Skip to main content
Version: 7.2405.x.x LTS

Migration Guide from adnjboss to adnwildfly

This chapter provides a guideline for migrating a nevisIDM (v2.62 or newer) instance with container type adnjboss (v5.1.x) to a new nevisIDM instance with container type adnwildfly (v10.1.x). The chapter covers the most common configuration use cases and makes recommendations for their migration.

There is no automated instance migration. Gather the information from the current source adnjboss instance and use this information to create a new target adnwildfly instance.

If the current adnjboss instance and the new adnwildfly instance should be on the same host, the existing adnjboss instance must be stopped first: nevisidm <instance_name> stop

Adnjboss instance parameters gathering - Server parameters

In a first step, gather all the required parameters of the current adnjboss instance. See also the next table. Some parameters are only required in case TLS is used.

When all the required parameters are known, skip the step [Parameter retrieval].

ParameterDefaultDescription
SERVER_URL_PROTOCOLhttp or httpsThe server protocol, in case of TLS the protocol is https.
SERVER_URL_SERVERlocalhostThe server host name
SERVER_URL_PORT8989The server port
PORT_RANGE_START10000To each service a port is assigned from this port range. The first service is the naming service of the application server. All other services are usually resolved via JNDI. An exception here is the web container port (used for web application and web service access). This one is specified using the SERVER_URL_PORT.
SERVER_SSL_KEYSTORE/var/opt/neviskeybox/
default/default/node_keystore.jks
Keystore used to identify the server (sent to client on SSL/TLS client hello). Only required for TLS.
SERVER_SSL_KEYSTORE_PASSWORDPassphrase to access the server keystore. Only required for TLS.
SERVER_SSL_TRUSTSTORE/var/opt/neviskeybox/
default/default/truststore.jks
Truststore used to validate client certificates. Only required for TLS.
SERVER_SSL_TRUSTSTORE_PASSWORDPassphrase to access the server truststore (usually not required, because truststore read for public certificates does not require protection). Only required for TLS.
NINJA_CERT/var/opt/neviskeybox/
default/nevis/truststore.jks
This parameter is used to configure the trust anchor for Nevis SecToken validation. It is used by the Nevis JAAS login module.
RTOWNERnvauserProcess owner of the instance
RTGROUPnvbgroupProcess group of the instance

Parameter retrieval

The server parameters can be retrieved from different configuration files listed in the following subchapters.

server.xml

The parameters SERVER_URL_PROTOCOL, SERVER_URL_SERVER, SERVER_URL_PORT, SERVER_SSL_KEYSTORE and SERVER_SSL_KEYSTORE_PASSWORD can be read from the http/s connector element in the file server.xml. The file can be opened with the command nevisidm <instance_name> config server, or by opening the file /var/opt/nevisidm/<instance_name>/deploy/jbossweb.sar/server.xml.

Below see two examples of the protocol type httpsand http.

HTTPS connector server.xml

<Connector
port="${SERVER_URL_PORT}" address="${SERVER_URL_SERVER}"
maxThreads="200" minSpareThreads="4" maxSpareThreads="50"
connectionTimeout="30000" acceptCount="200"
maxKeepAliveRequests="100" maxHttpHeaderSize="8192" disableUploadTimeout="true"
emptySessionPath="true" enableLookups="false" protocol="HTTP/1.1"
SSLEnabled="true" secure="true" scheme="https" sslProtocol="TLSv1.2" ciphers="TLS_DHE_RSA_WITH_AES_256_CBC_SHA,SSL_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"
keystoreFile="${SERVER_SSL_KEYSTORE}" keystoreType="JKS" keystorePass="${SERVER_SSL_KEYSTORE_PASSWORD}"
clientAuth="false"
SSLImplementation="ch.nevis.adnjboss.security.NevisJSSEImplementation"
/>

HTTP connector server.xml

<Connector
port="${SERVER_URL_PORT}" address="${SERVER_URL_SERVER}"
maxThreads="200" minSpareThreads="4" maxSpareThreads="50"
connectionTimeout="30000" acceptCount="200"
maxKeepAliveRequests="100" maxHttpHeaderSize="8192" disableUploadTimeout="true"
emptySessionPath="true" enableLookups="false" protocol="HTTP/1.1"
/>

env.conf

The parameters PORT_RANGE_START, RTOWNER and RTGROUP can be read from the environment variable in the file env.conf. The file can be opened with the command nevisidm <instance_name> config env or by opening the file /var/opt/nevisidm/<instance_name>/conf/env.conf directly.

