Understanding Solace Messaging Credentials

This topic describes the credentials that an application bound to a Solace Messaging service instance gains access to. These credentials are stored in the VCAP_SERVICES environment variable. For examples of different ways that developers can configure their applications to consume the credentials, see the sample application GitHub repository.

Example Environment Variable

The VCAP_SERVICES environment variable is a JSON document, and follows the format of the example below:

{
  "VCAP_SERVICES": {
    "solace-messaging": [ {
        "name": "solmessaging-shared-instance",
        "label": "solace-messaging",
        "plan": "shared",
        "tags": [
          "solace",
          "rest",
          "mqtt",
          "mq",
          "queue",
          "event-streaming",
          "amqp",
          "jms",
          "messaging",
          "publish-subscribe",
          "message-queuing",
          "request-reply"],
        "credentials": {
          "clientUsername": "v005.cu000001",
          "clientPassword": "bb90fcb0-6c83-4a10-bafa-3ec225bbfc08",
          "msgVpnName": "v005",
          "jmsJndiTlsUri": "smfs://192.168.132.14:7001",
          "jmsJndiUri": "smf://192.168.132.14:7000",
          "managementHttpUris": ["http://192.168.132.14:8080/SEMP/v2"],
          "managementHttpsUris": ["https://192.168.132.14:443/SEMP/v2"],
          "managementPassword": "e4997de2-167b-401f-affd-3721e76ff88a",
          "managementUsername": "v005-mgmt",
          "mqttTlsUris": ["ssl://192.168.132.14:7027"],
          "mqttUris": ["tcp://192.168.132.14:7026"],
          "mqttWsUris": ["ws://192.168.132.14:7028"],
          "mqttWssUris": ["wss://192.168.132.14:7029"],
          "restUris": ["http://192.168.132.14:7024"],
          "restTlsUris": ["https://192.168.132.14:7025"],
          "smfTlsHost": "tcps://192.168.132.14:7001",
          "smfHost": "tcp://192.168.132.14:7000",
          "smfZipHost": "tcp://192.168.132.14:7002",
          "webMessagingTlsUri": "https://192.168.132.14:7005",
          "webMessagingUri": "http://192.168.132.14:7004"
        }
      }
    ]
  }
}

If the environment variable VCAP_SERVICES contains more than one service binding, you must search for the Solace Messaging service instance. You can search for the service instance statically by looking up a pre-defined name attribute or dynamically through the tags or label properties. See the Solace sample application for more information about achieving this.

Credentials Fields

Field Applies to messaging protocol Description
clientUsername All except management (SEMP) The client username used to access the messaging services
clientPassword All except management (SEMP) The client password used to access the messaging services
msgVpnName JMS, SMF, and webMessaging The name of the VPN allocated to the application
jmsJndiUri JMS The JNDI provider URL: InitialContext.PROVIDER_URL
jmsJndiTlsUri JMS The JNDI provider URL: InitialContext.PROVIDER_URL
mqttUris MQTT The MQTT service URIs
mqttTlsUris MQTT The MQTT service TLS URIs
mqttWsUris MQTT The MQTT WebSocket URIs
mqttWssUris MQTT The MQTT WebSocket TLS URIs
restUris REST The REST endpoints base URIs
restTlsUris REST The REST TLS endpoints base URIs
smfHost SMF The SMF HOST Session Property
smfTlsHost SMF The SMF TLS HOST Session Property
smfZipHost SMF The compressed SMF HOST Session Property
webMessagingUri Web Messaging The URL used to connect the session (solclientjs and solclientas), or the HOST Session Property (CCSMP, .NET API, and JAVA RTO)
webMessagingTlsUri Web Messaging The HTTPS URL used to connect the session (solclientjs and solclientas), or the HOST Session Property (CCSMP, .NET API, and JAVA RTO)
managementHttpUris Management (SEMP) The HTTP URIs to connect to the management service
managementHttpsUris Management (SEMP) The HTTPS URIs to connect to the management service
managementPassword Management (SEMP) The VPN’s administrative username
managementUsername Management (SEMP) The VPN’s administrative password

Messaging Protocols

The table above matches each field to the messaging protocol it uses. The Solace Messaging service supports the following messaging protocols:

Note: The application needs to provide the Message VPN when using the SMF, JMS, or Web Messaging protocols. As a result, the application needs to read the msgVpnName fields when using those protocols.

Each protocol can have multiple possible underlying transports. The field’s prefix specifies the protocol, while the infix specifies the transport underlying the protocol. For example, "mqttUris": ["tcp://192.168.132.14:7026"] specifies the MQTT protocol over TCP.

The application only needs one Host or Uris field to connect to the Message VPN, but which one it needs depends on the required protocol and transport combination.

The following list provides the available infixes:

  • Tls: TLS-encrypted
  • Ws: WebSocket
  • Wss: TLS-encrypted WebSocket
  • Http: Plain-text HTTP
  • Https: TLS HTTP
  • Zip: Compressed SMF (SMF with compression enabled)

For example, an application uses JMS plain text must read the following fields:

  • clientUsername
  • clientPassword
  • msgVpnName
  • jmsJndiUri

Management Protocol

The Solace Messaging service supports the Solace Elements Management Protocol (SEMP) as its management protocol. To use SEMP, an application must read the following fields:

  • managementUsername
  • managementPassword
  • Either managementHttpUris or managementHttpsUris

Usernames and Passwords

  • The credentials required by the various messaging protocols are provided by clientUsername and clientPassword.
  • The credentials required to manage the Message VPN are provided by managementUsername and managementPassword. For more information, see the Managing the Message VPN topic.
Was this helpful?
What can we do to improve?
Create a pull request or raise an issue on the source for this page in GitHub