Name used to provide the Identity for
this command. Optional if there is only one Distinguished
Name in the certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
local Broker Alpha on the host atlas and remote Broker Beta in the same territory. The
command is:
broker_ping -remote Beta Alpha@atlas
To ping the Broker Gamma, which is in the territory T-2, across a territory gateway, the
command is:
broker_ping -remote /T-2/Gamma Alpha@atlas
To use broker_ping across a territory gateway, the document type Broker::Ping must be
shared across the gateway. For more information about sharing documents across
territory gateways, see “Territory Gateways” on page 130.
broker_save
Use the broker_save program from the command line to save Broker configuration
information for a specified Broker to a file.
Syntax
broker_save [-h] [-broker] [-server] [-native] output_file
[[--] [broker@]server[:port]] [-idhelp] [id_options]
Arguments
Argument Description
-h Displays a usage message.
-broker Includes the Broker’s configuration in the save file. The default is to
exclude it from the file.
-server Includes the Broker Server’s SSL configuration and logging options
in the save file. The default is to exclude them from the file.
-native Write Unicode characters using the native file format.
-- Allows the Broker name to start with the character -.
[broker@]server The name of the Broker Server (and optionally, the Broker and port
[:port] number) from which to save the Broker information. If you omit the
Broker name, the default Broker is assumed.
-idhelp Displays a usage message for the ID options listed below.
Argument Description
[id_options] Provide identification needed for administrative access to Brokers or
webMethods Brokers if they are protected by ACLs.
Using ACLs, it is possible to limit administrative access to Brokers or
webMethods Brokers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
webMethods Broker, as described in “Access Control Lists” on
page 153. To gain administrative access, use the following ID options
with the broker_status command:
-certfile filename
Examples
To save a configuration file for each server and each Broker in the configuration, use:
For Broker Servers:
broker_save -server alpha.adl Alpha
broker_save -server beta.adl Beta
For Brokers:
broker_save -BrokerA.adl Broker A@Alpha
broker_save -BrokerB.adl Broker B@Alpha
broker_save -BrokerC.adl Broker C@Beta
broker_save -BrokerD.adl Broker D@Beta
The preceding examples of the broker_save command do not show a full pathname for
the ADL file and do not include (optional) SSL identification options.
broker_stop
The broker_stop command stops all Brokers running on the Broker Server, halts all
document delivery, and disconnects all clients.
Syntax
broker_stop [-h] [-idhelp] [-y] [server[:port]] [id_options]
Arguments
Argument Description
-h Displays a usage message.
-idhelp Displays a usage message for the ID options listed below.
-y Implied “yes.” If this option is included, the command does not
prompt for confirmation before stopping the Broker Server.
server[:port] The name of the Broker Server you want to stop. If you omit the
Broker Server name, the Broker Server on the local host is
assumed. If you omit the port number, the default port 6849 is
assumed.
[id_options] Provide identification needed for administrative access to Brokers
or Broker Servers if they are protected by ACLs. See the following
list of ID options.
Using ACLs, it is possible to limit administrative access to Brokers
or Broker Servers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
Broker Server, as described in “Access Control Lists” on page 153.
To gain administrative access, use the following ID options with
the broker_stop command:
-certfile Name of the certificate file to be used for this connection.
filename
-password Password for the certificate file. You will be prompted for the
password password if you omit it from the command.
Argument Description
-dn name The Distinguished Name used to provide the Identity for this
command. Optional if there is only one Distinguished Name in the
certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
broker_start
The broker_start command starts the Broker Server.
Syntax
broker_start [-h] [server[:port]]
Arguments
Argument Description
-h Displays a usage message.
server[:port] The name of the Broker Server you want to start. If you omit the
Broker Server name, the Broker Server on the local host is
assumed. If you omit the port number, the default port 6849 is
assumed.
To shut down a Broker Server (awbrokermon and awbroker processes) on Solaris, HP-UX,
and Windows platforms, use the commands described in the following sections.
Note: On Solaris, you can only run these commands as user root or user bin. These
commands can only shut down webMethods Broker processes on the local machine.
This command stops the webMethods Broker processes, awbrokermon and awbroker.
To restart the webMethods Broker processes, enter this command:
/etc/rc3.d/S45broker60 start
Note: On HP-UX, you can only run these commands as user root or user bin. These
commands can only shut down webMethods Broker processes on the local machine.
This command stops the webMethods Broker processes, awbrokermon and awbroker.
To restart the webMethods Broker processes, enter this command:
/sbin/rc3.d/S45broker60 start
broker_status
The broker_status command displays statistics from the command line for a specific
Broker. The statistics displayed include Broker status, document delivery statistics, and
client statistics.