See example below:

JBOSS_PORT_RANGE_START=${PORT_RANGE_START}
RTOWNER=${RTOWNER}
RTGROUP=${RTGROUP}

The parameters RTOWNER and RTGROUP should be consistent with the owner and the group of the instance in the file system, i.e.:

> ls -ld /var/opt/nevisidm/<instance_name> | awk '{print $3}'
${RTOWNER}
> ls -ld /var/opt/nevisidm/<instance_name> | awk '{print $4}'
nvbgroup
${RTGROUP}

batchjob-config-reloader.properties

The parameters SERVER_SSL_TRUSTSTORE and SERVER_SSL_TRUSTSTORE_PASSWORD can be read from the batch job configuration in the file batchjob-config-reloader.properties. The file can be opened at /var/opt/nevisidm/<instance_name>/conf/batchjob-config-reloader.properties directly.

See example below:

SERVER_SSL_TRUSTSTORE=${SERVER_SSL_TRUSTSTORE}
SERVER_SSL_TRUSTSTORE_PASSWORD=${SERVER_SSL_TRUSTSTORE_PASSWORD}

login-config.xml

The parameter NINJA_CERT can be read from the Ninja setup in the file login-config.xml. The file can be opened with the command nevisidm <instance_name> config login or by opening the file /var/opt/nevisidm/<instance_name>/conf/login-config.xml directly.

See example below:

<!-- BEGIN NINJA SETUP -->
<!--
To use nevis security for all applications, replace 'NevisSecTokenDomain' with 'other' and
disable the existing 'other' policy or rename it e.g. to the 'web-console' if you want to
use the existing properties based user registry for this purpose.
NOTE: adnjboss admin command renames 'NevisSecTokenDomain' to 'other' if SERVER_PROFILE=auth_ninja is used.
-->
<application-policy name = "other">
<authentication>
<login-module code="ch.nevis.ninja.jboss.loginmodule.SecTokenLoginModule" flag="required">
<!-- mandatory parameter 'signerCert':
name (and path) of signer certificate (pem or der format).
-->
<module-option name="NevisSignerCertificate">${NINJA_CERT}</module-option>

<!-- optional parameter 'debug':
set to true to turn on verbose logging
(Logger base name: 'ch.nevis.ninja.jboss')
-->
<module-option name="LogDebug">false</module-option>

<!-- Default is StaticRoleGetter(roles="member") which sets a single
role named "member". To use the roles from the token, use
"TokenRoleGetter". To customize the process of finding the roles
for a given user, the LoginModule has its own little plug-in
mechanism: Just Implement the service provider interface
ch.nevis.ninja.commons.mapping.RoleGetter and register the full
class name of your implementation with the RoleGetter option.
Your class must have a constructor taking a HashMap as only
argument. To pass values to your constructor, use name/value pairs.
Example: com.foo.bar.MyRoleGetter(name="value1", name2="value2")
-->
<module-option name="RoleGetters">TokenRoleGetter</module-option>

<!-- This option specifies the User Getter, default is TokenUserGetter
which takes the user from the token. To customize the User Getter,
implement the interface ch.nevis.ninja.commons.mapping.UserGetter.
The constructor takes a single HashMap.
-->
<module-option name="RoleGetters">ch.nevis.ninja.commons.mapping.StaticRoleGetter, ch.nevis.ninja.commons.mapping.TokenRoleGetter</module-option> <!-- PATCH LINE -->
</login-module>
</authentication>
</application-policy>
<!-- END NINJA SETUP -->

Adnwildfly instance creation

A new instance with container type adnwildfly and the desired parameters has to be created with the following command:

nevisidm inst create <new_instance_name> IDM_DEPLOY_TYPE=adnwildfly \
IDM_APPL_URL=<server_url_protocol>://<server_url_server>:<server_url_port>
PORT_RANGE_START=<port_range_start> \
SERVER_SSL_KEYSTORE=<server_ssl_keystore> \
SERVER_SSL_KEYSTORE_PASSWORD=<server_ssl_keystore_password> \
SERVER_SSL_TRUSTSTORE=<server_ssl_truststore> \
SERVER_SSL_TRUSTSTORE_PASSWORD=<server_ssl_truststore-password> \
NINJA_CERT=<ninja_cert> \
RTOWNER=<rtowner> \
RTUSER=<rtgroup>

Adnwildfly configuration check

Standalone.xml

The adnwildfly instance has only one file for server and login configurations, the standalone.xml. The standalone.xml can be opened with the command nevisidm config server. Alternatively, the file can be opened directly at /var/opt/adnwildfly/instances/<new_instance_name>/standalone/configuration/standalone.xml. Below see the excerpts containing the corresponding configurations for https and https.

