pqMessenger: communication middleware for pqChecker - Page 1

pqMessenger operate between pqChecker and a MoM that supports the JMS protocol. It calls the three functions of pqChecker using the JNI gateway that it implements. On the other side it connects to the MoM. To exchange messages with the MoM, pqMessenger uses an address of type Topic which must be called: PwdChannel.

An application that synchronizes passwords with another system must subscribe (in the JMS meaning) to the Topic PwdChannel. Listening to this Topic, this application will receive in real time the new values of the passwords created or modified within the OpenLDAP server.


pqMessenger requires prior installation Java JRE 1.8 or above on the system. The single JAR file pqmessenger-x.x.jar contains the entire application. Deployment must be done on the same server as pqChecker. Launch parameters and two configuration files are required for the correct operation of the application.

  • The launch script provided pqmessenger.boot allows to correctly set the launch parameters
  • The application configuration file pqmessenger.yml contains the necessary operating parameters, including the connection parameters to the MoM. A template of this file is provided
  • The log configuration file log4j2.xml
All of these files are in the sys-resources/ source distribution folder.
Installation from binary packages installs these mandatory files and well sets them. The source distribution includes an installation script that performs this task on the target system. See How to install from source code for further details.

pqMessenger: cluster deployment When deploying a cluster of OpenLDAP servers for scaling or high availability, simply connect all instances of pqMessenger (one per deployment node) to the same MoM. Each server will be identified by its fully qualified host name (FQN) that will accompany the messages exchanged with the MoM. Such deployment configuration ensures that all servers in the cluster are configured identically for password content each time this configuration is changed. It also ensures that the MoM receives all new password values regardless of the server used for its modification.