Syntax
broker_status [-h] [-idhelp] [id_options] [broker@]server[:port] ...
Arguments
Argument Description
-h Displays a usage message.
-idhelp Displays a usage message for the ID options listed below.
[id_options] Provide identification needed for administrative access to Brokers
or webMethods Brokers if they are protected by Access Control
Lists (ACLs).
Using ACLs, it is possible to limit administrative access to Brokers
or webMethods Brokers. To be granted access, you must provide a
Distinguished Name that matches the ACL for the Broker or
webMethods Broker, as described in “Access Control Lists” on
page 153. To gain administrative access, use the following ID
options with the broker_status command:
-certfile Name of the certificate file to be used for this connection.
filename
-password Password for the certificate file. You will be prompted for the
password password if you omit it from the command.
-dn name The Distinguished Name used to provide the Identity for this
command. Optional if there is only one Distinguished Name in the
certificate file.
-noencrypt Do not use encryption for the connection. By default, every
connection using a certificate is encrypted.
[broker@]server[:p The name of the webMethods Broker (and optionally, the Broker
ort] and port number) from which to receive status. If you omit the
Broker name, the Broker Server sends the status of all Brokers.
1 Open the Server Administrator by clicking Administration in the banner area of Broker
Administrator.
2 In the Settings menu of the navigation area, click Resources.
3 Click Edit Resource Settings.
4 In the Session Timeout field, increase the number of minutes you want the server to
wait before terminating a session.
5 Click Save Changes.
For more information about the setting the Session Timeout limit, see the webMethods
Integration Server Administrator’s Guide.
Importing a Large ADL File Using the broker_load Command Line Utility
Replace filename with the name of the output .adl file and replace broker@server:port
with the name of the Broker Server (and optionally, the Broker and port number)
from which to save the Broker information. If you omit the Broker name, the default
Broker is assumed.
Example:
broker_save LargeFile.adl hercules:7000
Replace directory and filename with the location and the name of the .adl file. Replace
broker@server:port with the name of the Broker Server (and optionally, the Broker and
the port number) on which to load the Broker information. If you omit the Broker
name, the default Broker is assumed.
Example:
broker_load -Xmx256M \webMethods6\Broker\bin\LargeFile.adl atlas:6849
For more broker_load command line options, see “broker_load” on page 200.
Each: Uses:
To change the limit on the maximum number of threads per process, use the
max_thread_proc kernel parameter in the HP-UX System Administration Manager
(SAM). For more information on SAM, see your HP-UX documentation.
1 Ensure that the webMethods Broker, the Integration Server, and Broker
Administrator are installed on the local machine. Refer to the webMethods Installation
Guide for detailed instructions.
2 On the same machine, configure a Broker Server using the name “localhost” instead
of the hostname or IP address of the machine. Creating Broker Server localhost,
allows the machine to be disconnected from the network at anytime without
generating errors.
Tip! With Broker Administrator you can create multiple instances of a single Broker
Server. For example, you can create a Broker Server instance using its actual hostname
so that it is available on the network and create another instance of the same Broker
Server using “localhost” as its hostname so that it is available offline. For more
information, see “Working with Multiple Instances of a Single Broker Server” in the
next section.
Important! If you have multiple instances of a single Broker Server, please note that it will
cause redundancies in the Territories List and Join Territory pages; that is, the same
territories will be listed multiple times.
Storage types The Broker Server’s Persistent and Guaranteed storage files
each have a fixed maximum size. See “Client Queue Storage
Types” on page 83 and “Maximum Storage File Size” on
page 84.
Memory resources Factors such as the amount of physical memory and swap
space can determine how quickly documents pass through a
Broker. For information tuning your webMethods Broker
system for performance, see the webMethods Installation Guide
Thread limits on For HP-UX systems, see “Setting Maximum Thread Limit for
HP-UX HP-UX” on page 211.
A Broker Server might easily support over 30 Brokers if each Broker handles light traffic.
A few Brokers, each handling a high volume of large documents, may tax the Broker
Server’s capacity. For information about monitoring Broker Server usage, see “Monitoring
webMethods Broker Server Usage” on page 46.
Msg
No. Error Message Explanation
1000 webMethods Broker ready, process Informational.
id number
1001 webMethods Broker exiting, process Informational.
id number
1002 Could not start Windows sockets: Check the network configuration.
system error
1003 Wrong version of Windows sockets Unsupported version of Windows.
1004 Could not get local host name: system Check the network configuration.
error — Check network
configuration.