There are no connector settings in adnwildfly. The connectivity settings are located in security realms and corresponding http/s-listeners/socket-bindings. Additionally, the SecToken login-module is configured in the security subsystem.

HTTPS standalone.xml

<security-realms>
<security-realm name="SslRealm">
<server-identities>
<ssl>
<keystore path="${SERVER_SSL_KEYSTORE}" keystore-password="${SERVER_SSL_KEYSTORE_PASSWORD}"/>
</ssl>
</server-identities>
<authentication>
<truststore path="${SERVER_SSL_TRUSTSTORE}" keystore-password="${SERVER_SSL_TRUSTSTORE_PASSWORD}"/>
</authentication>
</security-realm>
</security-realms>

<profile>
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default" />
<server name="default-server">
`<http-listener name="default-ssl" socket-binding="https" security-realm="SslRealm"/>
<host name="default-host" alias="${SERVER_URL_SERVER}"/>
</server>
<servlet-container name="default">
<jsp-config />
</servlet-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="NevisSecTokenDomain" cache-type="default">
<authentication>
<login-module code="ch.nevis.ninja.jboss.auth.NinjaJbossLoginModuleImpl" flag="required" module="ch.nevis.ninja">
<module-option name="NevisSignerCertificate" value="${NINJA_CERT}"/>
<module-option name="UserGetter" value="AttributeUserGetter(source=loginId)"/>
<module-option name="AdjustIdentity" value="true"/>
<module-option name="LogDebug" value="false"/>
<module-option name="RoleGetters" value="ch.nevis.ninja.commons.mapping.StaticRoleGetter, ch.nevis.ninja.commons.mapping.TokenRoleGetter"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
</profile>

<interfaces>
<interface name="public">
<inet-address value="${SERVER_URL_SERVER}"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="https" port="${SERVER_PORT}" fixed-port="true" />
</socket-binding-group>

HTTP standalone.xml

<profile>
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http" redirect-socket="http"/>
<host name="default-host" alias="${SERVER_URL_SERVER}"/>
</server>
<servlet-container name="default">
<jsp-config/>
</servlet-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="NevisSecTokenDomain" cache-type="default">
<authentication>
<login-module code="ch.nevis.ninja.jboss.auth.NinjaJbossLoginModuleImpl" flag="required" module="ch.nevis.ninja">
<module-option name="NevisSignerCertificate" value="${NINJA_CERT}"/>
<module-option name="UserGetter" value="AttributeUserGetter(source=loginId)"/>
<module-option name="AdjustIdentity" value="true"/>
<module-option name="LogDebug" value="false"/>
<module-option name="RoleGetters" value="ch.nevis.ninja.commons.mapping.StaticRoleGetter, ch.nevis.ninja.commons.mapping.TokenRoleGetter"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
</profile>

<interfaces>
<interface name="public">
<inet-address value="${SERVER_URL_SERVER}"/>
</interface>
</interfaces>

<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="http" port="${SERVER_PORT}" fixed-port="true"/>
</socket-binding-group>

The parameter PORT_RANGE_START is added to the file vmargs.conf. The vmargs.conf can be opened with the command nevisidm config vmargs. Alternatively, the file can be opened directly at /var/opt/nevisidm/<new_instance_name>/conf/vmargs.conf.

vmargs.conf

-Djboss.socket.binding.port-offset=${PORT_RANGE_START}

Instance configuration migration

Copy configurations

The following configuration files can be copied from the adnjboss instance directly to the adnwildfly instance.

cp -f /var/opt/nevisidm/<instance_name>/conf/attrAccess.properties /var/opt/nevisidm/<new_instance_name>/conf/attrAccess.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/authorizationConfig.properties /var/opt/nevisidm/<new_instance_name>/conf/authorizationConfig.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/batchjob-config-reloader.properties /var/opt/nevisidm/<new_instance_name>/conf/batchjob-config-reloader.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/dataSource.xml /var/opt/nevisidm/<new_instance_name>/conf/dataSource.xml
cp -f /var/opt/nevisidm/<instance_name>/conf/rolesAssignment.properties /var/opt/nevisidm/<new_instance_name>/conf/rolesAssignment.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/rolesMapping.properties /var/opt/nevisidm/<new_instance_name>/conf/rolesMapping.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/roles.properties /var/opt/nevisidm/<new_instance_name>/conf/roles.properties
cp -f /var/opt/nevisidm/<instance_name>/conf/tlds-alpha-by-domain.txt /var/opt/nevisidm/<new_instance_name>/conf/tlds-alpha-by-domain.txt
cp -f /var/opt/nevisidm/<instance_name>/conf/transactionAOP.xml /var/opt/nevisidm/<new_instance_name>/conf/transactionAOP.xml

