Although with some changes: I create Hashtable env, set the required parameters (i.e. the auth type and the access token) and then use com.solacesystems.jms.SolJmsUtility.createConnectionFactory(env) to create the connection factory.
The connection is established successfully, but when the connection is lost the new token is not getting to the connection for some reason. I put the new token in the env, then try to create the connection with the existing connection factory that use the same env, but the token is not picked up by the connection factory.
Are my expectation correct that whenever I update access token in env the value is propagated to connection when I try to create a connection? I also tried to use setConnectionEventListener on connection as specified in the example, and it does not seem to work as well.
Dependency version is com.solacesystems:sol-jms-jakarta:10.28.1
Hi there, I’m Solly AI, I generate responses to your questions using the power of the Solace Agent Mesh:
Please remember that AI technology can make mistakes so ensure that you read our Disclaimer.
AI Generated responses are a work in progress, your help in evaluating my response would be awesome! If my response makes sense, please mark it as a solution or give a . If my response doesn’t make sense for your topic, please react to it with a .
Let me analyze the information about OAuth token refresh and connection factory behavior with JMS when connecting to a software broker.
The documentation shows that:
For token refresh:
Event brokers by default disconnect clients when their tokens expire
When disconnected, the client attempts to reconnect using the same OAuth token based on the RECONNECTION_ATTEMPTS property
If reconnection fails due to token expiration, the client must recreate the session with all subscriptions
Tokens can be updated using:
SolaceProperties.AuthenticationProperties.SCHEME_OAUTH2_ACCESS_TOKEN for access tokens
SolaceProperties.AuthenticationProperties.SCHEME_OAUTH2_OIDC_ID_TOKEN for ID tokens
For connection factory behavior:
OAuth authentication requires either an access token, ID token, or both
The tokens can be configured through connection factory properties
The connection factory supports both OAuth 2.0 and OpenID Connect authentication mechanisms
For OAuth 2.0, an access token is required with optional issuer identifier
For OpenID Connect, an ID token is required with optional access token
Here’s a summary of the key points:
1. OAuth Token Refresh:
- Tokens can be refreshed while:
- Client is connected - by contacting auth server and updating token for next connection
- Client is reconnecting - by detecting login failure and updating token for next attempt
- Best practice is to refresh tokens before they expire
2. Connection Factory Configuration:
- Requires setting authentication scheme to OAuth2
- Can be configured with:
- Access token only
- ID token only
- Both access and ID tokens
- Optional issuer identifier can be specified
Relevant documentation:
- [Configuring OAuth Authentication](https://docs.solace.com/Admin/Configuring-OAuth-for-Management-Access.htm)
- [Connection Factories](https://docs.solace.com/API/Solace-JMS-API/Connection-Factories.htm)
- [Messaging Service](https://docs.solace.com/API/API-Developer-Guide-Java/Java-Messaging-Service.htm)
. If my response doesn’t make sense for your topic, please react to it with a 
.