1005 Cannot open guaranteed data store: A fatal error has occurred. Data store
system error files are not accessible.
1006 Cannot open persistent data store: This error message is no longer issued
system error by the Broker Server.
1007 Cannot allocate guaranteed storage: This error message is no longer issued
system error by the Broker Server.
1008 Data store wrong version Data files cannot be used from one
version of the product to the next.
1009 - Starting adapter process... These error messages were adapter-
related and are no longer issued by
1020
the Broker Server.
1021 Cannot accept connections: system Check the network configuration.
error
1022 Cannot create main socket for Check the network configuration.
network connections: system error
Msg
No. Error Message Explanation
1023 Cannot bind main socket to port Software was installed more than
number: system error — Another once.
webMethods Broker may be running
already
1024 Cannot create thread: system error — This error message is no longer issued
[EXITING] by the Broker Server.
1025 webMethods Broker Monitor ready, Informational.
process id number
1026 webMethods Broker Monitor This error message is no longer issued
exiting, process id number by the Broker Server.
1027 Cannot open config file file name: UNIX only. Missing configuration file.
system error — The webMethods Call webMethods Technical Services.
Broker Monitor must be started in
the top install directory
1028 Incomplete config file file name This error message is no longer issued
by the Broker Server.
1029 Restarted webMethods Broker file x UNIX only. Problem starting Broker
times, giving up Server. Look for other error message.
1030 Starting webMethods Broker file — UNIX only. Install problem.
cannot create process: system error
1031 Stopping webMethods Broker file This error message is no longer issued
pid number — cannot terminate by the Broker Server.
process: system error
1032 Stopping webMethods Broker Install problem.
directory pid number - cannot get
exit code: system error
1033 Unexpected stop of webMethods Broker Server runtime error. Call
Broker file pid number — exit code webMethods Technical Services.
number
1034 Unexpected stop of webMethods UNIX only. Install problem.
Broker file pid number — Signal x and
system error
1035 - webMethods Broker directory pid These error messages are no longer
number... issued by the Broker Server.
1036
1037 Wait on synchronization object An internal error has occurred. Call
failed: system error webMethods Technical Services.
Msg
No. Error Message Explanation
1038 Starting webMethods Broker file Informational.
1039 Stopping webMethods Broker file Informational.
pid number
1040 Cannot get address for local host This error message is no longer issued
name: system error by the Broker Server.
1041 Cannot create socket for SNMP: This error message is no longer issued
system error — SNMP traps will not by the Broker Server.
be sent
1042 Cannot bind SNMP socket to port: This error message is no longer issued
system error — SNMP traps will not by the Broker Server.
be sent
1043 Starting webMethods Broker — UNIX only. Something is wrong with
could not find executable file: system the install.
error
1044 Starting webMethods Broker — UNIX only. Something is wrong with
cannot create pipe: system error the install.
1045 Starting webMethods Broker — file is UNIX only. Something is wrong with
not executable the install.
1046 Starting webMethods Broker — UNIX only. Something is wrong with
cannot find directory: system error the install.
1047 Starting webMethods Broker — UNIX only. Something is wrong with
directory is not a directory the install.
1048 Parsing filter n — y This error message is no longer issued
by the Broker Server.
1049 webMethods Broker cannot get IP This error message is no longer issued
address for itself x: by the Broker Server.
1050 Multiple attempts to open data store. This error message is no longer issued
by the Broker Server.
1051 Insufficient memory resources for Out of memory.
operation
1052 - Storage-related messages from pre- These error messages are no longer
1084 5.0 Servers. issued by the Broker Server.
1085 %1 This error message entry is no longer
issued by the Broker Server.
1086 %1: %2 This error message entry is no longer
issued by the Broker Server.
Msg
No. Error Message Explanation
1087 Cannot start service dispatcher: Internal error for Windows Systems
system error only.
1088 Object system error: system error This error message is no longer issued
by the Broker Server.
1089 Cannot register service service name: Internal error for Windows Systems
system error only.
1090 Cannot access registry key key: This error message is no longer issued
system error by the Broker Server.
1091 Cannot access directory directory: This error message is no longer issued
system error by the Broker Server.
1092 Cannot set environment variable This error message is no longer issued
variable: system error by the Broker Server.
1093 Cannot set service status: system error Internal error for Windows Systems
only.
1094 Attempted to start webMethods This error message is no longer issued
Broker before starting webMethods by the Broker Server.
Broker Monitor.
1095 Attempted to stop webMethods This error message is no longer issued
Broker before starting webMethods by the Broker Server.
Broker Monitor.
1096 Cannot open service control Internal error for Windows Systems
manager: system error only.