Migrate configurations

The following files of the adnjboss instance contain instance name-specific path configurations and hence cannot be copied. I.e., every custom configuration different from the default value shall be manually migrated and adjusted/set in the corresponding new generated files of the adnwildfly instance. It is recommended to use a diff tool like Meld (http://meldmerge.org/) to compare the two versions.

/var/opt/nevisidm/<instance_name>/conf/nevisidm-prod.properties to /var/opt/nevisidm/<new_instance_name>/conf/nevisidm-prod.properties
/var/opt/nevisidm/<instance_name>/conf/vmargs.conf to /var/opt/nevisidm/<new_instance_name>/conf/vmargs.conf

Special configurations

Client certificate authentication

If two-way TLS client certificate authentication is used in the current adnjboss instance, an additional connector and login module must be migrated to the new adnwildfly instance.

Client certificate parameters

In a first step all the required parameters of the current adnjboss instance shall be gathered. If all the required parameters are known, the next step should be skipped and it can be continued directly with Client certificate configuration.

It may be that these parameters, except of the CC_SERVER_URL_PORT, have the same values as the parameters of the server parameter table in Server parameters.

ParameterDefaultDescription
CC_SERVER_URL_SERVERlocalhostThe server host name used for client certificate authentication
CC_SERVER_URL_PORT8443The server port used for client certificate authentication
CC_SERVER_SSL_KEYSTORE/var/opt/neviskeybox/
default/default/node_keystore.jks
Keystore used to identify the server for client certificate authentication
CC_SERVER_SSL_KEYSTORE_PASSWORDPassphrase to access the server keystore used for client certificate authentication
CC_SERVER_SSL_TRUSTSTORE/var/opt/neviskeybox/
default/default/truststore.jks
Truststore used to validate client certificates for client certificate authentication
CC_SERVER_SSL_TRUSTSTORE_PASSWORDPassphrase to access the server truststore for client certificate authentication (usually not required, because truststore read for public certificates does not require protection)

Parameter retrieval

The client certificate parameters can be retrieved from the corresponding http/s connector element in the file server.xml. The file can be opened with the command nevisidm <instance_name> config server or by opening the file /var/opt/nevisidm/<instance_name>/deploy/jbossweb.sar/server.xml directly. Below see excerpt containing the configurations:

HTTPS connector client certificate authentication server.xml

<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="${CC_SERVER_URL_PORT}" address="${CC_SERVER_URL_SERVER}"
scheme="https" secure="true" clientAuth="true"
keystoreFile="${CC_SERVER_SSL_KEYSTORE}"
keystorePass="${CC_SERVER_SSL_KEYSTORE_PASSWORD}"
truststoreFile="${CC_SERVER_SSL_TRUSTSTORE}"
truststorePass="${CC_SERVER_SSL_TRUSTSTORE_PASSWORD}"
sslProtocol = "TLS" />

Client certificate configuration

For client certificate authentication a new security-realm, https-listener, socket-binding and a new login-module should be added to the existing elements in the standalone.xml. The standalone.xml can be opened with the command nevisidm config server. Alternatively, the file can be opened directly at /var/opt/adnwildfly/instances/<new_instance_name>/standalone/configuration/standalone.xml. Below see the excerpts containing the corresponding configurations, which should be added.

Client certificate authentication standalone.xml

<security-realms>
<security-realm name="CcSslRealm">
<server-identities>
<ssl>
<keystore path="${CC_SERVER_SSL_KEYSTORE}" keystore-password="${CC_SERVER_SSL_KEYSTORE_PASSWORD}"/>
</ssl>
</server-identities>
<authentication>
<truststore path="${CC_SERVER_SSL_TRUSTSTORE}" keystore-password="${CC_SERVER_SSL_TRUSTSTORE_PASSWORD}"/>
</authentication>
</security-realm>
</security-realms>

