commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Myrvold <christ...@myrvold.info>
Subject [HttpClient] Https performance and reverse lookup
Date Thu, 04 Mar 2004 07:48:18 GMT
Greetings,

I am currently developing av http/https proxy app and are using the 
HttpClient to help me. My problem is that the performance is 
significally slower through my proxy than when I go direct.

The webservers I am trying to reach is usually on private networks (i.e. 
192.168.1.x) and over a dialup/PPP connection. This means that I have no 
dns-records for the servers and the HttpClient seems to be suffering 
from this when I use https. Cause when I add records in my DNS server 
for the webservers, I get a good performance gain. I asume this is 
because of reverse DNS lookup. So my question is how do I turn of 
reverse lookup for my app? Is it in HttpClient or in the SSL library? 
I've used the SSLSocketFactory that I found on this site. Please look below.

Also I would like to know if there are any good tips to ensure good 
performance with the HttpClient in general?

Help is greatly appreciated!

Best Regards,
Christian Myrvold


*************************
/*
 * ProxySSLSocketFactory.java
 *
 * Created on 3. mars 2004, 14:36
 */

package no.mitec.sacs.application.proxy;

/**
 *
 * @author  cm
 */
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

public class ProxySSLSocketFactory implements SecureProtocolSocketFactory
{
     private static class TM implements X509TrustManager
     {
         public X509Certificate[] getAcceptedIssuers()
         {
             return new X509Certificate[0];
         }

         public void checkClientTrusted(X509Certificate[] arg0, String 
arg1) throws CertificateException
         {
         }

         public void checkServerTrusted(X509Certificate[] arg0, String 
arg1) throws CertificateException
         {
         }
     }

     private static SSLSocketFactory getSocketFactory()
     {
         try
         {
             SSLContext context = SSLContext.getInstance("SSL");
             context.init(null, new TrustManager[] {new TM()}, null);
             return context.getSocketFactory();
         }
         catch (Exception e)
         {
             throw new RuntimeException(e);
         }
     }

     public Socket createSocket(String host, int port, InetAddress 
clientHost,
         int clientPort) throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(host, port, clientHost, 
clientPort);
     }

     public Socket createSocket(String host, int port)
         throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(host, port);
     }

     public Socket createSocket(Socket socket, String host, int port,
         boolean autoClose) throws IOException, UnknownHostException
     {
         return getSocketFactory().createSocket(socket, host, port, 
autoClose);
     }
}
*************************

 


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-user-help@jakarta.apache.org


Mime
View raw message