1097 Cannot create service service name: Internal error for Windows Systems
system error only.
1098 Cannot open service service name: Internal error for Windows Systems
system error only.
1099 Cannot delete service service name: Internal error for Windows Systems
system error only.
1100 Cannot start service service name: Internal error for Windows Systems
system error only.
1101 Cannot stop service service name: Internal error for Windows Systems
system error only.
1102 The license key is missing for Install problem.
webMethods Broker. The software
will not run without a license key
Msg
No. Error Message Explanation
1103 The license key x is invalid. The Incorrectly typed key.
webMethods Broker will not run
without a valid license key
1104 The license key has expired for the Expired license key Call webMethods
webMethods Broker. The Broker will Technical Services.
not accept any documents until the
license is updated
1105 Broker initialization failed, network An internal error has occurred during
manager did not start — system error start up. Call webMethods Technical
Services.
1106 Broker initialization failed, network This error message is no longer issued
listener did not start — system error by the Broker Server.
1107 Internal error — system error An internal error has occurred. Call
webMethods Technical Services.
1108 Broker initialization failed, cannot An internal error has occurred during
create IO port — system error start up. Call webMethods Technical
Services.
1109 Client connection failed, cannot use An internal error has occurred. Call
IO port — system error webMethods Technical Services.
1110 Persistent data file file name is This error message is no longer issued
missing, resetting brokers and client by the Broker Server.
queues.
1111 Found persistent storage file, but no This error message is no longer issued
guaranteed storage file. Expected to by the Broker Server.
find file file name.
1112 Reached operating system The process or computer cannot
connection limit. No more support any more connections. See
connections can be made to the your system documentation about
webMethods Broker until existing increasing the connection limit or
connections are closed resources.
1113 Network I/O operation x failed — Unexpected I/O failure, connection
system error closed. The computer may be running
low on memory.
1114 Wrong password for SSL key file file You have provided an incorrect
name. SSL disabled. password for the SSL certificate file.
1115 Could not find SSL key file file name. The specified SSL certificate file does
SSL disabled. not exist.
Msg
No. Error Message Explanation
1116 Error in SSL key file file name, error The certificate file has an invalid entry
code x. SSL disabled. or is corrupted. Make sure you have a
valid certificate file.
1117 Error in SSL library error code. Could This error message is no longer issued
not find symbols symbol name — SSL by the Broker Server.
disabled.
1118 Could not create SSL socket, error An internal error has occurred. Call
code x. SSL disabled. webMethods Technical Services.
1119 Could not accept SSL connection, There is an error on the client side of
error code x the connection.
1120 Could not accept SSL connection, There is an error on the client side of
bad handshake from address:port. the connection.
1121 Fatal error, SSL disabled: error_code1 An internal error has occurred. Call
error_code2 webMethods Technical Services.
1122 Could not find DN <Distinguished The certificate file does not contain the
Name> in key file file name. SSL specified Distinguished Name. Make
disabled. sure you have a valid certificate file.
1123 SSL connection using expired The specified certificate belonging to
certificate the client has expired. Get a valid
DN = <Distinguished Name> certificate from your Certificate
begin-date = date Authority.
end-date = date
1124 webMethods Broker SSL certificate The specified certificate used by the
has expired. Clients using SSL may Broker Server has expired. Get a valid
refuse to connect to webMethods certificate from your Certificate
Broker until the certificate is Authority.
renewed.
DN = <Distinguished Name>
begin-date = date
end-date = date
1125 No certificate for DN <Distinguished The certificate file does not contain the
Name> in key file file name. SSL specified Distinguished Name. Make
disabled. sure you have a valid certificate file.
1126 Incomplete configuration, the Broker This error message is no longer issued
cannot be started. This is usually by the Broker Server.
caused by an error during
installation.
Msg
No. Error Message Explanation
1127 webMethods Broker server failed on See the system log for more errors.
first start, giving up.
1128 Out of memory while sending data A low memory condition exists on the
to IP network address address, host.
connection has been broken
1129 - Persistent data file file name is... These error messages are no longer
1134 issued by the Broker Server.
1135 The statistics for Broker have been This error message is no longer issued
reset. by the Broker Server.
1136 The incoming queue for Broker has This error message is no longer issued
been reset, all unprocessed persistent by the Broker Server.
documents have been lost.
1137 The statistics for document type This error message is no longer issued
document type on Broker have been by the Broker Server.
reset.
1138 The statistics for client group Client This error message is no longer issued
Group on Broker have been reset. by the Broker Server.
1139 The statistics for client client on This error message is no longer issued
Broker have been reset. by the Broker Server.