<profile>
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default" />
<server name="default-server">
`<http-listener name="cc-ssl" socket-binding="cc-https" security-realm="CcSslRealm" verify-client="required"/>
<host name="default-host" alias="${CC_SERVER_URL_SERVER}"/>
</server>
<servlet-container name="default">
<jsp-config />
</servlet-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:security:1.2">
<security-domains>
<security-domain name="NevisIDMClientCertDomain" cache-type="default">
<authentication>
<login-module code="ch.adnovum.nevisidm.jaas.CertLoginModule" flag="required" module="ch.nevis.ninja">
<!-- <module-option name="Debug">true</module-option> -->
</login-module>
</authentication>
</security-domain>
</security-domains>
</subsystem>
</profile>

<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="cc-https" port="${CC_SERVER_URL_PORT}" fixed-port="true"/>
</socket-binding-group>

If not yet migrated in Migrate Configurations, the following two configurations should be added to the file vmargs.conf. The vmargs.conf can be opened with the command nevisidm config vmargs. Alternatively, the file can be opened directly at /var/opt/nevisidm/<new_instance_name>/conf/vmargs.conf.

Client certificate authentication vmargs.conf

-Dch.adnovum.nevisidm.web.servlets.ForwardServlet.Enabled=true
-Dch.adnovum.nevisidm.web.servlets.ForwardServlet.ForwardPath=/services/

JMS

The JBoss Messaging (which is used in adnjboss) is no longer included in adnwildfly. The JMS server configuration in adnwildfly is done through the messaging-activemq subsystem. (see: https://docs.jboss.org/author/display/WFLY10/Messaging%20configuration.html).

In adnwildfly, the JMS doesn’t need a dedicated database at all but only configuration of a new subsystem for activemqin the standalone.xml. The standalone.xml can be opened with the commands nevisidm config serveror nevisidm config login. Alternatively, the file can be opened directly at /var/opt/adnwildfly/instances/<new_instance_name>/standalone/configuration/standalone.xml. Below see the excerpts containing the corresponding JMS configurations for https and https.

JMS HTTPS standalone.xml

<profile>
<subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0">
<server name="default">
<security-setting name="#">
<role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>
</security-setting>
<address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10"/>
<http-connector name="http-connector" socket-binding="https" endpoint="http-acceptor">
<param name="ssl-enabled" value="true" />
</http-connector>
<http-connector name="http-connector-throughput" socket-binding="https" endpoint="http-acceptor-throughput">
<param name="ssl-enabled" value="true" />
<param name="batch-delay" value="50"/>
</http-connector>
<in-vm-connector name="in-vm" server-id="0"/>
<http-acceptor name="http-acceptor" http-listener="default"/>
<http-acceptor name="http-acceptor-throughput" http-listener="default">
<param name="batch-delay" value="50"/>
<param name="direct-deliver" value="false"/>
</http-acceptor>
<in-vm-acceptor name="in-vm" server-id="0"/>
<jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>
<jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>
<jms-queue name="java:jboss/exported/jms/queue/Provisioning" entries="java:jboss/exported/jms/queue/Provisioning"/>
<connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
<connection-factory name="RemoteConnectionFactory" connectors="http-connector" entries="java:jboss/exported/jms/RemoteConnectionFactory"/>
<pooled-connection-factory name="activemq-ra" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm" transaction="xa"/>
</server>
</subsystem>
</profile>

JMS HTTP standalone.xml

<profile>
<subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0">
<server name="default">
<security-setting name="#">
<role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/>
</security-setting>
<address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10"/>
<http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/>
<http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput">
<param name="batch-delay" value="50"/>
</http-connector>
<in-vm-connector name="in-vm" server-id="0"/>
<http-acceptor name="http-acceptor" http-listener="default"/>
<http-acceptor name="http-acceptor-throughput" http-listener="default">
<param name="batch-delay" value="50"/>
<param name="direct-deliver" value="false"/>
</http-acceptor>
<in-vm-acceptor name="in-vm" server-id="0"/>
<jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/>
<jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/>
<jms-queue name="java:jboss/exported/jms/queue/Provisioning" entries="java:jboss/exported/jms/queue/Provisioning"/>
<connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/>
<connection-factory name="RemoteConnectionFactory" connectors="http-connector" entries="java:jboss/exported/jms/RemoteConnectionFactory"/>
<pooled-connection-factory name="activemq-ra" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm" transaction="xa"/>
</server>
</subsystem>
</profile>

Adnwildfly instance start

After the migration is completed, the new adnwildfly instance can be started with the following command:

nevisidm <new_instance_name> start

Adnjboss instance removal

After the new adnwildfly instance is successfully migrated, the old adnjboss instance can be removed with the following command:

nevisidm inst remove <instance_name>