1140 The queue for client client on Broker This error message is no longer issued
has been reset, all unfetched by the Broker Server.
persistent documents have been lost.
1141 Could not determine Fully Qualify The Broker Server cannot determine
Name for computer, using host. this host’s complete name; the domain
Some clients Broker or Brokers may part is missing. This error usually
not be able to contact this Broker. indicates a problem with the host’s
name service configuration. Brokers
may be unable to communicate with
other Brokers or clients, especially
those in other domains.
1142 Close to maximum storage limit on This error message is no longer issued
data store file — xK bytes available, by the Broker Server.
yK bytes maximum
1143 Maximum storage limit reached for This error message is no longer issued
data store file — xK bytes available, by the Broker Server.
yK bytes maximum
Msg
No. Error Message Explanation
1144 Resolved low storage space for data This error message is no longer issued
store file — xK bytes available, yK by the Broker Server.
bytes maximum
1145 The statistics for remote Broker This error message is no longer issued
remote Broker on Broker have been by the Broker Server.
reset.
1146 The forward queue for remote This error message is no longer issued
Broker remote Broker on Broker has by the Broker Server.
been reset, all unprocessed persistent
documents have been lost.
1147 Warning: could not write The Broker Server Monitor service
webMethods Broker configuration could not write the awbroker.cfg file
file. to the directory.
1148 Could not read webMethods Broker The Broker Server Monitor service
configuration file file name from could not find the Broker Server
directory directory: error code configuration file at the specified
location.
1149 Incomplete webMethods Broker The Broker Server configuration file is
configuration file file name from corrupted.
directory directory [EXITING]
1150 Could not read new webMethods The Broker Server Monitor service
Broker configuration file in directory could not find the Broker Server
directory configuration file at the specified
location.
1151 Could not read webMethods Broker The Broker Server Monitor service
configuration file in directory could not find the webMethods
directory. Broker configuration file at the
specified location.
1152 Could not query webMethods An internal error has occurred on a
Broker as service service name: system Windows System.
error.
The Broker Server Monitor cannot
query the Broker Server service.
1153 webMethods Broker Monitor found Informational message
new webMethods Broker with data
directory in directory.
Msg
No. Error Message Explanation
1154 webMethods Broker Monitor found Informational message
webMethods Broker with data
directory in directory, already
known.
1155 webMethods Broker Monitor Informational message.
reading configuration from file file
name.
1156 Received an error label reply from An access label adapter failed to
access label adapter ALA_name: assign an access label for the specified
Error: error_code client.
Detail: error_text
Client DN: Distinguished Name
Client Issuer DN: Distinguished Name
1157 Received a label reply for an An access label adapter has returned
unknown client from access label an access label when the Broker was
adapter ALA_name: not expecting one.
Client DN: Distinguished Name
Client Issuer DN: Distinguished Name
1158 Error: Could not find access label The access label adapter for this
adapter client. Access label lookup Broker is not running.
not available.
1159 Received reply containing an illegal The access label adapter has issued an
label from access label adapter access label that has an invalid form.
ALA_name
1160 Error: Could not allocate memory to A low memory condition exists on the
send lookup to access label adapter. host.
Access label lookup not available.
1161 Error: Could not prepare lookup An internal error has occurred.
document to send to access label
adapter. Access label lookup not
available.
1162 Error: Could not create SSL socket: The Broker Server has not been
SSL not initialized. SSL disabled. configured for SSL support.
1163 Error: Could not create SSL socket The Broker Server cannot open the
for port port number: could not open SSL sockets used to accept client
socket (system error). SSL disabled. connections.
1164 Error: Could not create SSL socket A low memory condition exists on the
for port port number: no memory. SSL host.
disabled.
Msg
No. Error Message Explanation
1165 Error: Could not create SSL socket: Another application may be using the
bind to port port number failed (error port.
code). SSL disabled.
1166 Error: Could not create SSL socket: An unusual error condition has
listen on port port number failed occurred. Contact webMethods
(error code). SSL disabled. Technical Services and supply the text
of the log message.
1167 Warning: Could not resolve The hostname specified in
specified webMethods Broker awbroker.cfg could not be found.
hostname hostname to an IP address. The Broker-to-Broker feature may not
Connections from remote Brokers work.
may fail.
1168 SSL key file Key file seems to be Replace the server's certificate file.
corrupted. SSL disabled.
1169 Error: Cannot setuid to user name The user or group cannot be set for the
(uid uid): system error Broker Server Monitor. Check that
user bin and group bin exist on the
local system. If the user and group ids
are specified in awbroker.cfg, check
that they exist on the local system.
1170 Error: Cannot lookup user user or The user or group cannot be found for
group group. the Broker Server Monitor. Check that
user bin and group bin exist on the
local system. If the user and group ids
are specified in awbroker.cfg, check
that they exist on the local system.
1171 Error: Cannot make secure Broker One or more of the Brokers is
connections: SSL is disabled or not configured to use SSL in a territory,
configured. but the Broker Server SSL
configuration is missing or not
working.
1172 Broker: Cannot connect to The local name service configuration
webMethods Broker server, error in is incorrect, or the hostname is
resolving hostname to IP address: missing from the name service tables.
error code Contact local system administration to
fix the problem.
1173 Broker: Cannot connect to It is likely that the Broker Server is not
webMethods Broker server: error code. running on the remote host.
Msg
No. Error Message Explanation
1174 Broker: Connection to broker@server All Broker Servers in a territory need
was rejected by the remote broker. to include the Broker-to-Broker option
Reason: The remote Broker is not in their runtime license keys. Contact
licensed for territories. webMethods Technical Services.
1175 Broker: Connection to broker@server All Broker Servers in a territory must
was rejected by the remote broker. be compatible with the version of the
Reason: The remote webMethods webMethods Broker system.
Broker is incompatible with this
webMethods Broker.
1176 Broker: Connection to broker@server The remote Broker was removed from
was rejected by the remote broker. the territory but the local Broker has
Reason: The remote Broker does not not been updated about the removal.
have a territory set. This can be caused by poor
connectivity between Brokers in the
territory, or by forced removal of a
Broker using Broker Administrator.
This problem can be fixed by joining
the remote Broker to the territory, or
force removing it from the remaining
Brokers in the territory.
1177 Broker: Connection to broker@server See the explanation for error 1176.
was rejected by the remote broker.
Reason: The remote Broker is not
part of territory territory.
Msg
No. Error Message Explanation
1178 Broker: Connection to broker@server Territory security has been enabled
was rejected by the remote broker. and the local Broker does not meet the
Reason: Permission denied. permission requirements of the
remote Broker. This error can be
caused by an incorrect certificate DN
on the local Broker Server or
differences in encryption strength (for
example, if US Domestic encryption is
required by the territory but the local
Broker Server only supports US
Export).
This error might occur if the territory
security configuration is out of sync
among the Brokers in the territory.
Export the Broker configuration from
the local and remote Broker, and
compare them for inconsistencies.
Modify the exported ADL files to fix
any problems and import them to the
Broker using the broker_load
command-line program.
1179 Broker: Connection to broker@server Two Brokers have been configured as
was rejected by the remote broker. gateways to the remote Broker. Only
Reason: A gateway to territory one Broker in a territory can provide a
territory already exists on the remote gateway to a given remote territory.
broker.
1180 Broker: Connection to broker@server An unusual error condition has
was rejected by the remote broker. occurred. Contact webMethods
Reason: An internal error occurred Technical Services and supply the text
(error code x). of the log message.
1181 Broker: Cannot connect to An unusual error condition has
broker@server: Received a malformed occurred. Contact webMethods
reply from remote broker. Technical Services and supply the text
of the log message.
1182 Broker: Incorrect Broker connection An unusual error condition has
made to broker@server: configurations occurred. Contact webMethods
are not consistent. Technical Services and supply the text
of the log message.
Msg
No. Error Message Explanation
1183 Broker: Cannot connect to An unusual error condition has
broker@server: The logical clock is not occurred. Contact webMethods
consistent with the local copy. Technical Services and supply the text
of the log message.
1184 Broker: Initial synchronization failed An unusual error condition has
for Broker connection to occurred. Contact webMethods
broker@server. Technical Services and supply the text
of the log message.
1185 Broker: A Broker connection from See the explanation for error 1178.
broker@server was denied access.
1186 Broker: A gateway connection from See the explanation for error 1178.
broker@server was denied access.
1187 Broker: A Broker connection to This message is issued after a territory
broker@server was successfully connection has been fixed.
established.
1188 Cannot lock data file file name: error This error message is no longer issued
by the Broker Server.
1189 The persistent data file file name is The persistent data file Broker-pers
corrupted beyond repair and has been damaged and the automatic
automatic recovery is disabled. deletion option is disabled. The
[EXITING] Broker Server will not start until the
file is fixed or deleted.
1190 Error: Cannot open the internal log This error message is no longer issued
file file name: system error by the Broker Server.
Internal logging is disabled.
1191 Thread creation failed: system error Internal fatal error. The Broker Server
has run out of resources.
1192 Multiple servers (number of servers) Internal error for HP systems; only
not supported on this platform. one Broker Server supported at a time.
Only starting the first configured See the Release Notes in the HP/UX
server. section for instructions on how to
support multiple servers.
1193 Maximum transaction size exceeded. This error message is no longer issued
by the Broker Server.
1194 Could not accept SSL connection, A client connecting with SSL timed
handshake from IP address: port out.
number timed out after x ms.
Msg
No. Error Message Explanation
1195 - Error message 1195 - 1221 These error messages are used for
1221 internal purposed only. They are
never issued by the Broker Server.
1222 Check sum failed replaying the This error message is no longer issued
Guaranteed storage log. Broker by the Broker Server.
server cannot continue.
[CRASHING].
1223 Check sum failed processing a A fatal error has occurred. The storage
document (queue type name). Broker file has been corrupted.
server cannot continue.
C queue = client queue
[CRASHING].
F queue = forward queue
1228 The Server has no sessions No valid Broker sessions are
configured. [EXITING]. configured.
1229 The Server cannot initialize config The Server could not create the config
session with URL data_session_URL. session at the data_session_URL.
Error code error code. [EXITING]. Ensure QS files are available, files
could be corrupted or missing.
1230 The Server cannot initialize data The Server could not create the data
session with URL data_session_URL. session at the data_session_URL.
Error code error code. [EXITING]. Ensure QS files are available, files
could be corrupted or missing.
1231 The Server cannot access it’s Ensure the Server’s configuration files
configuration from the config are available, files could be corrupted
session: error code [EXITING] or missing.
1232 The Server cannot access it’s Ensure the Server’s confutation files
configuration from the data session: are available, files could be corrupted
error code [EXITING] or missing.
1233 The Server cannot access server The Broker Server does not issue this
config object. error message at this time.
1234 The Server cannot store it’s initial The Broker Server could not update
configuration to the config session: it’s initial configuration of the Broker
error code Server. Ensure the Server’s
configuration files are available, files
could be corrupted or missing.
Msg
No. Error Message Explanation
1235 Warning: Broker_name: Event The Broker Server tried to publish a
dropped from forward queue to document larger than 7MB between a
remote Broker_name because it was 5.0 Broker and pre-5.0 Broker.
larger than the receiving Broker’s
Pre-5.0 Brokers cannot accommodate
limit (value bytes).
documents larger than 7MB. Large
incoming documents will be
discarded by the pre-5.0 Broker.
Access Control List A list of SSL certificates that define those entities which
(ACL) may access a Broker or create a client within a particular
client group.
ActiveWorks A file format that allows you to define the characteristics
Definition Language of any webMethods Broker object, such as a Broker,
(ADL) Broker Server, client group, client, or a document type.
adapter A program that connects resources to documents.
Adapters translate information between the format
required by the resource and the common document
format. Adapters are hosted by the Integration Server.
ANSI string A string of 8-bit, ISO-Latin-1 characters. See also, UTF-8.
authentication The process of identifying the sender of the data so other
people cannot pretend to be you or pretend to be the
server you are accessing. The encryption is done
through secure sockets.
AWT Abstract Windowing Toolkit, the GUI toolkit that is
included with the Java Development Kit.
Broker A part of the Broker Server process, providing services
such as receiving, queuing, and delivering documents.
One or more Brokers can exist on a Broker Server. Each
Broker can have any number of document types, client
groups, and clients associated with it; they also share
process and storage space with other Brokers. Brokers
can be added to or leave territories.
See also, territory, territory gateway, and remote Broker.
life cycle The amount of time the Broker will maintain client state
information about a group member. See also, client state.
There are two types of client life cycles: destroy-on-
disconnect and explicit-destroy.
load balancing Shared client state (shared queues) allows parallel
processing to occur, thus improving performance. Load
balancing allows several adapters to handle documents
in parallel on a first-come, first-serve basis.
panel A kind of window that does not have a menu bar or
scroll bars. One or more panels can be inside other
windows.
persistent storage See storage type.
public key encryption An encryption technique that assigns each user two
keys: a public key and a private key. Your public key can
be freely distributed, while your private key is kept
secret. Other users may encrypt messages they send to
you using your public key and only the holder of your
private key, you, will be able to decrypt the message. A
user’s private key cannot be derived from their public
key.
publish To transmit a document to a Broker for use by
subscribers. An application publishes a document by
creating a document data structure or object (depending
on the application language) and then invoking its
adapter’s publishing operation. Adding and deleting
publishers has no impact on subscribers. See also, deliver.
RDBMS Relational database management system, such as
ORACLE, SYBASE, or INFORMIX.
remote Broker Another Broker in the same territory or in a territory that
is accessible through a territory gateway. From the
standpoint of a particular Broker, all other Brokers in the
territory are remote.
reply document The result of a request for data. If a request document
returns any results, these results are delivered to the
client as a reply document.
request document A document that requests something, typically
information from a database. Request documents are
published by Broker clients and subscribed to by
dbAdapters or by user-written adapters.
resource A producer or consumer of corporate information, such
as a database or an application.
Index
A gateway 130
Access Control List, see ACL guaranteed storage 68
ACL higher performance 66
Broker 161, 162 managing document types in 94
client group 162 max document types 17
territories 163 maximum number of clients 214
territory gateways 165 maximum number per territory 214
adapter view remote publish 133
about 27 single and multiple sessions 110
adding SSL 161, 162
Broker to Broker Administrator display 43 Broker activity, logging 48
Can Publish and Can Subscribe permissions 88 Broker Administrator 29, 31
more queue storage 194 administering Broker Servers 42
admin client group 162 Broker clients, managing 102
administrative access to Broker 155 certificate 31
applications, uninstalling 69 changing Broker status 65
arithmetic operators for filters 147 connection settings 30
assigning default status to a Broker 65 deploying additional Brokers 70
awbroker 60 document types, managing 94
awbroker.cfg file 77 identity settings 31
awbrokermon 60 Integration Server 26
awcert command, using Distinguished Names introduction 18
with 178 known servers 29, 31
known territories 29, 31
B logging on 24
navigating in 26
backing up Broker data 77
refreshing main page 29
behavior, Broker client 111
removing Broker Servers from 45
Broker
saving system configuration 75
ACL 162
setting up client groups 81
ACL for 161
setting up permissions 30
adding to Broker Administrator display 43
SSL 31
administrative access to 155
SSL support for 158
assigning default status to 65
starting 24
backing up data 77
starting server 59
creating 64
stopping server 59
data directory 77
Utilization page 46
deleting 68
views 27
deploying additional 70
displaying document scopes and document types 94
E H
encryption, public key 150 HP-UX, setting maximum thread limit for 211
error messages, Broker Server 215
Event Log I
Broker Administrator 50 Import/Export feature
explicit destroy 83 for copying Broker information 53
exportable format, changing certificate files to 177 importing
exporting from command line 200
single certificates 176 installing
certificates 173
F trusted roots 171
file Integration Server
awbroker.cfg 77 documentation 26
certificate, creating and managing 168 introduction 18
filter
clients 103 J
filtering documents 146 joining territories 129
filters multiple Brokers 129
arithmetic operators 147
displaying subscription 99
K
filter string rules 147
territory gateway 146 known servers
firewalls Broker Administrator 29, 31
known territories 29, 31
opening port through 179
preventing Gateway disconnection from 141
with SSL 179 L
working with 179 leaving territories 130
Force Join 129 license key for SSL 158
license key, updating 48
G lifecycles
destroy on disconnect 83
gateway, see territory gateways
explicit destroy 83
Gateways
properties of 83
pausing activity on 140
limitations
preventing firewall disconnections 141
max document types on Broker 17
resuming activity on 140
maximum size of document 17
generating certificate requests 171
listing
graph, territory 130
certificates 175
guaranteed documents 67
trusted roots 174
Guaranteed storage 84
localhost 212
Guaranteed storage files 84
Log Ack types 82, 87, 90
log options
configuring 49
removing 145 V
removing a shared document type 145 volatile documents 68
saving and restoring configuration 74 Volatile storage 84, 85
shared document type list (both Brokers) 142
shared document type list (one Broker) 144
W
SSL 165
territory graph 130 WARNINGS
broker_load program, large files 200
territory view
about 27 import file command, large files 56
Time to Live attribute 97 pre-5.0 Brokers, large files 67
WDL 75
trace events
Broker::Trace::Dropremote 67 webMethods Broker
troubleshooting information 12 Definition Language 75
implementing SSL 156
trusted roots
described 151 scalability 213
installing 171 system, shutting down 60
upgrading 42
listing 174
removing 174 using SSL with 153
TTL 97 webMethods Broker Administrator, see Broker Administrator 18
Windows
typographical conventions in this document 11
Event Log, Broker Administrator 50
Services dialog box 59
U
Windows Services
uninstalling applications 69 starting server 59
unique names for territories 126 stopping server 59
updating Broker Administrator 29 working without 212
updating the license key 48
upgrading
X
webMethods Broker 42
X.509 digital certificate 173
usage, Broker Server 46
Utility Logger 65
logging with Integration Server 91
Utilization page
Broker Administrator 46